|
|
/*
CSPTestSuite.c
4/23/00 dangriff created
---Introduction---
This is the framework code for the Cryptographic Service Provider Test Suite. External CSP types (such as PROV_RSA_SIG, defined in wincrypt.h) are internally assigned both a CSP_TYPE and a CLASS value (defined below). This combination of values determines which test cases and algorithms will be used to exercise a given CSP.
---Sample Test Execution---
For a sample PROV_RSA_FULL CSP called "MyCSP", the test suite would be run with the following options: csptestsuite -n MyCSP -t 1
The flow of the test in this example would be:
* Lookup the test suite mappings for PROV_RSA_FULL. They are CSP_TYPE_RSA and CLASS_SIG_ONLY | CLASS_SIG_KEYX | CLASS_FULL. * Begin running all tests for CLASS_SIG_ONLY * Begin running all TEST_LEVEL_CSP tests for this class. For example, this test level consists of the API's CryptAcquireContext (partial; some CryptAcquireContext tests are TEST_LEVEL_CONTAINER), CryptGetProvParam, CryptSetProvParam, and CryptReleaseContext. Note that some TEST_LEVEL test case sets may be empty for a given class. * Begin running all TEST_LEVEL_PROV tests for this class * Begin running all TEST_LEVEL_HASH tests for this class * Begin running all TEST_LEVEL_KEY tests for this class * Begin running all TEST_LEVEL_CONTAINER tests for this class * Begin running all tests for CLASS_SIG_KEYX * Begin running all TEST_LEVEL_CSP tests for this class. Note that each TEST_LEVEL set of test cases for a given CLASS is unique. No individual test case will be run twice. * Similarly for TEST_LEVEL_PROV, TEST_LEVEL_HASH, TEST_LEVEL_KEY, and TEST_LEVEL_CONTAINER.
* Begin running all tests for CLASS_FULL * As above for TEST_LEVEL_CSP, TEST_LEVEL_PROV, TEST_LEVEL_HASH, TEST_LEVEL_KEY, and TEST_LEVEL_CONTAINER. * End. Report the test results.
---Supported CSP Types---
PROV_RSA_SIG PROV_RSA_FULL
*/
#include <windows.h>
#include <wincrypt.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include "csptestsuite.h"
#include "logging.h"
#include "interop.h"
#include "utils.h"
//
// Function: Usage
// Purpose: Display list of command line options to console
//
void Usage(){ WCHAR rgwsz [BUFFER_SIZE];
wprintf( L"Usage: %s -c <CSP> [ -t <Test> ] [ -i <Interop CSP> ]\n", TEST_APP_NAME); wprintf(L"\n<Test> options:\n"); TestCaseTypeToString(TEST_CASES_POSITIVE, rgwsz); wprintf( L" %d: %s (default)\n", TEST_CASES_POSITIVE, rgwsz);
TestCaseTypeToString(TEST_CASES_NEGATIVE, rgwsz); wprintf( L" %d: %s\n", TEST_CASES_NEGATIVE, rgwsz);
TestCaseTypeToString(TEST_CASES_SCENARIO, rgwsz); wprintf( L" %d: %s\n", TEST_CASES_SCENARIO, rgwsz);
TestCaseTypeToString(TEST_CASES_INTEROP, rgwsz); wprintf( L" %d: %s\n", TEST_CASES_INTEROP, rgwsz);
wprintf(L"\nLog file is %s in the current directory.\n", LOGFILE);}
//
// Function: IsVersionCorrect
//
//
BOOL IsVersionCorrect( IN DWORD dwMajorVersion, IN DWORD dwMinorVersion, IN DWORD dwServicePackMajor, IN DWORD dwServicePackMinor){ DWORDLONG dwlConditionMask = 0; OSVERSIONINFOEX OsviEx; memset(&OsviEx, 0, sizeof(OsviEx)); OsviEx.dwOSVersionInfoSize = sizeof(OsviEx); OsviEx.dwMajorVersion = dwMajorVersion; OsviEx.dwMinorVersion = dwMinorVersion; OsviEx.wServicePackMajor = (WORD) dwServicePackMajor; OsviEx.wServicePackMinor = (WORD) dwServicePackMinor; //
// We want to check that the system has a less than
// or equal Rev to the caller parameters.
//
dwlConditionMask = VerSetConditionMask(0, VER_MAJORVERSION, VER_LESS_EQUAL); dwlConditionMask = VerSetConditionMask(dwlConditionMask, VER_MINORVERSION, VER_LESS_EQUAL); dwlConditionMask = VerSetConditionMask(dwlConditionMask, VER_SERVICEPACKMAJOR, VER_LESS_EQUAL); dwlConditionMask = VerSetConditionMask(dwlConditionMask, VER_SERVICEPACKMINOR, VER_LESS_EQUAL); return VerifyVersionInfo( &OsviEx, VER_MAJORVERSION | VER_MINORVERSION | VER_SERVICEPACKMAJOR | VER_SERVICEPACKMINOR, dwlConditionMask);}
//
// Function: GetNextRegisteredCSP
//
DWORD GetNextRegisteredCSP( OUT LPWSTR pwszCsp, IN OUT PDWORD pcbCsp, OUT PDWORD pdwProvType, IN DWORD dwRequestedIndex){ static DWORD dwNextEnumIndex = 0; DWORD dwActualIndex = 0; DWORD dwError = 0; dwActualIndex = (ENUMERATE_REGISTERED_CSP == dwRequestedIndex) ? dwNextEnumIndex : dwRequestedIndex; if (! CryptEnumProviders( dwActualIndex, NULL, 0, pdwProvType, pwszCsp, pcbCsp)) { dwError = GetLastError(); switch (dwError) { case ERROR_NO_MORE_ITEMS: dwNextEnumIndex = 0; break; } } else { if (ENUMERATE_REGISTERED_CSP == dwRequestedIndex) { dwNextEnumIndex++; } }
return dwError;}
//
// -----------------
// Utility functions
// -----------------
//
//
// Function: IsRequiredAlg
//
BOOL IsRequiredAlg( IN ALG_ID ai, IN DWORD dwInternalProvType){ DWORD cItems = 0; PALGID_TABLE pTable = NULL;
switch (dwInternalProvType) { case CSP_TYPE_RSA: { cItems = sizeof(g_RequiredAlgs_RSA) / sizeof(ALGID_TABLE); pTable = g_RequiredAlgs_RSA;
break; }
case CSP_TYPE_AES: { cItems = sizeof(g_RequiredAlgs_AES) / sizeof(ALGID_TABLE); pTable = g_RequiredAlgs_AES;
break; }
default: { return FALSE; } }
while (cItems > 0) { if (ai == pTable[cItems - 1].ai) { return TRUE; } else { cItems--; } }
return FALSE;}
//
// Function: IsKnownAlg
//
BOOL IsKnownAlg(ALG_ID ai, DWORD dwInternalProvType){ DWORD cItems = 0; PALGID_TABLE pTable = NULL;
switch (dwInternalProvType) { case CSP_TYPE_RSA: { cItems = sizeof(g_OtherKnownAlgs_RSA) / sizeof(ALGID_TABLE); pTable = g_OtherKnownAlgs_RSA;
break; }
case CSP_TYPE_AES: { cItems = sizeof(g_OtherKnownAlgs_AES) / sizeof(ALGID_TABLE); pTable = g_OtherKnownAlgs_AES;
break; }
default: { return FALSE; } }
while (cItems > 0) { if (ai == pTable[cItems - 1].ai) { return TRUE; } else { cItems--; } }
return FALSE;}
//
// -------------------
// Crypto API wrappers
// -------------------
//
//
// Function: TAcquire
// Purpose: Call CryptAcquireContext with the supplied parameters and pass
// the result to the logging routine.
//
BOOL TAcquire( HCRYPTPROV *phProv, LPWSTR pszContainer, LPWSTR pszProvider, DWORD dwProvType, DWORD dwFlags, PTESTCASE ptc){ BOOL fApiSuccessful = FALSE; //BOOL fUnexpected = TRUE;
BOOL fContinue = FALSE; DWORD cbData = sizeof(HCRYPTPROV); API_PARAM_INFO ParamInfo [] = { { L"phProv", Pointer, 0, NULL, TRUE, &cbData, NULL }, { L"pszContainer", String, 0, NULL, FALSE, NULL, NULL }, { L"pszProvider", String, 0, NULL, FALSE, NULL, NULL }, { L"dwProvType", Dword, dwProvType, NULL, FALSE, NULL, NULL }, { L"dwFlags", Dword, dwFlags, AcquireContextFlagToString, FALSE, NULL, NULL } };
ParamInfo[0].pbParam = (PBYTE) phProv; ParamInfo[1].pwszParam = pszContainer; ParamInfo[2].pwszParam = pszProvider; if (NULL == phProv) { fApiSuccessful = CryptAcquireContext( NULL, pszContainer, pszProvider, dwProvType, dwFlags); } else { fApiSuccessful = CryptAcquireContext( phProv, pszContainer, pszProvider, dwProvType, dwFlags); }
fContinue = CheckAndLogStatus( API_CRYPTACQUIRECONTEXT, fApiSuccessful, ptc, ParamInfo, APIPARAMINFO_SIZE(ParamInfo));
return fContinue;}
//
// Function: TGetProv
// Purpose: Call CryptGetProvParam with the supplied parameters and pass
// the result to the logging routine.
//
BOOL TGetProv( HCRYPTPROV hProv, DWORD dwParam, BYTE *pbData, DWORD *pdwDataLen, DWORD dwFlags, PTESTCASE ptc){ BOOL fApiSuccessful = FALSE; //BOOL fUnexpected = TRUE;
BOOL fContinue = FALSE; DWORD cbData = sizeof(DWORD); API_PARAM_INFO ParamInfo [] = { { L"hProv", Handle, 0, NULL, FALSE, NULL, NULL }, { L"dwParam", Dword, dwParam, GetProvParamToString, FALSE, NULL, NULL }, { L"pbData", Pointer, 0, NULL, TRUE, pdwDataLen, NULL }, { L"pdwDataLen", Pointer, 0, NULL, TRUE, &cbData, NULL }, { L"dwFlags", Dword, dwFlags, NULL, FALSE, NULL, NULL } };
ParamInfo[0].pulParam = hProv; ParamInfo[2].pbParam = pbData; ParamInfo[3].pbParam = (PBYTE) pdwDataLen;
switch (dwParam) { case PP_ENUMALGS: case PP_ENUMALGS_EX: case PP_ENUMCONTAINERS: { ParamInfo[4].pfnFlagToString = ProvParamEnumFlagToString; break; } case PP_KEYSET_SEC_DESCR: { ParamInfo[4].pfnFlagToString = ProvParamSecDescrFlagToString; break; } case PP_IMPTYPE: { ParamInfo[4].pfnFlagToString = ProvParamImpTypeToString; break; } }
if (! ptc->fEnumerating) { if (! LogInitParamInfo( ParamInfo, APIPARAMINFO_SIZE(ParamInfo), ptc)) { return FALSE; } }
fApiSuccessful = CryptGetProvParam(hProv, dwParam, pbData, pdwDataLen, dwFlags); if (ptc->fEnumerating) { return fApiSuccessful; } fContinue = CheckAndLogStatus( API_CRYPTGETPROVPARAM, fApiSuccessful, ptc, ParamInfo, APIPARAMINFO_SIZE(ParamInfo));
LogCleanupParamInfo(ParamInfo, APIPARAMINFO_SIZE(ParamInfo));
return fContinue;}
//
// Function: TSetProv
// Purpose: Call CryptSetProvParam with the supplied parameters and pass
// the result to the logging routine.
//
BOOL TSetProv( HCRYPTPROV hProv, DWORD dwParam, BYTE *pbData, DWORD dwFlags, PTESTCASE ptc){ BOOL fApiSuccessful = FALSE; //BOOL fUnexpected = TRUE;
BOOL fContinue = FALSE; API_PARAM_INFO ParamInfo [] = { { L"hProv", Handle, 0, NULL, FALSE, NULL, NULL }, { L"dwParam", Dword, dwParam, SetProvParamToString, FALSE, NULL, NULL }, { L"pbData", Pointer, 0, NULL, FALSE, NULL, NULL }, { L"dwFlags", Dword, dwFlags, NULL, FALSE, NULL, NULL } };
ParamInfo[0].pulParam = hProv; ParamInfo[2].pbParam = pbData;
switch (dwParam) { case PP_KEYSET_SEC_DESCR: { ParamInfo[3].pfnFlagToString = ProvParamSecDescrFlagToString; break; } case PP_IMPTYPE: { ParamInfo[3].pfnFlagToString = ProvParamImpTypeToString; break; } } fApiSuccessful = CryptSetProvParam(hProv, dwParam, pbData, dwFlags); fContinue = CheckAndLogStatus( API_CRYPTSETPROVPARAM, fApiSuccessful, ptc, ParamInfo, APIPARAMINFO_SIZE(ParamInfo));
return fContinue;}
//
// Function: TRelease
// Purpose: Call CryptReleaseContext with the supplied parameters and pass
// the result to the logging routine.
//
BOOL TRelease( HCRYPTPROV hProv, DWORD dwFlags, PTESTCASE ptc){ BOOL fApiSuccessful = FALSE; //BOOL fUnexpected = TRUE;
BOOL fContinue = FALSE; BOOL fSavedExpectSuccess = ptc->fExpectSuccess; API_PARAM_INFO ParamInfo [] = { { L"hProv", Handle, 0, NULL, FALSE, NULL, NULL }, { L"dwFlags", Dword, dwFlags, NULL, FALSE, NULL, NULL } }; ParamInfo[0].pulParam = hProv;
if (! ptc->fTestingReleaseContext) { ptc->fExpectSuccess = TRUE; } fApiSuccessful = CryptReleaseContext(hProv, dwFlags);
fContinue = CheckAndLogStatus( API_CRYPTRELEASECONTEXT, fApiSuccessful, ptc, ParamInfo, APIPARAMINFO_SIZE(ParamInfo)); ptc->fExpectSuccess = fSavedExpectSuccess; return fContinue;}
//
// Function: TGenRand
// Purpose: Call CryptGenRandom with the supplied parameters and pass
// the result to the logging routine.
//
BOOL TGenRand( HCRYPTPROV hProv, DWORD dwLen, BYTE *pbBuffer, PTESTCASE ptc){ BOOL fApiSuccessful = FALSE; //BOOL fUnexpected = TRUE;
BOOL fContinue = FALSE; API_PARAM_INFO ParamInfo [] = { { L"hProv", Handle, 0, NULL, FALSE, NULL, NULL }, { L"dwLen", Dword, dwLen, NULL, FALSE, NULL, NULL }, { L"pbBuffer", Pointer, 0, NULL, FALSE, NULL, NULL } };
ParamInfo[0].pulParam = hProv; ParamInfo[2].pbParam = pbBuffer; fApiSuccessful = CryptGenRandom(hProv, dwLen, pbBuffer);
fContinue = CheckAndLogStatus( API_CRYPTGENRANDOM, fApiSuccessful, ptc, ParamInfo, APIPARAMINFO_SIZE(ParamInfo));
return fContinue;}
//
// Function: TCreateHash
// Purpose: Call CryptCreateHash with the supplied parameters and pass
// the result to the logging routine.
//
BOOL TCreateHash( HCRYPTPROV hProv, ALG_ID Algid, HCRYPTKEY hKey, DWORD dwFlags, HCRYPTHASH *phHash, PTESTCASE ptc){ BOOL fApiSuccessful = FALSE; //BOOL fUnexpected = TRUE;
BOOL fContinue = FALSE; DWORD cbData = sizeof(HCRYPTHASH); API_PARAM_INFO ParamInfo [] = { { L"hProv", Handle, 0, NULL, FALSE, NULL, NULL }, { L"Algid", Dword, Algid, AlgidToString, FALSE, NULL, NULL }, { L"hKey", Handle, 0, NULL, FALSE, NULL, NULL }, { L"dwFlags", Dword, dwFlags, NULL, FALSE, NULL, NULL }, { L"phHash", Pointer, 0, NULL, TRUE, &cbData, NULL } };
ParamInfo[0].pulParam = hProv; ParamInfo[2].pulParam = hKey; ParamInfo[4].pbParam = (PBYTE) phHash; fApiSuccessful = CryptCreateHash(hProv, Algid, hKey, dwFlags, phHash); fContinue = CheckAndLogStatus( API_CRYPTCREATEHASH, fApiSuccessful, ptc, ParamInfo, APIPARAMINFO_SIZE(ParamInfo));
return fContinue;}
//
// Function: TDestroyHash
// Purpose: Call CryptDestroyHash with the supplied parameters and pass
// the result to the logging routine.
//
BOOL TDestroyHash( HCRYPTHASH hHash, PTESTCASE ptc){ BOOL fApiSuccessful = FALSE; //BOOL fUnexpected = TRUE;
BOOL fContinue = FALSE; BOOL fSavedExpectSuccess = ptc->fExpectSuccess; API_PARAM_INFO ParamInfo [] = { { L"hHash", Handle, 0, NULL, FALSE, NULL, NULL } }; ParamInfo[0].pulParam = hHash;
if (! ptc->fTestingDestroyHash) { ptc->fExpectSuccess = TRUE; } fApiSuccessful = CryptDestroyHash(hHash); fContinue = CheckAndLogStatus( API_CRYPTDESTROYHASH, fApiSuccessful, ptc, ParamInfo, APIPARAMINFO_SIZE(ParamInfo));
ptc->fExpectSuccess = fSavedExpectSuccess; return fContinue;}
//
// Function: TDuplicateHash
// Purpose: Call CryptDuplicateHash with the supplied parameters and pass
// the result to the logging routine.
//
BOOL TDuplicateHash( HCRYPTHASH hHash, DWORD *pdwReserved, DWORD dwFlags, HCRYPTHASH *phHash, PTESTCASE ptc){ BOOL fApiSuccessful = FALSE; //BOOL fUnexpected = TRUE;
BOOL fContinue = FALSE; API_PARAM_INFO ParamInfo [] = { { L"hHash", Handle, 0, NULL, FALSE, NULL, NULL }, { L"pdwReserved", Pointer, 0, NULL, FALSE, NULL, NULL }, { L"dwFlags", Dword, dwFlags, NULL, FALSE, NULL, NULL }, { L"phHash", Pointer, 0, NULL, FALSE, NULL, NULL } };
ParamInfo[0].pulParam = hHash; ParamInfo[1].pbParam = (PBYTE) pdwReserved; ParamInfo[3].pbParam = (PBYTE) phHash; fApiSuccessful = CryptDuplicateHash(hHash, pdwReserved, dwFlags, phHash); fContinue = CheckAndLogStatus( API_CRYPTDUPLICATEHASH, fApiSuccessful, ptc, ParamInfo, APIPARAMINFO_SIZE(ParamInfo)); return fContinue;}
//
// Function: TGetHash
// Purpose: Call CryptGetHashParam with the supplied parameters and pass
// the result to the logging routine.
//
BOOL TGetHash( HCRYPTHASH hHash, DWORD dwParam, BYTE *pbData, DWORD *pdwDataLen, DWORD dwFlags, PTESTCASE ptc){ BOOL fApiSuccessful = FALSE; //BOOL fUnexpected = TRUE;
BOOL fContinue = FALSE; DWORD cbData = sizeof(DWORD); API_PARAM_INFO ParamInfo [] = { { L"hHash", Handle, 0, NULL, FALSE, NULL, NULL }, { L"dwParam", Dword, dwParam, HashParamToString, FALSE, NULL, NULL }, { L"pbData", Pointer, 0, NULL, TRUE, pdwDataLen, NULL }, { L"pdwDataLen", Pointer, 0, NULL, TRUE, &cbData, NULL }, { L"dwFlags", Dword, dwFlags, NULL, FALSE, NULL, NULL } };
ParamInfo[0].pulParam = hHash; ParamInfo[2].pbParam = pbData; ParamInfo[3].pbParam = (PBYTE) pdwDataLen; if (! LogInitParamInfo( ParamInfo, APIPARAMINFO_SIZE(ParamInfo), ptc)) { return FALSE; }
fApiSuccessful = CryptGetHashParam(hHash, dwParam, pbData, pdwDataLen, dwFlags); fContinue = CheckAndLogStatus( API_CRYPTGETHASHPARAM, fApiSuccessful, ptc, ParamInfo, APIPARAMINFO_SIZE(ParamInfo));
LogCleanupParamInfo( ParamInfo, APIPARAMINFO_SIZE(ParamInfo));
return fContinue;}
//
// Function: THashData
// Purpose: Call CryptHashData with the supplied parameters and pass
// the result to the logging routine.
//
BOOL THashData( HCRYPTHASH hHash, BYTE *pbData, DWORD dwDataLen, DWORD dwFlags, PTESTCASE ptc){ BOOL fApiSuccessful = FALSE; //BOOL fUnexpected = TRUE;
BOOL fContinue = FALSE; API_PARAM_INFO ParamInfo [] = { { L"hHash", Handle, 0, NULL, FALSE, NULL, NULL }, { L"pbData", Pointer, 0, NULL, TRUE, &dwDataLen, NULL }, { L"dwDataLen", Dword, dwDataLen, NULL, FALSE, NULL, NULL }, { L"dwFlags", Dword, dwFlags, HashDataFlagToString, FALSE, NULL, NULL } }; ParamInfo[0].pulParam = hHash; ParamInfo[1].pbParam = pbData;
if (! LogInitParamInfo( ParamInfo, APIPARAMINFO_SIZE(ParamInfo), ptc)) { return FALSE; }
fApiSuccessful = CryptHashData(hHash, pbData, dwDataLen, dwFlags);
fContinue = CheckAndLogStatus( API_CRYPTHASHDATA, fApiSuccessful, ptc, ParamInfo, APIPARAMINFO_SIZE(ParamInfo));
LogCleanupParamInfo( ParamInfo, APIPARAMINFO_SIZE(ParamInfo)); return fContinue;}
//
// Function: TSetHash
// Purpose: Call CryptSetHashParam with the supplied parameters and pass
// the result to the logging routine.
//
BOOL TSetHash( HCRYPTHASH hHash, DWORD dwParam, BYTE *pbData, DWORD dwFlags, PTESTCASE ptc){ BOOL fApiSuccessful = FALSE; //BOOL fUnexpected = TRUE;
BOOL fContinue = FALSE; API_PARAM_INFO ParamInfo [] = { { L"hHash", Handle, 0, NULL, FALSE, NULL, NULL }, { L"dwParam", Dword, dwParam, HashParamToString, FALSE, NULL, NULL }, { L"pbData", Pointer, 0, NULL, FALSE, NULL, NULL }, { L"dwFlags", Dword, dwFlags, NULL, FALSE, NULL, NULL } }; ParamInfo[0].pulParam = hHash; ParamInfo[2].pbParam = pbData;
fApiSuccessful = CryptSetHashParam(hHash, dwParam, pbData, dwFlags); fContinue = CheckAndLogStatus( API_CRYPTSETHASHPARAM, fApiSuccessful, ptc, ParamInfo, APIPARAMINFO_SIZE(ParamInfo)); return fContinue;}
//
// Function: TDecrypt
// Purpose: Call CryptDecrypt with the supplied parameters and pass
// the result to the logging routine.
//
BOOL TDecrypt( HCRYPTKEY hKey, HCRYPTHASH hHash, BOOL Final, DWORD dwFlags, BYTE *pbData, DWORD *pdwDataLen, PTESTCASE ptc){ BOOL fApiSuccessful = FALSE; //BOOL fUnexpected = TRUE;
BOOL fContinue = FALSE; DWORD cbData = sizeof(DWORD); API_PARAM_INFO ParamInfo [] = { { L"hKey", Handle, 0, NULL, FALSE, NULL, NULL }, { L"hHash", Handle, 0, NULL, FALSE, NULL, NULL }, { L"Final", Boolean, 0, NULL, FALSE, NULL, NULL }, { L"dwFlags", Dword, dwFlags, EncryptFlagToString, FALSE, NULL, NULL }, { L"pbData", Pointer, 0, NULL, TRUE, pdwDataLen, NULL }, { L"pdwDataLen", Pointer, 0, NULL, TRUE, &cbData, NULL }, };
ParamInfo[0].pulParam = hKey; ParamInfo[1].pulParam = hHash; ParamInfo[2].fParam = Final; ParamInfo[4].pbParam = pbData; ParamInfo[5].pbParam = (PBYTE) pdwDataLen; if (! LogInitParamInfo( ParamInfo, APIPARAMINFO_SIZE(ParamInfo), ptc)) { return FALSE; }
fApiSuccessful = CryptDecrypt(hKey, hHash, Final, dwFlags, pbData, pdwDataLen);
fContinue = CheckAndLogStatus( API_CRYPTDECRYPT, fApiSuccessful, ptc, ParamInfo, APIPARAMINFO_SIZE(ParamInfo));
LogCleanupParamInfo(ParamInfo, APIPARAMINFO_SIZE(ParamInfo)); return fContinue;}
//
// Function: TDeriveKey
// Purpose: Call CryptDeriveKey with the supplied parameters and pass
// the result to the logging routine.
//
BOOL TDeriveKey( HCRYPTPROV hProv, ALG_ID Algid, HCRYPTHASH hBaseData, DWORD dwFlags, HCRYPTKEY *phKey, PTESTCASE ptc){ BOOL fApiSuccessful = FALSE; //BOOL fUnexpected = TRUE;
BOOL fContinue = FALSE; API_PARAM_INFO ParamInfo [] = { { L"hProv", Handle, 0, NULL, FALSE, NULL, NULL }, { L"Algid", Dword, Algid, AlgidToString, FALSE, NULL, NULL }, { L"hBaseData", Handle, 0, NULL, FALSE, NULL, NULL }, { L"dwFlags", Dword, dwFlags, DeriveKeyFlagToString,FALSE, NULL, NULL }, { L"phKey", Pointer, 0, NULL, FALSE, NULL, NULL} };
ParamInfo[0].pulParam = hProv; ParamInfo[2].pulParam = hBaseData; ParamInfo[4].pbParam = (PBYTE) phKey; fApiSuccessful = CryptDeriveKey(hProv, Algid, hBaseData, dwFlags, phKey); fContinue = CheckAndLogStatus( API_CRYPTDERIVEKEY, fApiSuccessful, ptc, ParamInfo, APIPARAMINFO_SIZE(ParamInfo)); return fContinue;}
//
// Function: TDestroyKey
// Purpose: Call CryptDestroyKey with the supplied parameters and pass
// the result to the logging routine.
//
BOOL TDestroyKey( HCRYPTKEY hKey, PTESTCASE ptc){ BOOL fApiSuccessful = FALSE; //BOOL fUnexpected = TRUE;
BOOL fContinue = FALSE; BOOL fSavedExpectSuccess = ptc->fExpectSuccess; API_PARAM_INFO ParamInfo [] = { { L"hKey", Handle, 0, NULL, FALSE, NULL, NULL } }; ParamInfo[0].pulParam = hKey;
if (! ptc->fTestingDestroyKey) { ptc->fExpectSuccess = TRUE; } fApiSuccessful = CryptDestroyKey(hKey); fContinue = CheckAndLogStatus( API_CRYPTDESTROYKEY, fApiSuccessful, ptc, ParamInfo, APIPARAMINFO_SIZE(ParamInfo));
ptc->fExpectSuccess = fSavedExpectSuccess; return fContinue;}
//
// Function: TEncrypt
// Purpose: Call CryptEncrypt with the supplied parameters and pass
// the result to the logging routine.
//
BOOL TEncrypt( HCRYPTKEY hKey, HCRYPTHASH hHash, BOOL Final, DWORD dwFlags, BYTE *pbData, DWORD *pdwDataLen, DWORD dwBufLen, PTESTCASE ptc){ BOOL fApiSuccessful = FALSE; //BOOL fUnexpected = TRUE;
BOOL fContinue = FALSE; DWORD cbData = sizeof(DWORD); API_PARAM_INFO ParamInfo [] = { { L"hKey", Handle, 0, NULL, FALSE, NULL, NULL }, { L"hHash", Handle, 0, NULL, FALSE, NULL, NULL }, { L"Final", Boolean, 0, NULL, FALSE, NULL, NULL }, { L"dwFlags", Dword, dwFlags, EncryptFlagToString,FALSE, NULL, NULL }, { L"pbData", Pointer, 0, NULL, TRUE, pdwDataLen, NULL }, { L"pdwDataLen", Pointer, 0, NULL, TRUE, &cbData, NULL }, { L"dwBufLen", Dword, dwBufLen, NULL, FALSE, NULL, NULL} };
ParamInfo[0].pulParam = hKey; ParamInfo[1].pulParam = hHash; ParamInfo[2].fParam = Final; ParamInfo[4].pbParam = pbData; ParamInfo[5].pbParam = (PBYTE) pdwDataLen; if (! LogInitParamInfo( ParamInfo, APIPARAMINFO_SIZE(ParamInfo), ptc)) { return FALSE; }
fApiSuccessful = CryptEncrypt(hKey, hHash, Final, dwFlags, pbData, pdwDataLen, dwBufLen); fContinue = CheckAndLogStatus( API_CRYPTENCRYPT, fApiSuccessful, ptc, ParamInfo, APIPARAMINFO_SIZE(ParamInfo));
LogCleanupParamInfo(ParamInfo, APIPARAMINFO_SIZE(ParamInfo));
return fContinue;}
//
// Function: TGenKey
// Purpose: Call CryptGenKey with the supplied parameters and pass
// the result to the logging routine.
//
BOOL TGenKey( HCRYPTPROV hProv, ALG_ID Algid, DWORD dwFlags, HCRYPTKEY *phKey, PTESTCASE ptc){ BOOL fApiSuccessful = FALSE; //BOOL fUnexpected = TRUE;
BOOL fContinue = FALSE; DWORD cbData = sizeof(HCRYPTKEY); API_PARAM_INFO ParamInfo [] = { { L"hProv", Handle, 0, NULL, FALSE, NULL, NULL }, { L"Algid", Dword, Algid, AlgidToString, FALSE, NULL, NULL }, { L"dwFlags", Dword, dwFlags, GenKeyFlagToString, FALSE, NULL, NULL }, { L"phKey", Pointer, 0, NULL, TRUE, &cbData, NULL } };
ParamInfo[0].pulParam = hProv; ParamInfo[3].pbParam = (PBYTE) phKey; //
// Prompt the user of the test suite when a user protected
// key is being created, UNLESS this is a negative test case.
//
if ( (CRYPT_USER_PROTECTED & dwFlags) && ptc->fExpectSuccess) { LogCreatingUserProtectedKey(); //LogInfo(L"Creating a User Protected key. You should now see UI.");
} fApiSuccessful = CryptGenKey(hProv, Algid, dwFlags, phKey); fContinue = CheckAndLogStatus( API_CRYPTGENKEY, fApiSuccessful, ptc, ParamInfo, APIPARAMINFO_SIZE(ParamInfo));
return fContinue;}
//
// Function: TGetKey
// Purpose: Call CryptGetKeyParam with the supplied parameters and pass
// the result to the logging routine.
//
BOOL TGetKey( HCRYPTKEY hKey, DWORD dwParam, BYTE *pbData, DWORD *pdwDataLen, DWORD dwFlags, PTESTCASE ptc){ BOOL fApiSuccessful = FALSE; //BOOL fUnexpected = TRUE;
BOOL fContinue = FALSE; DWORD cbData = sizeof(DWORD); API_PARAM_INFO ParamInfo [] = { { L"hKey", Handle, 0, NULL, FALSE, NULL, NULL }, { L"dwParam", Dword, dwParam, KeyParamToString, FALSE, NULL, NULL }, { L"pbData", Pointer, 0, NULL, TRUE, pdwDataLen, NULL }, { L"pdwDataLen", Pointer, 0, NULL, TRUE, &cbData, NULL }, { L"dwFlags", Dword, dwFlags, NULL, FALSE, NULL, NULL } }; ParamInfo[0].pulParam = hKey; ParamInfo[2].pbParam = pbData; ParamInfo[3].pbParam = (PBYTE) pdwDataLen;
switch (dwParam) { case KP_MODE: { ParamInfo[4].pfnFlagToString = KeyParamModeToString; break; } case KP_PERMISSIONS: { ParamInfo[4].pfnFlagToString = KeyParamPermissionToString; break; } }
if (! LogInitParamInfo( ParamInfo, APIPARAMINFO_SIZE(ParamInfo), ptc)) { return FALSE; } fApiSuccessful = CryptGetKeyParam(hKey, dwParam, pbData, pdwDataLen, dwFlags); fContinue = CheckAndLogStatus( API_CRYPTGETKEYPARAM, fApiSuccessful, ptc, ParamInfo, APIPARAMINFO_SIZE(ParamInfo));
LogCleanupParamInfo(ParamInfo, APIPARAMINFO_SIZE(ParamInfo));
return fContinue;}
//
// Function: THashSession
// Purpose: Call CryptHashSessionKey with the supplied parameters and pass
// the result to the logging routine.
//
BOOL THashSession( HCRYPTHASH hHash, HCRYPTKEY hKey, DWORD dwFlags, PTESTCASE ptc){ BOOL fApiSuccessful = FALSE; //BOOL fUnexpected = TRUE;
BOOL fContinue = FALSE; API_PARAM_INFO ParamInfo [] = { { L"hHash", Handle, 0, NULL, FALSE, NULL, NULL }, { L"hKey", Handle, 0, NULL, FALSE, NULL, NULL }, { L"dwFlags", Dword, dwFlags, HashSessionKeyFlagToString, FALSE, NULL, NULL } }; ParamInfo[0].pulParam = hHash; ParamInfo[1].pulParam = hKey;
fApiSuccessful = CryptHashSessionKey(hHash, hKey, dwFlags); fContinue = CheckAndLogStatus( API_CRYPTHASHSESSIONKEY, fApiSuccessful, ptc, ParamInfo, APIPARAMINFO_SIZE(ParamInfo)); return fContinue;}
//
// Function: TSetKey
// Purpose: Call CryptSetKeyParam with the supplied parameters and pass
// the result to the logging routine.
//
BOOL TSetKey( HCRYPTKEY hKey, DWORD dwParam, BYTE *pbData, DWORD dwFlags, PTESTCASE ptc){ BOOL fApiSuccessful = FALSE; //BOOL fUnexpected = TRUE;
BOOL fContinue = FALSE; DWORD cbData = 0; DWORD cbParam = 0; API_PARAM_INFO ParamInfo [] = { { L"hKey", Handle, 0, NULL, FALSE, NULL, NULL }, { L"dwParam", Dword, dwParam, KeyParamToString, FALSE, NULL, NULL }, { L"pbData", Pointer, 0, NULL, FALSE, NULL, NULL }, { L"dwFlags", Dword, dwFlags, NULL, FALSE, NULL, NULL } }; ParamInfo[0].pulParam = hKey; ParamInfo[2].pbParam = pbData; switch (dwParam) { case KP_IV: { // Try to determine how long the IV buffer should be
cbData = 0; if (CryptGetKeyParam(hKey, KP_IV, NULL, &cbData, 0) && cbData) { ParamInfo[2].fPrintBytes = TRUE; ParamInfo[2].pcbBytes = &cbData; } break; } case KP_SALT: { // Try to determine how long the salt buffer should be
cbParam = sizeof(cbData); if (CryptGetKeyParam(hKey, KP_SALT, (PBYTE) &cbData, &cbParam, 0) && cbData) { ParamInfo[2].fPrintBytes = TRUE; ParamInfo[2].pcbBytes = &cbData; } break; } case KP_SALT_EX: { if (pbData != NULL && pbData != (PBYTE) TEST_INVALID_POINTER) { cbData = sizeof(DWORD) + ((PDATA_BLOB) pbData)->cbData; ParamInfo[2].fPrintBytes = TRUE; ParamInfo[2].pcbBytes = &cbData; } break; } case KP_PERMISSIONS: { ParamInfo[3].pfnFlagToString = KeyParamPermissionToString; // fall through
} case KP_ALGID: case KP_EFFECTIVE_KEYLEN: case KP_PADDING: case KP_MODE_BITS: { cbData = sizeof(DWORD); ParamInfo[2].fPrintBytes = TRUE; ParamInfo[2].pcbBytes = &cbData; break; } case KP_MODE: { cbData = sizeof(DWORD); ParamInfo[2].fPrintBytes = TRUE; ParamInfo[2].pcbBytes = &cbData; ParamInfo[3].pfnFlagToString = KeyParamModeToString; break; }
}
if (! LogInitParamInfo( ParamInfo, APIPARAMINFO_SIZE(ParamInfo), ptc)) { return FALSE; } fApiSuccessful = CryptSetKeyParam(hKey, dwParam, pbData, dwFlags); fContinue = CheckAndLogStatus( API_CRYPTSETKEYPARAM, fApiSuccessful, ptc, ParamInfo, APIPARAMINFO_SIZE(ParamInfo));
LogCleanupParamInfo(ParamInfo, APIPARAMINFO_SIZE(ParamInfo));
return fContinue;}
//
// Function: TExportKey
// Purpose: Call CryptExportKey with the supplied parameters and pass
// the result to the logging routine.
//
BOOL TExportKey( HCRYPTKEY hKey, HCRYPTKEY hExpKey, DWORD dwBlobType, DWORD dwFlags, BYTE *pbData, DWORD *pdwDataLen, PTESTCASE ptc){ BOOL fApiSuccessful = FALSE; //BOOL fUnexpected = TRUE;
BOOL fContinue = FALSE; DWORD cbData = sizeof(DWORD); API_PARAM_INFO ParamInfo [] = { { L"hKey", Handle, 0, NULL, FALSE, NULL, NULL }, { L"hExpKey", Handle, 0, NULL, FALSE, NULL, NULL }, { L"dwBlobType", Dword, dwBlobType, ExportKeyBlobTypeToString, FALSE, NULL, NULL }, { L"dwFlags", Dword, dwFlags, ExportKeyFlagToString, FALSE, NULL, NULL }, { L"pbData", Pointer, 0, NULL, TRUE, pdwDataLen, NULL }, { L"pdwDataLen", Pointer, 0, NULL, TRUE, &cbData, NULL } }; ParamInfo[0].pulParam = hKey; ParamInfo[1].pulParam = hExpKey; ParamInfo[4].pbParam = pbData; ParamInfo[5].pbParam = (PBYTE) pdwDataLen;
if (! LogInitParamInfo( ParamInfo, APIPARAMINFO_SIZE(ParamInfo), ptc)) { return FALSE; }
fApiSuccessful = CryptExportKey(hKey, hExpKey, dwBlobType, dwFlags, pbData, pdwDataLen); fContinue = CheckAndLogStatus( API_CRYPTEXPORTKEY, fApiSuccessful, ptc, ParamInfo, APIPARAMINFO_SIZE(ParamInfo));
LogCleanupParamInfo(ParamInfo, APIPARAMINFO_SIZE(ParamInfo));
return fContinue;}
//
// Function: TGetUser
// Purpose: Call CryptGetUserKey with the supplied parameters and pass
// the result to the logging routine.
//
BOOL TGetUser( HCRYPTPROV hProv, DWORD dwKeySpec, HCRYPTKEY *phUserKey, PTESTCASE ptc){ BOOL fApiSuccessful = FALSE; //BOOL fUnexpected = TRUE;
BOOL fContinue = FALSE; API_PARAM_INFO ParamInfo [] = { { L"hProv", Handle, 0, NULL, FALSE, NULL, NULL }, { L"dwKeySpec", Dword, dwKeySpec, AlgidToString, FALSE, NULL, NULL }, { L"phUserKey", Pointer, 0, NULL, FALSE, NULL, NULL } };
ParamInfo[0].pulParam = hProv; ParamInfo[2].pbParam = (PBYTE) phUserKey; fApiSuccessful = CryptGetUserKey(hProv, dwKeySpec, phUserKey); fContinue = CheckAndLogStatus( API_CRYPTGETUSERKEY, fApiSuccessful, ptc, ParamInfo, APIPARAMINFO_SIZE(ParamInfo));
return fContinue;}
//
// Function: TImportKey
// Purpose: Call CryptImportKey with the supplied parameters and pass
// the result to the logging routine.
//
BOOL TImportKey( HCRYPTPROV hProv, BYTE *pbData, DWORD dwDataLen, HCRYPTKEY hPubKey, DWORD dwFlags, HCRYPTKEY *phKey, PTESTCASE ptc){ BOOL fApiSuccessful = FALSE; //BOOL fUnexpected = TRUE;
BOOL fContinue = FALSE; DWORD cbData = sizeof(HCRYPTKEY); API_PARAM_INFO ParamInfo [] = { { L"hProv", Handle, 0, NULL, FALSE, NULL, NULL }, { L"pbData", Pointer, 0, NULL, TRUE, &dwDataLen, NULL }, { L"dwDataLen", Dword, dwDataLen, NULL, FALSE, NULL, NULL }, { L"hPubKey", Handle, 0, NULL, FALSE, NULL, NULL }, { L"dwFlags", Dword, dwFlags, ImportKeyFlagToString,FALSE,NULL, NULL }, { L"phKey", Pointer, 0, NULL, TRUE, &cbData, NULL } }; ParamInfo[0].pulParam = hProv; ParamInfo[1].pbParam = pbData; ParamInfo[3].pulParam = hPubKey; ParamInfo[5].pbParam = (PBYTE) phKey;
if (! LogInitParamInfo( ParamInfo, APIPARAMINFO_SIZE(ParamInfo), ptc)) { return FALSE; } fApiSuccessful = CryptImportKey(hProv, pbData, dwDataLen, hPubKey, dwFlags, phKey); fContinue = CheckAndLogStatus( API_CRYPTIMPORTKEY, fApiSuccessful, ptc, ParamInfo, APIPARAMINFO_SIZE(ParamInfo));
LogCleanupParamInfo(ParamInfo, APIPARAMINFO_SIZE(ParamInfo)); return fContinue;}
//
// Function: TSignHash
// Purpose: Call CryptSignHash with the supplied parameters and pass
// the result to the logging routine.
//
BOOL TSignHash( HCRYPTHASH hHash, DWORD dwKeySpec, LPWSTR sDescription, DWORD dwFlags, BYTE *pbSignature, DWORD *pdwSigLen, PTESTCASE ptc){ BOOL fApiSuccessful = FALSE; //BOOL fUnexpected = TRUE;
BOOL fContinue = FALSE; DWORD cbData = sizeof(DWORD); API_PARAM_INFO ParamInfo [] = { { L"hHash", Handle, 0, NULL, FALSE, NULL, NULL }, { L"dwKeySpec", Dword, dwKeySpec, AlgidToString, FALSE, NULL, NULL }, { L"sDescription", String, 0, NULL, FALSE, NULL, NULL }, { L"dwFlags", Dword, dwFlags, SignHashFlagToString,FALSE, NULL, NULL }, { L"pbData", Pointer, 0, NULL, TRUE, pdwSigLen, NULL}, { L"pdwSigLen", Pointer, 0, NULL, TRUE, &cbData, NULL} };
ParamInfo[0].pulParam = hHash; ParamInfo[2].pwszParam = sDescription; ParamInfo[4].pbParam = pbSignature; ParamInfo[5].pbParam = (PBYTE) pdwSigLen;
if (! LogInitParamInfo( ParamInfo, APIPARAMINFO_SIZE(ParamInfo), ptc)) { return FALSE; } fApiSuccessful = CryptSignHash(hHash, dwKeySpec, sDescription, dwFlags, pbSignature, pdwSigLen); fContinue = CheckAndLogStatus( API_CRYPTSIGNHASH, fApiSuccessful, ptc, ParamInfo, APIPARAMINFO_SIZE(ParamInfo));
LogCleanupParamInfo(ParamInfo, APIPARAMINFO_SIZE(ParamInfo));
return fContinue;}
//
// Function: TVerifySign
// Purpose: Call CryptVerifySign with the supplied parameters and pass
// the result to the logging routine.
//
BOOL TVerifySign( HCRYPTHASH hHash, BYTE *pbSignature, DWORD dwSigLen, HCRYPTKEY hPubKey, LPWSTR sDescription, DWORD dwFlags, PTESTCASE ptc){ BOOL fApiSuccessful = FALSE; //BOOL fUnexpected = TRUE;
BOOL fContinue = FALSE; API_PARAM_INFO ParamInfo [] = { { L"hHash", Handle, 0, NULL, FALSE, NULL, NULL }, { L"pbSignature", Pointer, 0, NULL, TRUE, &dwSigLen, NULL}, { L"dwSigLen", Dword, dwSigLen, NULL, FALSE, NULL, NULL }, { L"hPubKey", Handle, 0, NULL, FALSE, NULL, NULL }, { L"sDescription", String, 0, NULL, FALSE, NULL, NULL }, { L"dwFlags", Dword, dwFlags, SignHashFlagToString,FALSE, NULL, NULL } }; ParamInfo[0].pulParam = hHash; ParamInfo[1].pbParam = pbSignature; ParamInfo[3].pulParam = hPubKey; ParamInfo[4].pwszParam = sDescription;
if (! LogInitParamInfo( ParamInfo, APIPARAMINFO_SIZE(ParamInfo), ptc)) { return FALSE; } fApiSuccessful = CryptVerifySignature(hHash, pbSignature, dwSigLen, hPubKey, sDescription, dwFlags);
fContinue = CheckAndLogStatus( API_CRYPTVERIFYSIGNATURE, fApiSuccessful, ptc, ParamInfo, APIPARAMINFO_SIZE(ParamInfo));
LogCleanupParamInfo(ParamInfo, APIPARAMINFO_SIZE(ParamInfo));
return fContinue;}
// -------------
// Test Routines
// -------------
//
// Function: PositiveAcquireContextTests
// Purpose: Run the appropriate set of positive CryptAcquireContext test cases for
// the passed in dwCSPClass.
//
BOOL PositiveAcquireContextTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; HCRYPTPROV hProv = 0; DWORD dwProvType = LogGetProvType(); LPWSTR pwszProvName = LogGetProvName(); LPWSTR pwszContainer = TEST_CONTAINER; //LPWSTR pwszContainer2 = TEST_CONTAINER_2;
//DWORD dwFlags = 0;
PTESTCASE ptc = &(pCSPInfo->TestCase); switch (ptc->dwTestLevel) { case TEST_LEVEL_CSP: { //
// Group 1A
//
//
// Do CSP-level positive CryptAcquireContext tests
//
LOG_TRY(TAcquire(&hProv, NULL, pwszProvName, dwProvType, CRYPT_VERIFYCONTEXT, ptc)); break; } case TEST_LEVEL_CONTAINER: { //
// Group 5A
//
//
// Do Container-level positive CryptAcquireContext tests
//
LOG_TRY(CreateNewContext(&hProv, pwszContainer, CRYPT_NEWKEYSET, ptc));
LOG_TRY(TRelease(hProv, 0, ptc)); hProv = 0;
LOG_TRY(TAcquire(&hProv, pwszContainer, pwszProvName, dwProvType, CRYPT_SILENT, ptc));
LOG_TRY(TRelease(hProv, 0, ptc));
LOG_TRY(CreateNewContext( &hProv, pwszContainer, CRYPT_MACHINE_KEYSET | CRYPT_NEWKEYSET, ptc));
LOG_TRY(TRelease(hProv, 0, ptc)); hProv = 0;
LOG_TRY(TAcquire( &hProv, pwszContainer, pwszProvName, dwProvType, CRYPT_MACHINE_KEYSET | CRYPT_SILENT, ptc));
break; } } fSuccess = TRUE;Cleanup:
if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: NegativeAcquireContextTests
// Purpose: Run the appropriate set of negative CryptAcquireContext test cases
// based on the dwTestLevel parameter.
//
BOOL NegativeAcquireContextTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; HCRYPTPROV hProv = 0; DWORD dwProvType = LogGetProvType(); LPWSTR pwszProvName = LogGetProvName(); LPWSTR pwszContainer = TEST_CONTAINER; DWORD dwFlags = 0; DWORD dwSavedErrorLevel = 0; PTESTCASE ptc = &(pCSPInfo->TestCase);
switch (ptc->dwTestLevel) { case TEST_LEVEL_CSP: { //
// Do CSP-level negative CryptAcquireContext tests
//
dwFlags = CRYPT_VERIFYCONTEXT; //
// This fails on Win2K because the VTable is constructed correctly, but
// the NULL phProv causes an AV. The bug is that the API returns True
// anyway.
//
// 7/20/00 -- Whistler status for this issue is unknown.
//
ptc->pwszErrorHelp = L"CryptAcquireContext should fail when phProv is NULL"; ptc->KnownErrorID = KNOWN_CRYPTACQUIRECONTEXT_NULLPHPROV; ptc->dwErrorCode = ERROR_INVALID_PARAMETER; LOG_TRY(TAcquire(NULL, NULL, pwszProvName, dwProvType, dwFlags, ptc)); ptc->pwszErrorHelp = NULL; ptc->KnownErrorID = KNOWN_ERROR_UNKNOWN; ptc->dwErrorCode = NTE_BAD_FLAGS; LOG_TRY(TAcquire(&hProv, pwszContainer, pwszProvName, dwProvType, dwFlags, ptc)); //
// This fails on Win2K because the VERIFYCONTEXT flag is caught first. The API
// succeeds unexpectedly.
//
// 7/20/00 -- Whistler status for this issue is unknown.
//
ptc->pwszErrorHelp = L"This is an invalid combination of dwFlags values"; ptc->KnownErrorID = KNOWN_CRYPTACQUIRECONTEXT_BADFLAGS; ptc->dwErrorCode = NTE_BAD_FLAGS; LOG_TRY(TAcquire(&hProv, NULL, pwszProvName, dwProvType, CRYPT_VERIFYCONTEXT | CRYPT_NEWKEYSET, ptc)); ptc->pwszErrorHelp = NULL; ptc->KnownErrorID = KNOWN_ERROR_UNKNOWN; break; } case TEST_LEVEL_CONTAINER: { //
// Do Container-level negative CryptAcquireContext tests
//
ptc->dwErrorCode = NTE_BAD_KEYSET; LOG_TRY(TAcquire( &hProv, TEST_CRYPTACQUIRECONTEXT_CONTAINER, pwszProvName, dwProvType, 0, ptc));
//
// Test for risky characters in a container name
//
dwSavedErrorLevel = ptc->dwErrorLevel; ptc->dwErrorLevel = CSP_ERROR_WARNING; ptc->pwszErrorHelp = L"Some CSP's may not support container names with backslashes";
ptc->dwErrorCode = NTE_BAD_KEYSET_PARAM;
// Make sure this container doesn't already exist
CryptAcquireContext(&hProv, L"FOO\\BAR", pwszProvName, dwProvType, CRYPT_DELETEKEYSET); LOG_TRY(TAcquire(&hProv, L"FOO\\BAR", pwszProvName, dwProvType, CRYPT_NEWKEYSET, ptc));
ptc->dwErrorLevel = dwSavedErrorLevel; ptc->pwszErrorHelp = NULL; // Create the keyset
LOG_TRY(CreateNewContext(&hProv, pwszContainer, CRYPT_NEWKEYSET, ptc)); // Try to create the keyset again
ptc->dwErrorCode = NTE_EXISTS; LOG_TRY(TAcquire(&hProv, pwszContainer, pwszProvName, dwProvType, CRYPT_NEWKEYSET, ptc)); break; } }
fSuccess = TRUE;Cleanup:
if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: TestBuildAlgList
// Purpose: A wrapper for the BuildAlgList function
//
BOOL TestBuildAlgList(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; HCRYPTPROV hProv = 0; PTESTCASE ptc = &(pCSPInfo->TestCase);
LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
LOG_TRY(BuildAlgList(hProv, pCSPInfo));
fSuccess = TRUE;Cleanup:
if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: CheckEnumalgs
// Purpose: Call CryptGetProvParam with the PP_ENUMALGS flag to enumerate
// all the CSP's supported algorithms. Compare the results of this enumeration
// to the results of the PP_ENUMALGS_EX enumeration contained in the pAlgList
// param.
//
BOOL CheckEnumalgs( IN HCRYPTPROV hProv, IN PALGNODE pAlgList, IN PTESTCASE ptc){ BOOL fContinue = TRUE; //PBYTE pbData = NULL;
DWORD cbData = 0; DWORD dwFlags = CRYPT_FIRST; PROV_ENUMALGS ProvEnumalgs; DWORD dw = 0; //DWORD dwWinError = 0;
//DWORD dwErrorType = 0;
WCHAR rgwszError [ BUFFER_SIZE ];
memset(&ProvEnumalgs, 0, sizeof(ProvEnumalgs)); cbData = sizeof(ProvEnumalgs);
ptc->fEnumerating = TRUE;
LogTestCaseSeparator(FALSE); // Log a blank line first
LogInfo(L"CryptGetProvParam PP_ENUMALGS: enumerating supported algorithms");
while( TGetProv( hProv, PP_ENUMALGS, (PBYTE) &ProvEnumalgs, &cbData, dwFlags, ptc)) { // Increment the test case counter for every enumerated alg
++ptc->dwTestCaseID;
if (NULL == pAlgList) { ptc->pwszErrorHelp = L"PP_ENUMALGS_EX enumerated fewer algorithms than PP_ENUMALGS"; LOG_TRY(LogApiFailure( API_CRYPTGETPROVPARAM, ERROR_LIST_TOO_SHORT, ptc)); ptc->pwszErrorHelp = NULL; } if ( ProvEnumalgs.aiAlgid != pAlgList->ProvEnumalgsEx.aiAlgid || ProvEnumalgs.dwBitLen != pAlgList->ProvEnumalgsEx.dwDefaultLen || ProvEnumalgs.dwNameLen != pAlgList->ProvEnumalgsEx.dwNameLen || 0 != strcmp(ProvEnumalgs.szName, pAlgList->ProvEnumalgsEx.szName) ) { if (CALG_MAC == ProvEnumalgs.aiAlgid) { ptc->KnownErrorID = KNOWN_CRYPTGETPROVPARAM_MAC; }
wsprintf( rgwszError, L"%s: %s", L"PP_ENUMALGS data doesn't match PP_ENUMALGS_EX data for the following algorithm", ProvEnumalgs.szName);
ptc->pwszErrorHelp = rgwszError; LOG_TRY(LogApiFailure( API_CRYPTGETPROVPARAM, ERROR_BAD_DATA, ptc)); ptc->pwszErrorHelp = NULL; ptc->KnownErrorID = KNOWN_ERROR_UNKNOWN; } pAlgList = pAlgList->pAlgNodeNext; if (CRYPT_FIRST == dwFlags) { dwFlags = 0; }
LogProvEnumalgs(&ProvEnumalgs); } if (ERROR_NO_MORE_ITEMS != (dw = GetLastError())) { ptc->pwszErrorHelp = L"PP_ENUMALGS failed unexpectedly"; ptc->dwErrorCode = ERROR_NO_MORE_ITEMS; ptc->fExpectSuccess = FALSE; LOG_TRY(LogApiFailure( API_CRYPTGETPROVPARAM, ERROR_WRONG_ERROR_CODE, ptc)); }
ptc->fEnumerating = FALSE; fContinue = TRUE;Cleanup:
ptc->KnownErrorID = KNOWN_ERROR_UNKNOWN; ptc->pwszErrorHelp = NULL; return fContinue;}
//
// Function: CheckRequiredAlgs
// Purpose: Verify that all of the required algorithms
// for CSP's of this type are supported by this CSP.
//
BOOL CheckRequiredAlgs(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; DWORD dwCSPClass = pCSPInfo->dwCSPInternalClass; PTESTCASE ptc = &(pCSPInfo->TestCase); PALGNODE pAlgList = pCSPInfo->pAlgList; PALGNODE pAlgNode = NULL; DWORD iTable = 0; BOOL fFound = FALSE; WCHAR rgsz[BUFFER_SIZE];
//
// For each required alg for dwCSPClass, verify
// that the alg is listed in pAlgList. If it's not,
// assume that this CSP doesn't support that alg
// and flag an error.
//
LogTestCaseSeparator(FALSE); // Log a blank line first
LogInfo(L"List of Required algorithms for this CSP type"); for ( iTable = 0; iTable < sizeof(g_RequiredAlgs_RSA) / sizeof(ALGID_TABLE); iTable++) { if (! (dwCSPClass & g_RequiredAlgs_RSA[iTable].dwCSPClass)) { continue; }
fFound = FALSE;
AlgidToString(g_RequiredAlgs_RSA[iTable].ai, rgsz); LogInfo(rgsz);
//
// Search pAlgList for the current ALG_ID
//
for ( pAlgNode = pAlgList; pAlgNode != NULL && (! fFound); pAlgNode = pAlgNode->pAlgNodeNext) { if (g_RequiredAlgs_RSA[iTable].ai == pAlgNode->ProvEnumalgsEx.aiAlgid) { fFound = TRUE; } }
if (! fFound) { LOG_TRY(LogApiFailure( API_CRYPTGETPROVPARAM, ERROR_REQUIRED_ALG, ptc)); } }
fSuccess = TRUE;
Cleanup: return fSuccess;}
//
// Function: PositiveGetProvParamTests
// Purpose: Run the test cases for CryptGetProvParam
//
BOOL PositiveGetProvParamTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; HCRYPTPROV hProv = 0; LPWSTR pwszContainer = TEST_CONTAINER; PBYTE pbData = NULL; DWORD dwData = 0; DWORD dwFlags = CRYPT_FIRST; DWORD cbData = 0; DWORD dwError = 0; DWORD dwSavedErrorLevel = 0; LPWSTR pwsz = NULL; PTESTCASE ptc = &(pCSPInfo->TestCase);
switch (ptc->dwTestLevel) { case TEST_LEVEL_CSP: { //
// Group 1B
//
//
// Do CryptGetProvParam positive test cases
//
LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc)); LOG_TRY(BuildAlgList(hProv, pCSPInfo)); LOG_TRY(CheckEnumalgs(hProv, pCSPInfo->pAlgList, ptc));
ptc->fExpectSuccess = TRUE;
LOG_TRY(CheckRequiredAlgs(pCSPInfo));
//
// Test PP_IMPTYPE
//
cbData = sizeof(dwData); LOG_TRY(TGetProv( hProv, PP_IMPTYPE, (PBYTE) &dwData, &cbData, 0, ptc));
if (CRYPT_IMPL_SOFTWARE != dwData) { // Set the expected behavior for a non-software-only
// CSP.
pCSPInfo->fSmartCardCSP = TRUE; }
//
// Test PP_NAME
//
LOG_TRY(TGetProv( hProv, PP_NAME, NULL, &cbData, 0, ptc));
LOG_TRY(TestAlloc(&pbData, cbData, ptc));
LOG_TRY(TGetProv( hProv, PP_NAME, pbData, &cbData, 0, ptc));
ptc->KnownErrorID = KNOWN_CRYPTGETPROVPARAM_PPNAME; if (0 != wcscmp( (LPWSTR) pbData, pCSPInfo->pwszCSPName)) { ptc->pwszErrorHelp = L"CryptGetProvParam PP_NAME is not Unicode"; LOG_TRY(LogApiFailure( API_CRYPTGETPROVPARAM, ERROR_BAD_DATA, ptc)); ptc->pwszErrorHelp = NULL; } ptc->KnownErrorID = KNOWN_ERROR_UNKNOWN;
free(pbData); pbData = NULL;
//
// Test PP_VERSION
//
cbData = sizeof(dwData); LOG_TRY(TGetProv( hProv, PP_VERSION, (PBYTE) &dwData, &cbData, 0, ptc));
//
// Test PP_SIG_KEYSIZE_INC
//
cbData = sizeof(dwData); LOG_TRY(TGetProv( hProv, PP_SIG_KEYSIZE_INC, (PBYTE) &dwData, &cbData, 0, ptc));
pCSPInfo->dwSigKeysizeInc = dwData;
//
// Test PP_KEYX_KEYSIZE_INC
//
cbData = sizeof(dwData); LOG_TRY(TGetProv( hProv, PP_KEYX_KEYSIZE_INC, (PBYTE) &dwData, &cbData, 0, ptc));
pCSPInfo->dwKeyXKeysizeInc = dwData;
//
// Test PP_PROVTYPE
//
cbData = sizeof(dwData); LOG_TRY(TGetProv( hProv, PP_PROVTYPE, (PBYTE) &dwData, &cbData, 0, ptc));
if (dwData != pCSPInfo->dwExternalProvType) { ptc->pwszErrorHelp = L"CryptGetProvParam PP_PROVTYPE is incorrect"; LOG_TRY(LogApiFailure( API_CRYPTGETPROVPARAM, ERROR_BAD_DATA, ptc)); ptc->pwszErrorHelp = NULL; }
//
// Test PP_USE_HARDWARE_RNG
//
// TODO - dumb down the error level of this test case, since most
// CSP's will probably return FALSE
//
dwSavedErrorLevel = ptc->dwErrorLevel; ptc->dwErrorLevel = CSP_ERROR_WARNING; ptc->pwszErrorHelp = L"CryptGetProvParam reports that this system has no hardware Random Number Generator configured";
cbData = 0; LOG_TRY(TGetProv( hProv, PP_USE_HARDWARE_RNG, NULL, &cbData, 0, ptc));
ptc->dwErrorLevel = dwSavedErrorLevel; ptc->pwszErrorHelp = NULL;
//
// Test PP_KEYSPEC
//
cbData = sizeof(dwData); LOG_TRY(TGetProv( hProv, PP_KEYSPEC, (PBYTE) &dwData, &cbData, 0, ptc));
pCSPInfo->dwKeySpec = dwData;
break; } case TEST_LEVEL_CONTAINER: { LOG_TRY(CreateNewContext(&hProv, pwszContainer, CRYPT_NEWKEYSET, ptc));
//
// Do PP_ENUMCONTAINERS enumeration
//
dwFlags = CRYPT_FIRST; ptc->fEnumerating = TRUE; LogInfo(L"PP_ENUMCONTAINERS: enumerating user containers"); while (TEST_INVALID_FLAG != dwFlags) { while( TGetProv( hProv, PP_ENUMCONTAINERS, NULL, &cbData, dwFlags, ptc)) { if (NULL != pbData) { free(pbData); } LOG_TRY(TestAlloc(&pbData, cbData, ptc)); LOG_TRY(TGetProv( hProv, PP_ENUMCONTAINERS, pbData, &cbData, dwFlags, ptc)); pwsz = MkWStr((LPSTR) pbData); if (pwsz) { LogInfo(pwsz); free(pwsz); } if (CRYPT_FIRST & dwFlags) { dwFlags ^= CRYPT_FIRST; } } if (ERROR_NO_MORE_ITEMS != (dwError = GetLastError())) { ptc->fExpectSuccess = FALSE; ptc->dwErrorCode = ERROR_NO_MORE_ITEMS; ptc->pwszErrorHelp = L"PP_ENUMCONTAINERS failed unexpectedly"; LOG_TRY(LogApiFailure( API_CRYPTGETPROVPARAM, ERROR_WRONG_ERROR_CODE, ptc)); ptc->pwszErrorHelp = NULL; }
if (CRYPT_MACHINE_KEYSET != dwFlags) { dwFlags = CRYPT_MACHINE_KEYSET | CRYPT_FIRST; LogInfo(L"PP_ENUMCONTAINERS: enumerating local machine containers"); } else { dwFlags = TEST_INVALID_FLAG; } } ptc->fEnumerating = FALSE; ptc->fExpectSuccess = TRUE;
//
// Test PP_KEYSET_SEC_DESCR
//
cbData = sizeof(dwData); LOG_TRY(TGetProv( hProv, PP_KEYSET_SEC_DESCR, (PBYTE) &dwData, &cbData, OWNER_SECURITY_INFORMATION, ptc));
cbData = sizeof(dwData); LOG_TRY(TGetProv( hProv, PP_KEYSET_SEC_DESCR, (PBYTE) &dwData, &cbData, GROUP_SECURITY_INFORMATION, ptc));
cbData = sizeof(dwData); LOG_TRY(TGetProv( hProv, PP_KEYSET_SEC_DESCR, (PBYTE) &dwData, &cbData, DACL_SECURITY_INFORMATION, ptc));
cbData = sizeof(dwData); LOG_TRY(TGetProv( hProv, PP_KEYSET_SEC_DESCR, (PBYTE) &dwData, &cbData, SACL_SECURITY_INFORMATION, ptc));
//
// Test PP_UNIQUE_CONTAINER
//
LOG_TRY(TGetProv( hProv, PP_UNIQUE_CONTAINER, NULL, &cbData, 0, ptc));
LOG_TRY(TestAlloc(&pbData, cbData, ptc));
LOG_TRY(TGetProv( hProv, PP_UNIQUE_CONTAINER, pbData, &cbData, 0, ptc));
free(pbData); pbData = NULL;
break; } } fSuccess = TRUE;Cleanup:
if (hProv) { TRelease(hProv, 0, ptc); } if (pbData) { free(pbData); }
return fSuccess; }
//
// Function: NegativeGetProvParamTests
// Purpose: Run the negative test cases for CryptGetProvParam
//
BOOL NegativeGetProvParamTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; HCRYPTPROV hProv = 0; //LPWSTR pwszContainer = TEST_CONTAINER;
//PBYTE pbData = NULL;
DWORD dwData = 0; DWORD cbData = 0; PROV_ENUMALGS_EX ProvEnumalgsEx; PTESTCASE ptc = &(pCSPInfo->TestCase);
//
// Do CryptGetProvParam negative test cases
//
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TGetProv(0, PP_ENUMALGS_EX, (PBYTE) &ProvEnumalgsEx, &cbData, 0, ptc));
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TGetProv(TEST_INVALID_HANDLE, PP_ENUMALGS_EX, (PBYTE) &ProvEnumalgsEx, &cbData, 0, ptc));
LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
ptc->dwErrorCode = ERROR_INVALID_PARAMETER; LOG_TRY(TGetProv(hProv, PP_VERSION, (PBYTE) &dwData, NULL, 0, ptc));
ptc->KnownErrorID = KNOWN_CRYPTGETPROVPARAM_MOREDATA; cbData = 1; ptc->dwErrorCode = ERROR_MORE_DATA; LOG_TRY(TGetProv(hProv, PP_CONTAINER, (PBYTE) &dwData, &cbData, 0, ptc)); ptc->KnownErrorID = KNOWN_ERROR_UNKNOWN;
cbData = sizeof(ProvEnumalgsEx); ptc->dwErrorCode = NTE_BAD_FLAGS; LOG_TRY(TGetProv(hProv, PP_ENUMALGS_EX, (PBYTE) &ProvEnumalgsEx, &cbData, TEST_INVALID_FLAG, ptc));
ptc->dwErrorCode = NTE_BAD_TYPE; LOG_TRY(TGetProv(hProv, TEST_INVALID_FLAG, (PBYTE) &ProvEnumalgsEx, &cbData, 0, ptc));
fSuccess = TRUE;Cleanup:
if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess; }
//
// Function: PositiveSetProvParamTests
// Purpose: Run the test cases for CryptSetProvParam
//
BOOL PositiveSetProvParamTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; HCRYPTPROV hProv = 0; LPWSTR pwszContainer = TEST_CONTAINER; DWORD cbData = 0; DWORD dwData = 0; HWND hWnd = 0; DWORD dwSavedErrorLevel = 0; SECURITY_DESCRIPTOR SecurityDescriptor; PTESTCASE ptc = &(pCSPInfo->TestCase);
memset(&SecurityDescriptor, 0, sizeof(SecurityDescriptor));
switch (ptc->dwTestLevel) { case TEST_LEVEL_CSP: { LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
//
// Group 1C
//
//
// Do CryptSetProvParam positive test cases
//
//
// Test PP_CLIENT_HWND
//
if (NULL == (hWnd = GetDesktopWindow())) { LOG_TRY(LogApiFailure( API_GETDESKTOPWINDOW, ERROR_API_FAILED, ptc)); //LOG_TRY(LogWin32Fail(ptc->dwErrorLevel, ptc->dwTestCaseID));
} cbData = sizeof(hWnd); LOG_TRY(TSetProv( 0, PP_CLIENT_HWND, (PBYTE) &hWnd, 0, ptc));
//
// Test PP_USE_HARDWARE_RNG
//
// TODO: Dumb down the error level of this test case since
// some CSP's will not support it.
//
// TODO: What effect does this flag have on systems that don't actually
// have a hardware RNG?
//
dwSavedErrorLevel = ptc->dwErrorLevel; ptc->dwErrorLevel = CSP_ERROR_WARNING; ptc->pwszErrorHelp = L"CryptSetProvParam reports that this system has no hardware Random Number Generator";
LOG_TRY(TSetProv( hProv, PP_USE_HARDWARE_RNG, NULL, 0, ptc));
ptc->dwErrorLevel = dwSavedErrorLevel; ptc->pwszErrorHelp = NULL;
break; }
case TEST_LEVEL_CONTAINER: { LOG_TRY(CreateNewContext(&hProv, pwszContainer, CRYPT_NEWKEYSET, ptc));
//
// Test PP_KEYSET_SEC_DESCR
//
cbData = sizeof(dwData); LOG_TRY(TGetProv( hProv, PP_KEYSET_SEC_DESCR, (PBYTE) &dwData, &cbData, OWNER_SECURITY_INFORMATION, ptc));
LOG_TRY(TSetProv( hProv, PP_KEYSET_SEC_DESCR, (PBYTE) &dwData, OWNER_SECURITY_INFORMATION, ptc));
cbData = sizeof(dwData); LOG_TRY(TGetProv( hProv, PP_KEYSET_SEC_DESCR, (PBYTE) &dwData, &cbData, GROUP_SECURITY_INFORMATION, ptc));
LOG_TRY(TSetProv( hProv, PP_KEYSET_SEC_DESCR, (PBYTE) &dwData, GROUP_SECURITY_INFORMATION, ptc));
cbData = sizeof(dwData); LOG_TRY(TGetProv( hProv, PP_KEYSET_SEC_DESCR, (PBYTE) &dwData, &cbData, DACL_SECURITY_INFORMATION, ptc));
LOG_TRY(TSetProv( hProv, PP_KEYSET_SEC_DESCR, (PBYTE) &dwData, DACL_SECURITY_INFORMATION, ptc));
cbData = sizeof(dwData); LOG_TRY(TGetProv( hProv, PP_KEYSET_SEC_DESCR, (PBYTE) &dwData, &cbData, SACL_SECURITY_INFORMATION, ptc));
LOG_TRY(TSetProv( hProv, PP_KEYSET_SEC_DESCR, (PBYTE) &dwData, SACL_SECURITY_INFORMATION, ptc));
break; } }
fSuccess = TRUE;Cleanup:
if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: NegativeSetProvParamTests
// Purpose: Run the negative test cases for CryptSetProvParam
//
BOOL NegativeSetProvParamTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; HCRYPTPROV hProv = 0; //LPWSTR pwszContainer = TEST_CONTAINER;
DWORD dwData = 0; PTESTCASE ptc = &(pCSPInfo->TestCase); SECURITY_DESCRIPTOR SecurityDescriptor;
memset(&SecurityDescriptor, 0, sizeof(SecurityDescriptor));
//
// Group 1C
//
//
// Do CryptSetProvParam negative test cases
//
LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TSetProv(hProv, PP_CLIENT_HWND, (PBYTE) TEST_INVALID_HANDLE, 0, ptc));
ptc->dwErrorCode = ERROR_INVALID_PARAMETER; LOG_TRY(TSetProv(hProv, PP_KEYSET_SEC_DESCR, NULL, OWNER_SECURITY_INFORMATION, ptc));
ptc->pwszErrorHelp = L"The pbData parameter must be NULL when calling CryptSetProvParam PP_USE_HARDWARE_RNG"; ptc->KnownErrorID = KNOWN_CRYPTSETPROVPARAM_RNG; ptc->dwErrorCode = ERROR_INVALID_PARAMETER; LOG_TRY(TSetProv(hProv, PP_USE_HARDWARE_RNG, (PBYTE) &dwData, 0, ptc)); ptc->pwszErrorHelp = NULL; ptc->KnownErrorID = KNOWN_ERROR_UNKNOWN;
ptc->pwszErrorHelp = L"The dwFlags parameter must be zero when calling CryptSetProvParam PP_USE_HARDWARE_RNG"; ptc->KnownErrorID = KNOWN_CRYPTSETPROVPARAM_BADFLAGS; ptc->dwErrorCode = NTE_BAD_FLAGS; LOG_TRY(TSetProv(hProv, PP_USE_HARDWARE_RNG, NULL, 1, ptc)); ptc->pwszErrorHelp = NULL; ptc->KnownErrorID = KNOWN_ERROR_UNKNOWN;
//
// 7/25/00 -- This test case is too specific to the Microsoft CSP's.
//
/*
ptc->dwErrorCode = ERROR_INVALID_PARAMETER; LOG_TRY(TSetProv(hProv, PP_KEYSET_SEC_DESCR, (PBYTE) &SecurityDescriptor, OWNER_SECURITY_INFORMATION, ptc)); */
ptc->dwErrorCode = NTE_BAD_TYPE; LOG_TRY(TSetProv(hProv, TEST_INVALID_FLAG, (PBYTE) &dwData, 0, ptc));
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TSetProv(0, PP_USE_HARDWARE_RNG, NULL, 0, ptc));
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TSetProv(TEST_INVALID_HANDLE, PP_USE_HARDWARE_RNG, NULL, 0, ptc));
fSuccess = TRUE;Cleanup:
if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: PositiveReleaseContextTests
// Purpose: Run the test cases for CryptReleaseContext
//
BOOL PositiveReleaseContextTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; HCRYPTPROV hProv = 0; //LPWSTR pwszContainer = TEST_CONTAINER;
PTESTCASE ptc = &(pCSPInfo->TestCase);
//
// Group 1D
//
//
// Do CryptReleaseContext positive test cases
//
LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
if (! CryptContextAddRef(hProv, NULL, 0)) { LOG_TRY(LogApiFailure( API_CRYPTCONTEXTADDREF, ERROR_API_FAILED, ptc)); //LOG_TRY(LogWin32Fail(ptc->dwErrorLevel, ptc->dwTestCaseID));
}
LOG_TRY(TRelease(hProv, 0, ptc));
LOG_TRY(TRelease(hProv, 0, ptc));
fSuccess = TRUE;Cleanup:
return fSuccess;}
//
// Function: NegativeReleaseContextTests
// Purpose: Run the negative test cases for CryptReleaseContext
//
BOOL NegativeReleaseContextTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; HCRYPTPROV hProv = 0; //LPWSTR pwszContainer = TEST_CONTAINER;
PTESTCASE ptc = &(pCSPInfo->TestCase);
//
// Group 1D
//
//
// Do CryptReleaseContext negative test cases
//
ptc->fTestingReleaseContext = TRUE;
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TRelease(0, 0, ptc));
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TRelease(TEST_INVALID_HANDLE, 0, ptc));
LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
ptc->dwErrorCode = NTE_BAD_FLAGS; LOG_TRY(TRelease(hProv, 1, ptc));
fSuccess = TRUE;Cleanup:
ptc->fTestingReleaseContext = FALSE;
return fSuccess;}
//
// Function: PositiveGenRandomTests
// Purpose: Run the test cases for CryptGenRandom
//
BOOL PositiveGenRandomTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; //LPWSTR pwszContainer = TEST_CONTAINER;
HCRYPTPROV hProv = 0; DWORD cb = GENRANDOM_BYTE_COUNT; BYTE rgBuffer[GENRANDOM_BYTE_COUNT];
PTESTCASE ptc = &(pCSPInfo->TestCase);
//
// Group 2A
//
//
// Do CryptGenRandom positive test cases
//
LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
LOG_TRY(TGenRand(hProv, cb, rgBuffer, ptc));
fSuccess = TRUE;Cleanup:
if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: NegativeGenRandomTests
// Purpose: Run the negative test cases for CryptGenRandom
//
BOOL NegativeGenRandomTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; //LPWSTR pwszContainer = TEST_CONTAINER;
HCRYPTPROV hProv = 0; //DWORD dw = 0;
PBYTE pb = NULL; PTESTCASE ptc = &(pCSPInfo->TestCase);
//
// Group 2A
//
//
// Do CryptGenRandom negative test cases
//
LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
ptc->dwErrorCode = ERROR_INVALID_PARAMETER; LOG_TRY(TGenRand(hProv, 1, NULL, ptc));
LOG_TRY(TestAlloc(&pb, GENRANDOM_BYTE_COUNT, ptc));
ptc->dwErrorCode = ERROR_INVALID_PARAMETER; LOG_TRY(TGenRand(hProv, 2 * GENRANDOM_BYTE_COUNT, pb, ptc));
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TGenRand(0, GENRANDOM_BYTE_COUNT, pb, ptc));
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TGenRand(TEST_INVALID_HANDLE, GENRANDOM_BYTE_COUNT, pb, ptc));
fSuccess = TRUE;Cleanup:
if (hProv) { TRelease(hProv, 0, ptc); } if (pb) { free(pb); }
return fSuccess;}
//
// Function: TestCreateHashProc
// Purpose: This function verifies that CryptCreateHash is successful
// for the hash algorithm specified in the pAlgNode parameter.
//
// For known MAC algorithms (ALG_SID_MAC and ALG_SIG_HMAC), a block
// cipher key (provided via pvTestCreateHashInfo) is provided when creating
// the hash handle.
//
// For other, non-keyed, hash algorithms, the cipher key will not
// be used.
//
BOOL TestCreateHashProc( PALGNODE pAlgNode, PTESTCASE ptc, PVOID pvTestCreateHashInfo){ BOOL fSuccess = FALSE; HCRYPTHASH hHash = 0; DWORD dwSavedErrorLevel = ptc->dwErrorLevel; PTEST_CREATE_HASH_INFO pTestCreateHashInfo = (PTEST_CREATE_HASH_INFO) pvTestCreateHashInfo;
if (pAlgNode->fIsRequiredAlg) { ptc->dwErrorLevel = CSP_ERROR_CONTINUE; } else { ptc->dwErrorLevel = CSP_ERROR_WARNING; }
if (MacAlgFilter(pAlgNode)) { LOG_TRY(TCreateHash( pTestCreateHashInfo->hProv, pAlgNode->ProvEnumalgsEx.aiAlgid, pTestCreateHashInfo->hBlockCipherKey, 0, &hHash, ptc)); } else { LOG_TRY(TCreateHash( pTestCreateHashInfo->hProv, pAlgNode->ProvEnumalgsEx.aiAlgid, 0, 0, &hHash, ptc)); } fSuccess = TRUE;Cleanup:
ptc->dwErrorLevel = dwSavedErrorLevel;
if (hHash) { TDestroyHash(hHash, ptc); }
return fSuccess;}
//
// Function: PositiveCreateHashTests
// Purpose: Run the test cases for CryptCreateHash based on the CSP class being tested
// as specified in the dwCSPClass parameter.
//
BOOL PositiveCreateHashTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; PTESTCASE ptc = &(pCSPInfo->TestCase); TEST_CREATE_HASH_INFO TestCreateHashInfo;
memset(&TestCreateHashInfo, 0, sizeof(TestCreateHashInfo)); LOG_TRY(CreateNewContext( &(TestCreateHashInfo.hProv), NULL, CRYPT_VERIFYCONTEXT, ptc));
//
// Create an RC2 key for testing keyed-hashes (MAC). RC2 is a required algorithm,
// but if this fails, and the CSP does support one or more MAC algs, the creation
// of the MAC hash handles (see TestCreateHashProc) may fail as well.
//
/*
LOG_TRY(CreateNewKey( TestCreateHashInfo.hProv, CALG_RC2, 0, &(TestCreateHashInfo.hBlockCipherKey), ptc)); */
//
// Group 3A
//
//
// Do CryptCreateHash positive test cases
//
//
// Iterate through the ENUMALGS_EX structs stored in the ALGNODE list.
// Create a hash of each type supported by this CSP.
//
LOG_TRY(AlgListIterate( pCSPInfo->pAlgList, HashAlgFilter, TestCreateHashProc, (PVOID) &TestCreateHashInfo, ptc));
// This test case set probably doesn't belong here, since
// symmetric keys haven't been tested at this point.
/*
LOG_TRY(AlgListIterate( pCSPInfo->pAlgList, MacAlgFilter, TestCreateHashProc, (PVOID) &TestCreateHashInfo, ptc)); */
fSuccess = TRUE;
Cleanup: if (TestCreateHashInfo.hBlockCipherKey) { TDestroyKey(TestCreateHashInfo.hBlockCipherKey, ptc); } if (TestCreateHashInfo.hProv) { TRelease(TestCreateHashInfo.hProv, 0, ptc); }
return fSuccess;}
//
// Function: NegativeCreateHashTests
// Purpose: Run the test cases for CryptCreateHash based on the CSP class being tested
// as specified in the dwCSPClass parameter.
//
BOOL NegativeCreateHashTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; HCRYPTPROV hProv = 0; HCRYPTHASH hHash = 0; HCRYPTKEY hKey = 0; //LPWSTR pwszContainer = TEST_CONTAINER;
PTESTCASE ptc = &(pCSPInfo->TestCase);
//
// Group 3A
//
//
// Do CryptGenRandom negative test cases
//
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TCreateHash(0, CALG_SHA1, 0, 0, &hHash, ptc));
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TCreateHash(TEST_INVALID_HANDLE, CALG_SHA1, 0, 0, &hHash, ptc));
LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
ptc->dwErrorCode = NTE_BAD_FLAGS; LOG_TRY(TCreateHash(hProv, CALG_SHA1, 0, TEST_INVALID_FLAG, &hHash, ptc)); ptc->dwErrorCode = NTE_BAD_KEY; LOG_TRY(TCreateHash(hProv, CALG_HMAC, 0, 0, &hHash, ptc));
// HMAC requires a block cipher, so use a stream cipher and expect failure
LOG_TRY(CreateNewKey(hProv, CALG_RC4, 0, &hKey, ptc));
ptc->pwszErrorHelp = L"CryptCreateHash CALG_HMAC should fail when not using a block cipher key"; ptc->KnownErrorID = KNOWN_CRYPTCREATEHASH_BADKEY; ptc->dwErrorCode = NTE_BAD_KEY; LOG_TRY(TCreateHash(hProv, CALG_HMAC, hKey, 0, &hHash, ptc)); ptc->pwszErrorHelp = NULL; ptc->KnownErrorID = KNOWN_ERROR_UNKNOWN;
ptc->dwErrorCode = ERROR_INVALID_PARAMETER; LOG_TRY(TCreateHash(hProv, CALG_SHA1, 0, 0, NULL, ptc));
ptc->dwErrorCode = NTE_BAD_ALGID; LOG_TRY(TCreateHash(hProv, CALG_RC4, 0, 0, &hHash, ptc));
fSuccess = TRUE;
Cleanup:
if (hKey) { TDestroyKey(hKey, ptc); } if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: PositiveDestroyHashTests
// Purpose: Run the test cases for CryptDestroyHash
//
BOOL PositiveDestroyHashTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; //LPWSTR pwszContainer = TEST_CONTAINER;
HCRYPTPROV hProv = 0; HCRYPTHASH hHash = 0; PTESTCASE ptc = &(pCSPInfo->TestCase); //
// Group 3B
//
//
// Do CryptDestroyHash positive test cases
//
LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
LOG_TRY(CreateNewHash(hProv, CALG_SHA1, &hHash, ptc));
LOG_TRY(TDestroyHash(hHash, ptc)); hHash = 0;
fSuccess = TRUE;
Cleanup: if (hHash) { TDestroyHash(hHash, ptc); } if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: NegativeDestroyHashTests
// Purpose: Run the test cases for CryptDestroyHash
//
BOOL NegativeDestroyHashTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; //LPWSTR pwszContainer = TEST_CONTAINER;
HCRYPTPROV hProv = 0; HCRYPTHASH hHash = 0; PTESTCASE ptc = &(pCSPInfo->TestCase);
//
// Group 3B
//
//
// Do CryptDestroyHash negative test cases
//
ptc->fTestingDestroyHash = TRUE;
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TDestroyHash(0, ptc));
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TDestroyHash(TEST_INVALID_HANDLE, ptc));
LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
LOG_TRY(CreateNewHash(hProv, CALG_SHA1, &hHash, ptc));
/*
LOG_TRY(TRelease(hProv, 0, ptc)); hProv = 0;
// Provider handle used to create hHash is now invalid
ptc->dwErrorCode = NTE_BAD_UID; LOG_TRY(TDestroyHash(hHash, ptc)); */
fSuccess = TRUE;
Cleanup:
ptc->fTestingDestroyHash = FALSE;
if (hHash) { TDestroyHash(hHash, ptc); } if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: PositiveGetHashParamTests
// Purpose: Run the test cases for CryptGetHashParam
//
BOOL PositiveGetHashParamTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; //LPWSTR pwszContainer = TEST_CONTAINER;
HCRYPTPROV hProv = 0; HCRYPTHASH hHash = 0; DWORD dwData = 0; DWORD cbData = 0; PBYTE pbData = 0; PTESTCASE ptc = &(pCSPInfo->TestCase); LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
//
// Group 3D
//
//
// Do CryptGetHashParam positive test cases
//
//
// Test HP_ALGID
//
LOG_TRY(CreateNewHash(hProv, CALG_SHA1, &hHash, ptc));
cbData = sizeof(dwData); LOG_TRY(TGetHash( hHash, HP_ALGID, (PBYTE) &dwData, &cbData, 0, ptc));
if (CALG_SHA1 != dwData) { ptc->pwszErrorHelp = L"CryptGetHashParam HP_ALGID returned incorrect ALG_ID"; LOG_TRY(LogApiFailure( API_CRYPTGETHASHPARAM, ERROR_BAD_DATA, ptc)); ptc->pwszErrorHelp = NULL; }
//
// Test HP_HASHSIZE
//
cbData = sizeof(dwData); LOG_TRY(TGetHash( hHash, HP_HASHSIZE, (PBYTE) &dwData, &cbData, 0, ptc));
if (HASH_LENGTH_SHA1 != dwData) { ptc->pwszErrorHelp = L"CryptGetHashParam HP_HASHSIZE returned incorrect length"; LOG_TRY(LogApiFailure( API_CRYPTGETHASHPARAM, ERROR_WRONG_SIZE, ptc)); ptc->pwszErrorHelp = NULL; }
//
// Test HP_HASHVAL
//
cbData = HASH_LENGTH_SHA1; LOG_TRY(TestAlloc(&pbData, cbData, ptc));
LOG_TRY(TGetHash( hHash, HP_HASHVAL, pbData, &cbData, 0, ptc));
fSuccess = TRUE;
Cleanup: if (hHash) { TDestroyHash(hHash, ptc); } if (hProv) { TRelease(hProv, 0, ptc); } if (pbData) { free(pbData); }
return fSuccess;}
//
// Function: NegativeGetHashParamTests
// Purpose: Run the negative test cases for CryptGetHashParam
//
BOOL NegativeGetHashParamTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; //LPWSTR pwszContainer = TEST_CONTAINER;
HCRYPTPROV hProv = 0; HCRYPTHASH hHash = 0; DWORD dw = 0; DWORD cb = 0; PTESTCASE ptc = &(pCSPInfo->TestCase); //
// Group 3D
//
//
// Do CryptGetHashParam negative test cases
//
cb = sizeof(dw); ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TGetHash(0, HP_HASHSIZE, (PBYTE) &dw, &cb, 0, ptc));
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TGetHash(TEST_INVALID_HANDLE, HP_HASHSIZE, (PBYTE) &dw, &cb, 0, ptc));
LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
LOG_TRY(CreateNewHash(hProv, CALG_SHA1, &hHash, ptc));
ptc->dwErrorCode = ERROR_INVALID_PARAMETER; LOG_TRY(TGetHash(hHash, HP_HASHSIZE, (PBYTE) &dw, NULL, 0, ptc));
//
// This corrupts memory since it doesn't immediately AV
//
/*
cb = HASH_LENGTH_SHA1; ptc->dwErrorCode = ERROR_INVALID_PARAMETER; LOG_TRY(TGetHash(hHash, HP_HASHVAL, (PBYTE) &dw, &cb, 0, ptc)); */
cb = HASH_LENGTH_SHA1 - 1; ptc->dwErrorCode = ERROR_MORE_DATA; LOG_TRY(TGetHash(hHash, HP_HASHVAL, (PBYTE) &dw, &cb, 0, ptc));
cb = sizeof(dw); ptc->dwErrorCode = NTE_BAD_FLAGS; LOG_TRY(TGetHash(hHash, HP_HASHSIZE, (PBYTE) &dw, &cb, TEST_INVALID_FLAG, ptc));
ptc->dwErrorCode = NTE_BAD_TYPE; LOG_TRY(TGetHash(hHash, TEST_INVALID_FLAG, (PBYTE) &dw, &cb, 0, ptc));
/*
LOG_TRY(TRelease(hProv, 0, ptc)); hProv = 0;
// Provider handle used to create hHash is now invalid
ptc->dwErrorCode = NTE_BAD_UID; LOG_TRY(TGetHash(hHash, HP_HASHSIZE, (PBYTE) &dw, &cb, 0, ptc)); */
fSuccess = TRUE;
Cleanup:
if (hHash) { TDestroyHash(hHash, ptc); } if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: TestMacDataWithKeyProc
// Purpose: This function tests MAC functionality. First, a session key
// is created of the block-cipher algorithm indicated in pAlgNode.
// Then a keyed hash is created using that key and the hash algorithm
// specified in pvTestHashDataInfo.
//
// After the base data (in pvTestHashDataInfo) is hashed, the result is
// passed to CheckHashedData to verify that the same result is attained
// with a second, separate CSP.
//
BOOL TestMacDataWithKeyProc( PALGNODE pAlgNode, PTESTCASE ptc, PVOID pvTestHashDataInfo){ BOOL fSuccess = FALSE; PTEST_HASH_DATA_INFO pTestHashDataInfo = (PTEST_HASH_DATA_INFO) pvTestHashDataInfo; HCRYPTHASH hHash = 0; HCRYPTKEY hKey = 0; HASH_INFO HashInfo; TEST_MAC_INFO MacInfo;
memset(&HashInfo, 0, sizeof(HashInfo)); memset(&MacInfo, 0, sizeof(MacInfo));
HashInfo.aiHash = pTestHashDataInfo->aiMac; HashInfo.dbBaseData.cbData = pTestHashDataInfo->dbBaseData.cbData; HashInfo.dbBaseData.pbData = pTestHashDataInfo->dbBaseData.pbData;
LOG_TRY(TGenKey( pTestHashDataInfo->hProv, pAlgNode->ProvEnumalgsEx.aiAlgid, CRYPT_EXPORTABLE, &hKey, ptc));
LOG_TRY(ExportPlaintextSessionKey( hKey, pTestHashDataInfo->hProv, &(MacInfo.dbKey), ptc));
memcpy(&(MacInfo.HmacInfo), &(pTestHashDataInfo->HmacInfo), sizeof(HMAC_INFO));
LOG_TRY(CreateHashAndAddData( pTestHashDataInfo->hProv, &hHash, &HashInfo, ptc, hKey, &(MacInfo.HmacInfo))); LOG_TRY(TGetHash( hHash, HP_HASHVAL, NULL, &(HashInfo.dbHashValue.cbData), 0, ptc)); LOG_TRY(TestAlloc( &(HashInfo.dbHashValue.pbData), HashInfo.dbHashValue.cbData, ptc)); LOG_TRY(TGetHash( hHash, HP_HASHVAL, HashInfo.dbHashValue.pbData, &(HashInfo.dbHashValue.cbData), 0, ptc)); LOG_TRY(CheckHashedData( &HashInfo, pTestHashDataInfo->hInteropProv, ptc, &MacInfo));
fSuccess = TRUE;Cleanup:
if (MacInfo.dbKey.pbData) { free(MacInfo.dbKey.pbData); } if (HashInfo.dbHashValue.pbData) { free(HashInfo.dbHashValue.pbData); } if (hHash) { TDestroyHash(hHash, ptc); } if (hKey) { TDestroyKey(hKey, ptc); }
return fSuccess;}
//
// Function: TestMacDataProc
//
BOOL TestMacDataProc( PALGNODE pAlgNode, PTESTCASE ptc, PVOID pvTestHashDataInfo){ //
// Because of the filter used before calling this function,
// we know that pAlgNode contains a ProvEnumalgsEx structure that
// corresponds to a MAC'ing algorithm. Save the ALG_ID for the current
// MAC algorithm and pass it through to the TestMacDataWithKeyProc, which
// will do the real work of creating the keyed hash.
//
((PTEST_HASH_DATA_INFO) pvTestHashDataInfo)->aiMac = pAlgNode->ProvEnumalgsEx.aiAlgid;
return AlgListIterate( ((PTEST_HASH_DATA_INFO) pvTestHashDataInfo)->pAlgList, BlockCipherFilter, TestMacDataWithKeyProc, pvTestHashDataInfo, ptc);}
//
// Function: TestHashDataProc
//
BOOL TestHashDataProc( PALGNODE pAlgNode, PTESTCASE ptc, PVOID pvTestHashDataInfo){ HCRYPTHASH hHash = 0; BOOL fSuccess = FALSE; DWORD dwSavedErrorLevel = ptc->dwErrorLevel; HASH_INFO HashInfo; PTEST_HASH_DATA_INFO pTestHashDataInfo = (PTEST_HASH_DATA_INFO) pvTestHashDataInfo; memset(&HashInfo, 0, sizeof(HashInfo)); if (! pAlgNode->fIsRequiredAlg) { ptc->dwErrorLevel = CSP_ERROR_WARNING; } HashInfo.aiHash = pAlgNode->ProvEnumalgsEx.aiAlgid; HashInfo.dbBaseData.cbData = pTestHashDataInfo->dbBaseData.cbData; HashInfo.dbBaseData.pbData = pTestHashDataInfo->dbBaseData.pbData; //
// Call CreateHashAndAddData with the required parameters
// for a non-keyed hash alg.
//
LOG_TRY(CreateHashAndAddData( pTestHashDataInfo->hProv, &hHash, &HashInfo, ptc, 0, NULL)); LOG_TRY(TGetHash( hHash, HP_HASHVAL, NULL, &(HashInfo.dbHashValue.cbData), 0, ptc)); LOG_TRY(TestAlloc( &(HashInfo.dbHashValue.pbData), HashInfo.dbHashValue.cbData, ptc)); LOG_TRY(TGetHash( hHash, HP_HASHVAL, HashInfo.dbHashValue.pbData, &(HashInfo.dbHashValue.cbData), 0, ptc)); //
// Call CheckHashedData with the required information
// for a non-keyed hash.
//
LOG_TRY(CheckHashedData( &HashInfo, pTestHashDataInfo->hInteropProv, ptc, NULL)); fSuccess = TRUE;Cleanup: ptc->dwErrorLevel = dwSavedErrorLevel;
if (HashInfo.dbHashValue.pbData) { free(HashInfo.dbHashValue.pbData); } if (hHash) { TDestroyHash(hHash, ptc); }
return fSuccess;}
//
// Function: InteropHashDataTests
// Purpose: Run the interop test scenarios for CryptHashData
//
BOOL InteropHashDataTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; //LPWSTR pwszContainer = TEST_CONTAINER;
PTESTCASE ptc = &(pCSPInfo->TestCase); PALGNODE pAlgList = pCSPInfo->pAlgList; TEST_HASH_DATA_INFO TestHashDataInfo;
memset(&TestHashDataInfo, 0, sizeof(TestHashDataInfo)); LOG_TRY(CreateNewContext( &(TestHashDataInfo.hProv), NULL, CRYPT_VERIFYCONTEXT, ptc));
LOG_TRY(CreateNewInteropContext( &(TestHashDataInfo.hInteropProv), NULL, CRYPT_VERIFYCONTEXT, ptc)); //
// Initialize the test data to be hashed
//
TestHashDataInfo.dbBaseData.cbData = wcslen(TEST_HASH_DATA) * sizeof(WCHAR); LOG_TRY(TestAlloc( &(TestHashDataInfo.dbBaseData.pbData), TestHashDataInfo.dbBaseData.cbData, ptc)); memcpy( TestHashDataInfo.dbBaseData.pbData, TEST_HASH_DATA, TestHashDataInfo.dbBaseData.cbData); //
// Non-keyed Hashes
//
// Iterate through the ENUMALGS_EX structs stored in the ALGNODE list.
// Create a hash of each type supported by this CSP.
//
LOG_TRY(AlgListIterate( pAlgList, HashAlgFilter, TestHashDataProc, (PVOID) (&TestHashDataInfo), ptc)); //
// Keyed Hashes
//
// TODO: Currently using SHA1 as the only HMAC test case. Is
// there a problem with that? The alternative would be
// to make the below AlgListIterate loop longer.
//
TestHashDataInfo.HmacInfo.HashAlgid = CALG_SHA1; //
// Iterate through all required hash algorithms and all
// required block cipher algorithms.
//
TestHashDataInfo.pAlgList = pCSPInfo->pAlgList; LOG_TRY(AlgListIterate( pAlgList, MacAlgFilter, TestMacDataProc, (PVOID) (&TestHashDataInfo), ptc));
fSuccess = TRUE;Cleanup:
if (TestHashDataInfo.hProv) { TRelease(TestHashDataInfo.hProv, 0, ptc); } if (TestHashDataInfo.dbBaseData.pbData) { free(TestHashDataInfo.dbBaseData.pbData); } if (TestHashDataInfo.hInteropProv) { TRelease(TestHashDataInfo.hInteropProv, 0, ptc); }
return fSuccess;}
//
// Function: PositiveHashDataTests
// Purpose: Run the test cases for CryptHashData
//
BOOL PositiveHashDataTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; //LPWSTR pwszContainer = TEST_CONTAINER;
HCRYPTHASH hHash = 0; HCRYPTPROV hProv = 0; DWORD cb = 0; PTESTCASE ptc = &(pCSPInfo->TestCase); BYTE rgbHashSha[HASH_LENGTH_SHA1]; BYTE rgbHashMD5[HASH_LENGTH_MD5];
memset(rgbHashSha, 0, HASH_LENGTH_SHA1); memset(rgbHashMD5, 0, HASH_LENGTH_MD5); LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
LOG_TRY(CreateNewHash(hProv, CALG_SHA1, &hHash, ptc));
LOG_TRY(THashData(hHash, KNOWN_HASH_DATA, KNOWN_HASH_DATALEN, 0, ptc));
cb = HASH_LENGTH_SHA1; LOG_TRY(TGetHash(hHash, HP_HASHVAL, rgbHashSha, &cb, 0, ptc));
if (0 != memcmp(rgbHashSha, g_rgbKnownSHA1, HASH_LENGTH_SHA1)) { LOG_TRY(LogBadParam( API_CRYPTHASHDATA, L"Incorrect SHA1 hash value", ptc)); }
LOG_TRY(TDestroyHash(hHash, ptc)); hHash = 0;
LOG_TRY(CreateNewHash(hProv, CALG_MD5, &hHash, ptc));
LOG_TRY(THashData(hHash, KNOWN_HASH_DATA, KNOWN_HASH_DATALEN, 0, ptc));
cb = HASH_LENGTH_MD5; LOG_TRY(TGetHash(hHash, HP_HASHVAL, rgbHashMD5, &cb, 0, ptc));
if (0 != memcmp(rgbHashMD5, g_rgbKnownMD5, HASH_LENGTH_MD5)) { LOG_TRY(LogBadParam( API_CRYPTHASHDATA, L"Incorrect MD5 hash value", ptc)); }
LOG_TRY(TDestroyHash(hHash, ptc)); hHash = 0;
fSuccess = TRUE;Cleanup:
if (hHash) { TDestroyHash(hHash, ptc); } if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: NegativeHashDataTests
// Purpose: Run the negative test cases for CryptHashData
//
BOOL NegativeHashDataTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; //LPWSTR pwszContainer = TEST_CONTAINER;
HCRYPTPROV hProv = 0; HCRYPTHASH hHash = 0; PBYTE pb = NULL; DWORD cb = 0; PTESTCASE ptc = &(pCSPInfo->TestCase); DWORD dwSavedErrorLevel = 0; //
// Group 3E
//
//
// Do CryptHashData negative test cases
//
pb = (PBYTE) TEST_HASH_DATA;
// Not hashing terminating Null
cb = wcslen(TEST_HASH_DATA) * sizeof(WCHAR);
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(THashData(0, pb, cb, 0, ptc));
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(THashData(TEST_INVALID_HANDLE, pb, cb, 0, ptc));
LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
LOG_TRY(CreateNewHash(hProv, CALG_SHA1, &hHash, ptc));
ptc->dwErrorCode = NTE_BAD_DATA; LOG_TRY(THashData(hHash, NULL, cb, 0, ptc));
//
// 7/25/00 -- leaving this test case out, since the current
// behavior seems friendlier.
//
/*
ptc->dwErrorCode = NTE_BAD_LEN; LOG_TRY(THashData(hHash, pb, 0, 0, ptc)); */
ptc->dwErrorCode = NTE_BAD_FLAGS; LOG_TRY(THashData(hHash, pb, cb, TEST_INVALID_FLAG, ptc));
// For CSP's that support CRYPT_USERDATA, cbData must be zero, or error
dwSavedErrorLevel = ptc->dwErrorLevel; ptc->dwErrorLevel = CSP_ERROR_WARNING; ptc->pwszErrorHelp = L"CryptHashData CRYPT_USERDATA should fail when dwDataLen is not zero (optional)"; ptc->dwErrorCode = NTE_BAD_LEN; LOG_TRY(THashData(hHash, pb, 1, CRYPT_USERDATA, ptc)); ptc->dwErrorLevel = dwSavedErrorLevel; ptc->pwszErrorHelp = NULL;
/*
LOG_TRY(TRelease(hProv, 0, ptc)); hProv = 0;
// Provider handle used to create hHash is now invalid
ptc->dwErrorCode = NTE_BAD_UID; LOG_TRY(THashData(hHash, pb, cb, 0, ptc)); */
fSuccess = TRUE;Cleanup:
if (hHash) { TDestroyHash(hHash, ptc); } if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: PositiveSetHashParamTests
// Purpose: Run the test cases for CryptSetHashParam
//
BOOL PositiveSetHashParamTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; //LPWSTR pwszContainer = TEST_CONTAINER;
HCRYPTPROV hProv = 0; HCRYPTHASH hHash = 0; BYTE rgHashVal[HASH_LENGTH_SHA1]; PTESTCASE ptc = &(pCSPInfo->TestCase);
memset(rgHashVal, 0, sizeof(rgHashVal)); LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
LOG_TRY(CreateNewHash(hProv, CALG_SHA1, &hHash, ptc));
//
// Group 3F
//
//
// Do CryptSetHashParam positive test cases
//
//
// Skip testing HP_HMAC_INFO here. It's only an interesting test
// if the CSP supports a MAC alg. This is already covered in the
// CryptHashData tests.
//
//
// Test HP_HASHVAL
//
LOG_TRY(TSetHash( hHash, HP_HASHVAL, rgHashVal, 0, ptc));
fSuccess = TRUE;
Cleanup:
if (hHash) { TDestroyHash(hHash, ptc); } if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: NegativeSetHashParamTests
// Purpose: Run the negative test cases for CryptSetHashParam
//
BOOL NegativeSetHashParamTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; LPWSTR pwszContainer = TEST_CONTAINER; HCRYPTPROV hProv = 0; HCRYPTHASH hHash = 0; DWORD dw = 0; //DWORD cb = 0;
BYTE rgHashVal[HASH_LENGTH_SHA1]; PTESTCASE ptc = &(pCSPInfo->TestCase); memset(rgHashVal, 0, sizeof(rgHashVal)); //
// Group 3F
//
//
// Do CryptSetHashParam negative test cases
//
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TSetHash(0, HP_HASHVAL, rgHashVal, 0, ptc));
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TSetHash(TEST_INVALID_HANDLE, HP_HASHVAL, rgHashVal, 0, ptc));
LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
LOG_TRY(CreateNewHash(hProv, CALG_SHA1, &hHash, ptc)); ptc->dwErrorCode = ERROR_INVALID_PARAMETER; LOG_TRY(TSetHash(hHash, HP_HASHVAL, NULL, 0, ptc));
// Hash value buffer is too short
/*
ptc->dwErrorCode = ERROR_INVALID_PARAMETER; LOG_TRY(TSetHash(hHash, HP_HASHVAL, (PBYTE) &dw, 0, ptc)); */
ptc->dwErrorCode = ERROR_INVALID_PARAMETER; LOG_TRY(TSetHash(hHash, HP_HASHVAL, (PBYTE) TEST_INVALID_POINTER, 0, ptc));
ptc->dwErrorCode = NTE_BAD_TYPE; LOG_TRY(TSetHash(hHash, HP_HMAC_INFO, (PBYTE) &dw, 0, ptc));
ptc->dwErrorCode = NTE_BAD_FLAGS; LOG_TRY(TSetHash(hHash, HP_HASHVAL, rgHashVal, TEST_INVALID_FLAG, ptc));
ptc->dwErrorCode = NTE_BAD_TYPE; LOG_TRY(TSetHash(hHash, TEST_INVALID_FLAG, rgHashVal, 0, ptc));
/*
LOG_TRY(TRelease(hProv, 0, ptc)); hProv = 0;
// Provider handle used to create hHash is now invalid
ptc->dwErrorCode = NTE_BAD_UID; LOG_TRY(TSetHash(hHash, HP_HASHVAL, rgHashVal, 0, ptc)); */
fSuccess = TRUE;
Cleanup:
if (hHash) { TDestroyHash(hHash, ptc); } if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: TestDecryptProc
//
BOOL TestDecryptProc( PALGNODE pAlgNode, PTESTCASE ptc, PVOID pvTestDecryptInfo){ BOOL fSuccess = FALSE; PTEST_DECRYPT_INFO pTestDecryptInfo = (PTEST_DECRYPT_INFO) pvTestDecryptInfo; TEST_ENCRYPT_INFO TestEncryptInfo; memset(&TestEncryptInfo, 0, sizeof(TestEncryptInfo));
//
// TODO: There are a lot more permutations possible when calling
// ProcessCipherData.
//
// 1) Modulate key sizes
// 2) Switch cipher modes
// 3) Use salt
// 4) Use IV's
//
TestEncryptInfo.aiKeyAlg = pAlgNode->ProvEnumalgsEx.aiAlgid; TestEncryptInfo.dwKeySize = pAlgNode->ProvEnumalgsEx.dwMaxLen; TestEncryptInfo.Operation = pTestDecryptInfo->fDecrypt ? OP_Decrypt : OP_Encrypt;
LOG_TRY(ProcessCipherData( pTestDecryptInfo->hProv, &TestEncryptInfo, ptc));
LOG_TRY(VerifyCipherData( pTestDecryptInfo->hInteropProv, &TestEncryptInfo, ptc));
fSuccess = TRUE;Cleanup:
return fSuccess;}
//
// Function: ScenarioDecryptTests
// Purpose: Run decrypt/encryption scenarios for this CSP
//
BOOL ScenarioDecryptTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; LPWSTR pwszContainer = TEST_CONTAINER; LPWSTR pwszContainer2 = TEST_CONTAINER_2; PTESTCASE ptc = &(pCSPInfo->TestCase); TEST_DECRYPT_INFO TestDecryptInfo; memset(&TestDecryptInfo, 0, sizeof(TestDecryptInfo)); LOG_TRY(CreateNewContext( &(TestDecryptInfo.hProv), pwszContainer, CRYPT_NEWKEYSET, ptc)); LOG_TRY(CreateNewContext( &(TestDecryptInfo.hInteropProv), pwszContainer2, CRYPT_NEWKEYSET, ptc));
LOG_TRY(AlgListIterate( pCSPInfo->pAlgList, DataEncryptFilter, TestDecryptProc, (PVOID) (&TestDecryptInfo), ptc)); fSuccess = TRUE;
Cleanup:
if (TestDecryptInfo.hProv) { TRelease(TestDecryptInfo.hProv, 0, ptc); } if (TestDecryptInfo.hInteropProv) { TRelease(TestDecryptInfo.hInteropProv, 0, ptc); }
return fSuccess;}
//
// Function: InteropDecryptTests
// Purpose: Run decrypt/encryption interop scenarios for this
// and a second CSP.
//
BOOL InteropDecryptTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; LPWSTR pwszContainer = TEST_CONTAINER; LPWSTR pwszInteropContainer = TEST_CONTAINER_2; PTESTCASE ptc = &(pCSPInfo->TestCase); TEST_DECRYPT_INFO TestDecryptInfo; memset(&TestDecryptInfo, 0, sizeof(TestDecryptInfo)); LOG_TRY(CreateNewContext( &(TestDecryptInfo.hProv), pwszContainer, CRYPT_NEWKEYSET, ptc)); LOG_TRY(CreateNewInteropContext( &(TestDecryptInfo.hInteropProv), pwszInteropContainer, CRYPT_NEWKEYSET, ptc));
LOG_TRY(AlgListIterate( pCSPInfo->pAlgList, DataEncryptFilter, TestDecryptProc, (PVOID) (&TestDecryptInfo), ptc));
fSuccess = TRUE;
Cleanup:
if (TestDecryptInfo.hProv) { TRelease(TestDecryptInfo.hProv, 0, ptc); } if (TestDecryptInfo.hInteropProv) { TRelease(TestDecryptInfo.hInteropProv, 0, ptc); }
return fSuccess;}
//
// RSA Key-exchange private key blob. Used
// by PositiveDecryptTests, below.
//
BYTE g_rgbRSAPrivateKeyXBlob [] ={0x07, 0x02, 0x00, 0x00, 0x00, 0xa4, 0x00, 0x00,0x52, 0x53, 0x41, 0x32, 0x00, 0x02, 0x00, 0x00,0x01, 0x00, 0x01, 0x00, 0x13, 0x98, 0xf3, 0x0d,0x08, 0x86, 0x14, 0x94, 0xc8, 0x7b, 0x29, 0x71,0xa4, 0x5f, 0xdf, 0xf4, 0xf4, 0x8f, 0x29, 0x00,0x07, 0xfa, 0xb0, 0x39, 0xe2, 0x36, 0x09, 0x7e,0xff, 0x89, 0xea, 0xb9, 0xac, 0xcd, 0xdd, 0xc6,0xce, 0x14, 0x21, 0x42, 0x85, 0x93, 0x7a, 0x63,0x79, 0xdc, 0x21, 0xf3, 0x8c, 0x42, 0x5e, 0xdb,0xe1, 0x72, 0x42, 0x81, 0xdb, 0xc6, 0xc9, 0x1e,0xd5, 0x45, 0x2a, 0xb9, 0x91, 0x0a, 0xaa, 0x2c,0x9f, 0x41, 0xde, 0x0e, 0x31, 0x0a, 0xee, 0x17,0x24, 0xb9, 0xe6, 0x61, 0x88, 0x15, 0x69, 0x1e,0x24, 0xea, 0x54, 0x1d, 0xbe, 0xc9, 0x6f, 0x1d,0x74, 0xf8, 0xa7, 0xe4, 0x63, 0x62, 0xc6, 0x44,0x2e, 0xfa, 0x19, 0x89, 0xdf, 0x1d, 0x97, 0x70,0x4a, 0x7a, 0xef, 0x92, 0x22, 0xff, 0xcc, 0xae,0x4e, 0x58, 0x77, 0xff, 0x78, 0xcb, 0x03, 0x6e,0xc3, 0xe0, 0x4e, 0xcf, 0x21, 0xdf, 0x91, 0x35,0x3e, 0xf3, 0xa0, 0x92, 0xc5, 0x3f, 0xd9, 0xa1,0x00, 0x1a, 0x3e, 0x72, 0xbe, 0x22, 0x10, 0xe5,0xb3, 0xda, 0xa0, 0x95, 0x45, 0xc7, 0x92, 0x99,0x87, 0xa4, 0x8d, 0x43, 0x55, 0xca, 0xa5, 0x8d,0x80, 0xec, 0xb5, 0xe2, 0x1f, 0xc8, 0x9c, 0x54,0x07, 0xfa, 0x7a, 0x4c, 0xfe, 0xf9, 0x9f, 0xe5,0x2b, 0xb8, 0x85, 0x3c, 0x0f, 0xe9, 0x41, 0xb1,0x74, 0x8f, 0x48, 0x99, 0x7c, 0x70, 0x40, 0x05,0xe1, 0xb2, 0x75, 0x9a, 0xb7, 0x70, 0x40, 0xd2,0x2e, 0xc1, 0xbb, 0xc1, 0x63, 0xbf, 0x5a, 0x59,0x4d, 0xcf, 0xec, 0x05, 0xfb, 0x1d, 0xab, 0x5d,0x45, 0x1c, 0x69, 0x14, 0x21, 0x56, 0x31, 0xd6,0x86, 0x99, 0x32, 0x59, 0xd6, 0x88, 0x53, 0x12,0x54, 0xe3, 0xe5, 0x07, 0x5b, 0xcc, 0x5e, 0xbd,0x83, 0xea, 0x38, 0x56, 0x45, 0x74, 0x39, 0x0b,0x30, 0xf6, 0xe2, 0x56, 0x4d, 0xae, 0x69, 0xf5,0xb4, 0xf6, 0x35, 0x6f, 0xa8, 0x6f, 0x87, 0xb0,0x52, 0x5b, 0x33, 0xea, 0xdc, 0xd8, 0x83, 0xa3,0xec, 0xda, 0x2c, 0xdd, 0xb5, 0x0a, 0xea, 0x15,0x1c, 0x68, 0xaa, 0x8b};
//
// Cipher text encrypted with the g_rgbRSAPrivateKeyXBlob
// above. Used by PositiveDecryptTests.
//
BYTE g_rgbRSACipherText [] ={0xd8, 0x9f, 0xcd, 0xd2, 0x77, 0x45, 0x76, 0x77,0x66, 0x32, 0x4c, 0x88, 0x2d, 0xcf, 0xdc, 0xfd,0xe5, 0x03, 0xfc, 0x4e, 0x65, 0xd1, 0x77, 0xd5,0x90, 0x3d, 0x71, 0x88, 0x1e, 0xff, 0x3b, 0x27,0xff, 0x4c, 0xb9, 0xc5, 0x6b, 0x6b, 0x4d, 0xd9,0x9e, 0x11, 0x88, 0xcb, 0xb8, 0xbb, 0x48, 0xc8,0xc3, 0x7e, 0xb0, 0xd5, 0x0d, 0x1a, 0x2e, 0xed,0x6a, 0x4a, 0x45, 0xb1, 0xdc, 0x6e, 0x65, 0x42};
//
// Function: PositiveDecryptTests
// Purpose: Run the test cases for CryptDecrypt
//
BOOL PositiveDecryptTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; HCRYPTPROV hProv = 0; HCRYPTKEY hKey = 0; LPWSTR pwszContainer = TEST_CONTAINER; PBYTE pbData = NULL; DWORD cbData = 0; //DWORD dw = 0;
PTESTCASE ptc = &(pCSPInfo->TestCase);
LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
//
// Group 4A
//
//
// Do CryptDecrypt positive test cases
//
switch( pCSPInfo->TestCase.dwTestLevel ) { case TEST_LEVEL_KEY: { LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc)); //
// Run some basic decryption tests for a stream cipher
//
LOG_TRY(CreateNewKey(hProv, CALG_RC4, 0, &hKey, ptc)); cbData = wcslen(TEST_DECRYPT_DATA) * sizeof(WCHAR); LOG_TRY(TestAlloc(&pbData, cbData, ptc)); memcpy(pbData, TEST_DECRYPT_DATA, cbData); LOG_TRY(TDecrypt(hKey, 0, TRUE, 0, pbData, &cbData, ptc)); break; } case TEST_LEVEL_CONTAINER: { LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_NEWKEYSET, ptc));
//
// Import a known RSA key-exchange key pair.
//
LOG_TRY(TImportKey( hProv, g_rgbRSAPrivateKeyXBlob, sizeof(g_rgbRSAPrivateKeyXBlob), 0, 0, &hKey, ptc));
cbData = sizeof(g_rgbRSACipherText);
LOG_TRY(TDecrypt( hKey, 0, TRUE, 0, g_rgbRSACipherText, &cbData, ptc)); break; } default: { goto Cleanup; } } fSuccess = TRUE;
Cleanup:
if (hKey) { TDestroyKey(hKey, ptc); } if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: NegativeDecryptTests
// Purpose: Run the negative test cases for CryptDecrypt
//
BOOL NegativeDecryptTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; //LPWSTR pwszContainer = TEST_CONTAINER;
HCRYPTPROV hProv = 0; HCRYPTKEY hKey = 0; DWORD cb = 0; //DWORD dw = 0;
PTESTCASE ptc = &(pCSPInfo->TestCase); DWORD dwSavedErrorLevel = 0; BYTE rgCipherText[TEST_CIPHER_LENGTH_RC4]; BYTE rgRC2CipherText[TEST_RC2_BUFFER_LEN];
memset(rgCipherText, 0, sizeof(rgCipherText)); memset(rgRC2CipherText, 0, sizeof(rgRC2CipherText)); //
// Group 4A
//
//
// Do CryptDecrypt negative test cases
//
cb = sizeof(rgCipherText); ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TDecrypt(0, 0, TRUE, 0, rgCipherText, &cb, ptc));
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TDecrypt(TEST_INVALID_HANDLE, 0, TRUE, 0, rgCipherText, &cb, ptc));
LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
LOG_TRY(CreateNewKey(hProv, CALG_RC4, 0, &hKey, ptc));
ptc->dwErrorCode = ERROR_INVALID_PARAMETER; LOG_TRY(TDecrypt(hKey, 0, TRUE, 0, (PBYTE) TEST_INVALID_POINTER, &cb, ptc));
cb = sizeof(rgCipherText); ptc->dwErrorCode = NTE_BAD_FLAGS; LOG_TRY(TDecrypt(hKey, 0, TRUE, TEST_INVALID_FLAG, rgCipherText, &cb, ptc));
ptc->dwErrorCode = NTE_BAD_HASH; LOG_TRY(TDecrypt(hKey, TEST_INVALID_HANDLE, TRUE, 0, rgCipherText, &cb, ptc));
cb = 0; ptc->dwErrorCode = NTE_BAD_LEN; LOG_TRY(TDecrypt(hKey, 0, TRUE, 0, rgCipherText, &cb, ptc));
ptc->fExpectSuccess = TRUE; cb = sizeof(rgCipherText); LOG_TRY(TDecrypt(hKey, 0, TRUE, 0, rgCipherText, &cb, ptc)); ptc->fExpectSuccess = FALSE;
// This will only fail on no-export CSP's
dwSavedErrorLevel = ptc->dwErrorLevel; ptc->dwErrorLevel = CSP_ERROR_WARNING; ptc->pwszErrorHelp = L"This CSP supports double-decryption"; ptc->dwErrorCode = NTE_DOUBLE_ENCRYPT; LOG_TRY(TDecrypt(hKey, 0, TRUE, 0, rgCipherText, &cb, ptc)); ptc->dwErrorLevel = dwSavedErrorLevel; ptc->pwszErrorHelp = NULL;
//
// Test block cipher issues with an RC2 key
//
LOG_TRY(TDestroyKey(hKey, ptc)); hKey = 0;
LOG_TRY(CreateNewKey(hProv, CALG_RC2, 0, &hKey, ptc));
cb = TEST_RC2_DATA_LEN; ptc->fExpectSuccess = TRUE; LOG_TRY(TEncrypt( hKey, 0, TRUE, 0, rgRC2CipherText, &cb, sizeof(rgRC2CipherText), ptc)); ptc->fExpectSuccess = FALSE;
cb--; ptc->dwErrorCode = NTE_BAD_DATA; LOG_TRY(TDecrypt(hKey, 0, TRUE, 0, rgRC2CipherText, &cb, ptc));
/*
LOG_TRY(TRelease(hProv, 0, ptc)); hProv = 0;
cb = sizeof(rgCipherText); memset(rgCipherText, 0, cb);
ptc->dwErrorCode = NTE_BAD_UID; LOG_TRY(TDecrypt(hKey, 0, TRUE, 0, rgCipherText, &cb, ptc)); */
fSuccess = TRUE;
Cleanup:
if (hKey) { TDestroyKey(hKey, ptc); } if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: TestDeriveKeyProc
//
BOOL TestDeriveKeyProc( PALGNODE pAlgNode, PTESTCASE ptc, PVOID pvTestDeriveKeyInfo){ BOOL fSuccess = FALSE; HCRYPTHASH hHash = 0; HCRYPTKEY hKey = 0; DERIVED_KEY_INFO DerivedKeyInfo; PTEST_DERIVE_KEY_INFO pTestDeriveKeyInfo = (PTEST_DERIVE_KEY_INFO) pvTestDeriveKeyInfo;
memset(&DerivedKeyInfo, 0, sizeof(DerivedKeyInfo));
//
// Initialize base hash information
//
DerivedKeyInfo.HashInfo.aiHash = CALG_SHA1; DerivedKeyInfo.HashInfo.dbBaseData.pbData = (PBYTE) TEST_HASH_DATA; DerivedKeyInfo.HashInfo.dbBaseData.cbData = wcslen(TEST_HASH_DATA) * sizeof(WCHAR);
LOG_TRY(CreateHashAndAddData( pTestDeriveKeyInfo->hProv, &hHash, &(DerivedKeyInfo.HashInfo), ptc, 0, NULL));
// Debugging
/*
DerivedKeyInfo.cbHA = sizeof(DerivedKeyInfo.rgbHashValA); LOG_TRY(CryptGetHashParam(hHash, HP_HASHVAL, DerivedKeyInfo.rgbHashValA, &(DerivedKeyInfo.cbHA), 0)); */
//
// Initialize the key information in DerivedKeyInfo and create the
// derived key.
//
DerivedKeyInfo.aiKey = pAlgNode->ProvEnumalgsEx.aiAlgid; DerivedKeyInfo.dwKeySize = pAlgNode->ProvEnumalgsEx.dwDefaultLen;
LOG_TRY(TDeriveKey( pTestDeriveKeyInfo->hProv, DerivedKeyInfo.aiKey, hHash, CRYPT_EXPORTABLE | (DerivedKeyInfo.dwKeySize) << 16, &hKey, ptc));
// Debug
/*
DerivedKeyInfo.cbCA = 10; LOG_TRY(CryptEncrypt(hKey, 0, TRUE, 0, DerivedKeyInfo.rgbCipherA, &(DerivedKeyInfo.cbCA), sizeof(DerivedKeyInfo.rgbCipherA))); */
//
// Export the derived key in plaintext and verify the resulting key
// against a second CSP.
//
LOG_TRY(ExportPlaintextSessionKey( hKey, pTestDeriveKeyInfo->hProv, &(DerivedKeyInfo.dbKey), ptc));
LOG_TRY(CheckDerivedKey( &DerivedKeyInfo, pTestDeriveKeyInfo->hInteropProv, ptc));
fSuccess = TRUE;
Cleanup:
if (hHash) { TDestroyHash(hHash, ptc); } if (hKey) { TDestroyKey(hKey, ptc); } if (DerivedKeyInfo.HashInfo.dbHashValue.pbData) { free(DerivedKeyInfo.HashInfo.dbHashValue.pbData); } if (DerivedKeyInfo.dbKey.pbData) { free(DerivedKeyInfo.dbKey.pbData); }
return fSuccess;}
//
// Function: InteropDeriveKeyTests
// Purpose: Run TestDeriveKeyProc for each session key algorithm
// supported by this CSP. A second CSP is used to verify
// that the key has been derived correctly.
//
BOOL InteropDeriveKeyTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; //LPWSTR pwszContainer = TEST_CONTAINER;
//LPWSTR pwszInteropContainer = TEST_CONTAINER_2;
PTESTCASE ptc = &(pCSPInfo->TestCase); TEST_DERIVE_KEY_INFO TestDeriveKeyInfo;
memset(&TestDeriveKeyInfo, 0, sizeof(TestDeriveKeyInfo));
LOG_TRY(CreateNewContext( &(TestDeriveKeyInfo.hProv), NULL, CRYPT_VERIFYCONTEXT, ptc));
LOG_TRY(CreateNewInteropContext( &(TestDeriveKeyInfo.hInteropProv), NULL, CRYPT_VERIFYCONTEXT, ptc));
//
// TestDeriveKeyProc will create, export, and verify a derived
// key for each session key algorithm supported by the CSP
// under test. Use of the CRYPT_EXPORTABLE flag is covered
// by that routine.
//
LOG_TRY(AlgListIterate( pCSPInfo->pAlgList, DataEncryptFilter, TestDeriveKeyProc, (PVOID) (&TestDeriveKeyInfo), ptc));
fSuccess = TRUE;
Cleanup:
if (TestDeriveKeyInfo.hProv) { TRelease(TestDeriveKeyInfo.hProv, 0, ptc); } if (TestDeriveKeyInfo.hInteropProv) { TRelease(TestDeriveKeyInfo.hInteropProv, 0, ptc); }
return fSuccess;}
//
// Function: PositiveDeriveKeyTests
// Purpose: Run the test cases for CryptDeriveKey. The set of positive test cases
// to be executed depends on the dwCSPClass and dwTestLevel parameters.
//
// Note: Since the Microsoft RSA CSP only supports derived session keys and not
// derived public keys, the PositiveDeriveKeyTests() belong in TEST_LEVEL_KEY
// only.
//
BOOL PositiveDeriveKeyTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; //LPWSTR pwszContainer = TEST_CONTAINER;
HCRYPTPROV hProv = 0; HCRYPTHASH hHash = 0; HCRYPTKEY hKey = 0; PTESTCASE ptc = &(pCSPInfo->TestCase); HASH_INFO HashInfo;
memset(&HashInfo, 0, sizeof(HashInfo));
//
// Group 4B
//
//
// Do CryptDeriveKey positive test cases
//
LOG_TRY(CreateNewContext( &hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
//
// Tests for basic use of CryptDeriveKey, then the flags CRYPT_CREATE_SALT,
// CRYPT_NO_SALT, and
// CRYPT_UPDATE_KEY (the latter is currently not supported by the Microsoft
// CSP's) follow. Create a simple hash from which the derived keys will be
// generated.
//
HashInfo.aiHash = CALG_SHA1; HashInfo.dbBaseData.pbData = (PBYTE) TEST_HASH_DATA; HashInfo.dbBaseData.cbData = wcslen(TEST_HASH_DATA) * sizeof(WCHAR);
LOG_TRY(CreateHashAndAddData( hProv, &hHash, &HashInfo, ptc, 0, NULL));
//
// Base test
//
LOG_TRY(TDeriveKey( hProv, CALG_RC4, hHash, 0, &hKey, ptc));
LOG_TRY(TDestroyKey(hKey, ptc)); hKey = 0;
//
// Test CRYPT_CREATE_SALT
//
// Derive a 40 bit RC4 key. Specifying a small key size is interesting
// because the Microsoft CSP's will not, by default, add any salt
// to a 128 bit key.
//
LOG_TRY(TDeriveKey( hProv, CALG_RC4, hHash, CRYPT_CREATE_SALT | (0x28 << 16), &hKey, ptc));
LOG_TRY(TDestroyKey(hKey, ptc)); hKey = 0;
//
// Test CRYPT_NO_SALT
//
LOG_TRY(TDeriveKey( hProv, CALG_RC4, hHash, CRYPT_NO_SALT | (0x28 << 16), &hKey, ptc));
LOG_TRY(TDestroyKey(hKey, ptc)); hKey = 0;
//
// Test CRYPT_UPDATE_KEY
//
LOG_TRY(TDeriveKey( hProv, CALG_RC4, hHash, 0, &hKey, ptc));
//
// Using the key handle just created, attempt to update the key
// data with the same hash data. The Microsoft CSP currently ignores
// this flag.
//
LOG_TRY(TDeriveKey( hProv, CALG_RC4, hHash, CRYPT_UPDATE_KEY, &hKey, ptc)); fSuccess = TRUE;Cleanup:
if (hHash) { TDestroyHash(hHash, ptc); } if (hKey) { TDestroyKey(hKey, ptc); } if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: NegativeDeriveKeyTests
// Purpose: Run the negative test cases for CryptDeriveKey. These test cases
// will only execute for TEST_LEVEL_KEY, based on the dwTestLevel parameter.
//
BOOL NegativeDeriveKeyTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; //LPWSTR pwszContainer = TEST_CONTAINER;
//LPWSTR pwszContainer2 = TEST_CONTAINER_2;
HCRYPTPROV hProv = 0; HCRYPTPROV hProv2 = 0; HCRYPTKEY hKey = 0; HCRYPTHASH hHash = 0; HCRYPTHASH hHash2 = 0; PTESTCASE ptc = &(pCSPInfo->TestCase);
//
// Group 4B
//
// Only run the negative test cases for TEST_LEVEL_KEY. This ensures that the same cases won't be
// re-run for TEST_LEVEL_CONTAINER. Only the positive cases are different.
if (TEST_LEVEL_KEY == ptc->dwTestLevel) { //
// Do CryptDeriveKey negative test cases
//
LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc)); LOG_TRY(CreateNewHash(hProv, CALG_SHA1, &hHash, ptc)); ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TDeriveKey(0, CALG_RC4, hHash, 0, &hKey, ptc)); ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TDeriveKey(TEST_INVALID_HANDLE, CALG_RC4, hHash, 0, &hKey, ptc)); ptc->dwErrorCode = ERROR_INVALID_PARAMETER; LOG_TRY(TDeriveKey(hProv, CALG_RC4, hHash, 0, NULL, ptc)); ptc->dwErrorCode = NTE_BAD_ALGID; LOG_TRY(TDeriveKey(hProv, CALG_MD5, hHash, 0, &hKey, ptc)); ptc->dwErrorCode = NTE_BAD_FLAGS; LOG_TRY(TDeriveKey(hProv, CALG_RC4, hHash, TEST_INVALID_FLAG, &hKey, ptc)); ptc->dwErrorCode = NTE_BAD_HASH; LOG_TRY(TDeriveKey(hProv, CALG_RC4, TEST_INVALID_HANDLE, 0, &hKey, ptc)); ptc->dwErrorCode = NTE_SILENT_CONTEXT; LOG_TRY(TDeriveKey(hProv, CALG_RC4, hHash, CRYPT_USER_PROTECTED, &hKey, ptc)); LOG_TRY(CreateNewContext(&hProv2, NULL, CRYPT_VERIFYCONTEXT, ptc)); LOG_TRY(CreateNewHash(hProv2, CALG_SHA1, &hHash2, ptc)); // Hash handle not created from same context as hProv
ptc->dwErrorCode = NTE_BAD_HASH; LOG_TRY(TDeriveKey(hProv, CALG_RC4, hHash2, 0, &hKey, ptc)); } fSuccess = TRUE;Cleanup:
if (hHash) { TDestroyHash(hHash, ptc); } if (hHash2) { TDestroyHash(hHash2, ptc); } if (hProv) { TRelease(hProv, 0, ptc); } if (hProv2) { TRelease(hProv2, 0, ptc); }
return fSuccess;}
//
// Function: PositiveDestroyKeyTests
// Purpose: Run the test cases for CryptDestroyKey
//
BOOL PositiveDestroyKeyTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; LPWSTR pwszContainer = TEST_CONTAINER; HCRYPTPROV hProv = 0; HCRYPTKEY hKey = 0; PTESTCASE ptc = &(pCSPInfo->TestCase);
//
// Group 4C
//
//
// Do CryptDestroyKey positive test cases
//
switch (pCSPInfo->TestCase.dwTestLevel) { case TEST_LEVEL_KEY: { LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
LOG_TRY(CreateNewKey(hProv, CALG_RC4, 0, &hKey, ptc));
LOG_TRY(TDestroyKey(hKey, ptc)); hKey = 0;
break; }
case TEST_LEVEL_CONTAINER: { LOG_TRY(CreateNewContext(&hProv, pwszContainer, CRYPT_NEWKEYSET, ptc));
LOG_TRY(CreateNewKey(hProv, AT_SIGNATURE, 0, &hKey, ptc));
LOG_TRY(TDestroyKey(hKey, ptc)); hKey = 0;
break; }
default: { goto Cleanup; } }
fSuccess = TRUE;
Cleanup:
if (hKey) { TDestroyKey(hKey, ptc); } if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: NegativeDestroyKeyTests
// Purpose: Run the negative test cases for CryptDestroyKey
//
BOOL NegativeDestroyKeyTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; //LPWSTR pwszContainer = TEST_CONTAINER;
HCRYPTPROV hProv = 0; HCRYPTKEY hKey = 0; PTESTCASE ptc = &(pCSPInfo->TestCase);
//
// Group 4C
//
//
// Do CryptDestroyKey negative test cases
//
ptc->fTestingDestroyKey = TRUE; ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TDestroyKey(0, ptc)); ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TDestroyKey(TEST_INVALID_HANDLE, ptc));
LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
LOG_TRY(CreateNewKey(hProv, CALG_RC4, 0, &hKey, ptc));
/*
LOG_TRY(TRelease(hProv, 0, ptc)); hProv = 0;
// Provider handle used to create hKey is now invalid
ptc->dwErrorCode = NTE_BAD_UID; LOG_TRY(TDestroyKey(hKey, ptc)); */
fSuccess = TRUE;
Cleanup:
ptc->fTestingDestroyKey = FALSE;
if (hKey) { TDestroyKey(hKey, ptc); } if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: PositiveEncryptTests
// Purpose: Run the test cases for CryptEncrypt
//
BOOL PositiveEncryptTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; HCRYPTPROV hProv = 0; HCRYPTKEY hKey = 0; //LPWSTR pwszContainer = TEST_CONTAINER;
DWORD cbData = 0; PBYTE pbData = NULL; DWORD dw = 0; PTESTCASE ptc = &(pCSPInfo->TestCase); BYTE rgb [] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; //
// Group 4E
//
//
// Do CryptEncrypt positive test cases
//
switch( pCSPInfo->TestCase.dwTestLevel ) { case TEST_LEVEL_KEY: { LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc)); //
// Try a simple stream cipher encryption
//
LOG_TRY(CreateNewKey(hProv, CALG_RC4, 0, &hKey, ptc)); cbData = wcslen(TEST_DECRYPT_DATA) * sizeof(WCHAR); dw = cbData; LOG_TRY(TestAlloc(&pbData, cbData, ptc)); memcpy(pbData, TEST_DECRYPT_DATA, cbData); LOG_TRY(TEncrypt(hKey, 0, TRUE, 0, pbData, &cbData, dw, ptc));
//
// Verify that ciphertext is not same as plaintext
//
if (0 == memcmp(pbData, TEST_DECRYPT_DATA, dw)) { ptc->pwszErrorHelp = L"CryptEncrypt ciphertext matches original plaintext"; LOG_TRY(LogApiFailure( API_CRYPTENCRYPT, ERROR_BAD_DATA, ptc)); ptc->pwszErrorHelp = NULL; } LOG_TRY(TDestroyKey(hKey, ptc)); hKey = 0; //
// Try a simple block cipher encryption
//
LOG_TRY(CreateNewKey(hProv, CALG_RC2, 0, &hKey, ptc)); cbData = sizeof(rgb) / 2; dw = sizeof(rgb); LOG_TRY(TEncrypt(hKey, 0, TRUE, 0, rgb, &cbData, dw, ptc));
//
// Verify that ciphertext is not still zeros
//
while (dw-- && (0 == rgb[dw - 1]));
if (0 == dw) { ptc->pwszErrorHelp = L"CryptEncrypt ciphertext matches original plaintext"; LOG_TRY(LogApiFailure( API_CRYPTENCRYPT, ERROR_BAD_DATA, ptc)); ptc->pwszErrorHelp = NULL; } break; } case TEST_LEVEL_CONTAINER: { LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_NEWKEYSET, ptc)); //
// Test direct direct RSA encryption using an key-exchange public key.
//
// Not all CSP's will support this, so the error level may need to
// be adjusted.
//
LOG_TRY(CreateNewKey(hProv, AT_KEYEXCHANGE, 0, &hKey, ptc));
cbData = wcslen(TEST_DECRYPT_DATA) * sizeof(WCHAR); dw = cbData;
LOG_TRY(TEncrypt(hKey, 0, TRUE, 0, NULL, &dw, 0, ptc)); LOG_TRY(TestAlloc(&pbData, dw, ptc)); memcpy(pbData, TEST_DECRYPT_DATA, cbData);
LOG_TRY(TEncrypt(hKey, 0, TRUE, 0, pbData, &cbData, dw, ptc)); //
// Verify that ciphertext is not same as plaintext
//
if (0 == memcmp(pbData, TEST_DECRYPT_DATA, dw)) { ptc->pwszErrorHelp = L"CryptEncrypt ciphertext matches original plaintext"; LOG_TRY(LogApiFailure( API_CRYPTENCRYPT, ERROR_BAD_DATA, ptc)); ptc->pwszErrorHelp = NULL; } break; }
default: { goto Cleanup; } } fSuccess = TRUE; Cleanup: if (hKey) { TDestroyKey(hKey, ptc); } if (hProv) { TRelease(hProv, 0, ptc); } return fSuccess;}
//
// Function: NegativeEncryptTests
// Purpose: Run the negative test cases for CryptEncrypt
//
BOOL NegativeEncryptTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; //LPWSTR pwszContainer = TEST_CONTAINER;
//LPWSTR pwszContainer2 = TEST_CONTAINER_2;
HCRYPTPROV hProv = 0; HCRYPTPROV hProv2 = 0; HCRYPTKEY hKey = 0; HCRYPTHASH hHash = 0; DWORD cb = 0; DWORD dw = 0; PTESTCASE ptc = &(pCSPInfo->TestCase); DWORD dwSavedErrorLevel = 0; BYTE rgPlainText[TEST_CIPHER_LENGTH_RC4]; BYTE rgRC2PlainText[TEST_RC2_BUFFER_LEN]; BYTE rgHashVal[HASH_LENGTH_SHA1];
memset(rgHashVal, 0, sizeof(rgHashVal)); memset(rgPlainText, 0, sizeof(rgPlainText)); memset(rgRC2PlainText, 0, sizeof(rgRC2PlainText));
//
// Group 4E
//
//
// Do CryptEncrypt negative test cases
//
cb = sizeof(rgPlainText);
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TEncrypt(0, 0, TRUE, 0, rgPlainText, &cb, cb, ptc));
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TEncrypt(TEST_INVALID_HANDLE, 0, TRUE, 0, rgPlainText, &cb, cb, ptc));
LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
//
// Create a block encryption key to test invalid buffer
// lengths.
//
LOG_TRY(CreateNewKey(hProv, CALG_RC2, 0, &hKey, ptc));
dw = cb = TEST_RC2_DATA_LEN;
ptc->fExpectSuccess = TRUE; LOG_TRY(TEncrypt(hKey, 0, TRUE, 0, NULL, &cb, 0, ptc)); ptc->fExpectSuccess = FALSE;
cb--;
// dwBufLen param is now too short
ptc->dwErrorCode = ERROR_MORE_DATA; LOG_TRY(TEncrypt(hKey, 0, TRUE, 0, rgRC2PlainText, &dw, cb, ptc));
// Done with block cipher key
LOG_TRY(TDestroyKey(hKey, ptc)); hKey = 0;
//
// Continue tests using a stream cipher key
//
cb = sizeof(rgPlainText);
LOG_TRY(CreateNewKey(hProv, CALG_RC4, 0, &hKey, ptc));
// pbData buffer is too short and will AV
ptc->dwErrorCode = ERROR_INVALID_PARAMETER; LOG_TRY(TEncrypt(hKey, 0, TRUE, 0, (PBYTE) TEST_INVALID_POINTER, &cb, cb, ptc));
// Invalid flag
ptc->dwErrorCode = NTE_BAD_FLAGS; LOG_TRY(TEncrypt(hKey, 0, TRUE, TEST_INVALID_FLAG, rgPlainText, &cb, cb, ptc));
ptc->fExpectSuccess = TRUE; LOG_TRY(TEncrypt(hKey, 0, TRUE, 0, rgPlainText, &cb, cb, ptc)); ptc->fExpectSuccess = FALSE;
// Not all providers prohibit double-encryption
dwSavedErrorLevel = ptc->dwErrorLevel; ptc->dwErrorLevel = CSP_ERROR_WARNING; ptc->pwszErrorHelp = L"This CSP supports double-encryption";
ptc->dwErrorCode = NTE_DOUBLE_ENCRYPT; LOG_TRY(TEncrypt(hKey, 0, TRUE, 0, rgPlainText, &cb, cb, ptc));
ptc->dwErrorLevel = dwSavedErrorLevel; ptc->pwszErrorHelp = NULL;
memset(rgPlainText, 0, cb);
// Invalid, non-zero, hash handle
ptc->dwErrorCode = NTE_BAD_HASH; LOG_TRY(TEncrypt(hKey, TEST_INVALID_HANDLE, TRUE, 0, rgPlainText, &cb, cb, ptc)); LOG_TRY(CreateNewHash(hProv, CALG_SHA1, &hHash, ptc));
ptc->fExpectSuccess = TRUE; cb = sizeof(rgHashVal); LOG_TRY(TGetHash(hHash, HP_HASHVAL, rgHashVal, &cb, 0, ptc)); ptc->fExpectSuccess = FALSE;
cb = sizeof(rgPlainText); ptc->dwErrorCode = NTE_BAD_HASH_STATE; LOG_TRY(TEncrypt(hKey, hHash, TRUE, 0, rgPlainText, &cb, cb, ptc));
TDestroyHash(hHash, ptc); hHash = 0;
LOG_TRY(CreateNewContext(&hProv2, NULL, CRYPT_VERIFYCONTEXT, ptc));
// Create a new hash from a different cryptographic context
LOG_TRY(CreateNewHash(hProv2, CALG_SHA1, &hHash, ptc));
// API should not allow hKey and hHash from two different contexts
ptc->dwErrorCode = NTE_BAD_HASH; LOG_TRY(TEncrypt(hKey, hHash, TRUE, 0, rgPlainText, &cb, cb, ptc));
// Delete the original context, hKey derived from it should now be unusable
/*
LOG_TRY(TRelease(hProv, 0, ptc)); hProv = 0;
ptc->dwErrorCode = NTE_BAD_UID; LOG_TRY(TEncrypt(hKey, 0, TRUE, 0, rgPlainText, &cb, cb, ptc)); */
fSuccess = TRUE;
Cleanup:
if (hHash) { TDestroyHash(hHash, ptc); } if (hKey) { TDestroyKey(hKey, ptc); } if (hProv) { TRelease(hProv, 0, ptc); } if (hProv2) { TRelease(hProv2, 0, ptc); }
return fSuccess;}
//
// Function: TestGenKeyProc
//
BOOL TestGenKeyProc( PALGNODE pAlgNode, PTESTCASE ptc, PVOID pvTestGenKeyInfo){ HCRYPTKEY hKey = 0; BOOL fSuccess = FALSE; DWORD dwSize = 0; DWORD dwFlags = 0; HCRYPTPROV hTestProv = 0; DWORD dwSavedErrorLevel = ptc->dwErrorLevel; PTEST_GEN_KEY_INFO pTestGenKeyInfo = (PTEST_GEN_KEY_INFO) pvTestGenKeyInfo;
if (pAlgNode->fIsRequiredAlg) { ptc->dwErrorLevel = CSP_ERROR_CONTINUE; } else { ptc->dwErrorLevel = CSP_ERROR_WARNING; }
//
// Create four different keys for the specified alg:
//
// 1) Minimum key size, with the CRYPT_NO_SALT flag.
// 2) Minimum key size, with the CRYPT_CREATE_SALT flag.
// 3) (Public keys only) Minimum key size + incremental key size
// 4) Default key size, with the CRYPT_EXPORTABLE flag
// 5) Maximum key size (Session keys only. Otherwise, use a
// reasonably large key size for public key pairs.), with the
// CRYPT_USER_PROTECTED flag set.
//
// 1
dwSize = pAlgNode->ProvEnumalgsEx.dwMinLen; LOG_TRY(TGenKey( pTestGenKeyInfo->hProv, pAlgNode->ProvEnumalgsEx.aiAlgid, CRYPT_NO_SALT | (dwSize << 16), &hKey, ptc));
LOG_TRY(TDestroyKey(hKey, ptc)); hKey = 0;
//
// The Microsoft CSP's do not permit salting DES
// keys.
//
// 2
if ( CALG_DES == pAlgNode->ProvEnumalgsEx.aiAlgid || CALG_3DES == pAlgNode->ProvEnumalgsEx.aiAlgid || CALG_3DES_112 == pAlgNode->ProvEnumalgsEx.aiAlgid) { ptc->KnownErrorID = KNOWN_CRYPTGENKEY_SALTDES; }
LOG_TRY(TGenKey( pTestGenKeyInfo->hProv, pAlgNode->ProvEnumalgsEx.aiAlgid, CRYPT_CREATE_SALT | (dwSize << 16), &hKey, ptc));
LOG_TRY(TDestroyKey(hKey, ptc)); hKey = 0;
ptc->KnownErrorID = KNOWN_ERROR_UNKNOWN;
//
// Is this a public key alg?
//
if (RSAAlgFilter(pAlgNode)) { switch (pAlgNode->ProvEnumalgsEx.aiAlgid) { case CALG_RSA_SIGN: { dwSize = pAlgNode->ProvEnumalgsEx.dwMinLen + pTestGenKeyInfo->pCSPInfo->dwSigKeysizeInc; break; } case CALG_RSA_KEYX: { dwSize = pAlgNode->ProvEnumalgsEx.dwMinLen + pTestGenKeyInfo->pCSPInfo->dwSigKeysizeInc; break; } default: { goto Cleanup; } }
// 3
LOG_TRY(TGenKey( pTestGenKeyInfo->hProv, pAlgNode->ProvEnumalgsEx.aiAlgid, dwSize << 16, &hKey, ptc));
LOG_TRY(TDestroyKey(hKey, ptc)); hKey = 0; }
// 4
LOG_TRY(TGenKey( pTestGenKeyInfo->hProv, pAlgNode->ProvEnumalgsEx.aiAlgid, CRYPT_EXPORTABLE, &hKey, ptc));
LOG_TRY(TDestroyKey(hKey, ptc)); hKey = 0;
// 5
if (RSAAlgFilter(pAlgNode)) { dwFlags = CRYPT_USER_PROTECTED; dwSize = (pAlgNode->ProvEnumalgsEx.dwMaxLen >= TEST_MAX_RSA_KEYSIZE) ? TEST_MAX_RSA_KEYSIZE : pAlgNode->ProvEnumalgsEx.dwMaxLen; hTestProv = pTestGenKeyInfo->hNotSilentProv; } else { dwSize = pAlgNode->ProvEnumalgsEx.dwMaxLen; hTestProv = pTestGenKeyInfo->hProv; }
LOG_TRY(TGenKey( hTestProv, pAlgNode->ProvEnumalgsEx.aiAlgid, dwFlags | (dwSize << 16), &hKey, ptc));
fSuccess = TRUE;
Cleanup: ptc->dwErrorLevel = dwSavedErrorLevel;
if (hKey) { TDestroyKey(hKey, ptc); }
return fSuccess;}
//
// Function: PositiveGenKeyTests
// Purpose: Run the test cases for CryptGenKey. The set of positive
// test cases executed depends on the dwCSPClass and dwTestLevel parameters.
//
BOOL PositiveGenKeyTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; LPWSTR pwszContainer = TEST_CONTAINER; LPWSTR pwszContainer2 = TEST_CONTAINER_2; PTESTCASE ptc = &(pCSPInfo->TestCase); HCRYPTKEY hKey = 0; //PALGNODE pAlgNode = NULL;
TEST_GEN_KEY_INFO TestGenKeyInfo;
memset(&TestGenKeyInfo, 0, sizeof(TestGenKeyInfo));
TestGenKeyInfo.pCSPInfo = pCSPInfo;
//
// Do CryptGenKey positive test cases
//
switch (pCSPInfo->TestCase.dwTestLevel) { case TEST_LEVEL_KEY: { //
// Run the TestGenKeyProc test for each session key alg
// supported by this CSP.
//
LOG_TRY(CreateNewContext(&(TestGenKeyInfo.hProv), NULL, CRYPT_VERIFYCONTEXT, ptc));
LOG_TRY(AlgListIterate( pCSPInfo->pAlgList, DataEncryptFilter, TestGenKeyProc, (PVOID) &TestGenKeyInfo, ptc));
//
// Test that a signature public key pair can be created from a
// VERIFYCONTEXT provider handle. The key will not be persisted.
//
LOG_TRY(TGenKey( TestGenKeyInfo.hProv, AT_SIGNATURE, 0, &hKey, ptc)); break; }
case TEST_LEVEL_CONTAINER: { LOG_TRY(CreateNewContext( &(TestGenKeyInfo.hProv), pwszContainer, CRYPT_NEWKEYSET, ptc)); // We are not currently supporting multiple containers
// on a single smartcard, so the following test case can't
// use two different context handles for Smartcard scenario.
if (pCSPInfo->fSmartCardCSP) { TestGenKeyInfo.hNotSilentProv = TestGenKeyInfo.hProv; } else { //
// Set the flag so that CreateNewContext will not create a CRYPT_SILENT context
// handle.
//
ptc->fTestingUserProtected = TRUE; LOG_TRY(CreateNewContext( &(TestGenKeyInfo.hNotSilentProv), pwszContainer2, CRYPT_NEWKEYSET, ptc)); ptc->fTestingUserProtected = FALSE; }
if (CLASS_SIG_ONLY == pCSPInfo->TestCase.dwCSPClass) { LOG_TRY(TGenKey( TestGenKeyInfo.hProv, AT_SIGNATURE, 0, &hKey, ptc)); } else { LOG_TRY(TGenKey( TestGenKeyInfo.hProv, AT_KEYEXCHANGE, 0, &hKey, ptc));
LOG_TRY(AlgListIterate( pCSPInfo->pAlgList, RSAAlgFilter, TestGenKeyProc, (PVOID) &TestGenKeyInfo, ptc)); }
if (pCSPInfo->fSmartCardCSP) { TestGenKeyInfo.hProv = 0; }
break; }
default: { goto Cleanup; } }
fSuccess = TRUE;
Cleanup:
if (hKey) { TDestroyKey(hKey, ptc); } if (TestGenKeyInfo.hProv) { TRelease(TestGenKeyInfo.hProv, 0, ptc); } if (TestGenKeyInfo.hNotSilentProv) { TRelease(TestGenKeyInfo.hNotSilentProv, 0, ptc); }
return fSuccess;}
//
// Function: NegativeGenKeyTests
// Purpose: Run the negative test cases for CryptGenKey. The set of
// test cases executed depends on the dwTestLevel parameter.
//
BOOL NegativeGenKeyTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; LPWSTR pwszContainer = TEST_CONTAINER; HCRYPTPROV hProv = 0; HCRYPTKEY hKey = 0; PTESTCASE ptc = &(pCSPInfo->TestCase);
// The appropriate set of negative test cases to run depends on the current Test Level
switch (ptc->dwTestLevel) { case TEST_LEVEL_KEY: { //
// Group 4F (negative)
//
//
// Do CryptGenKey TEST_LEVEL_KEY negative test cases
//
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TGenKey(0, CALG_RC4, 0, &hKey, ptc)); ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TGenKey(TEST_INVALID_HANDLE, CALG_RC4, 0, &hKey, ptc)); LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc)); ptc->dwErrorCode = NTE_BAD_ALGID; LOG_TRY(TGenKey(hProv, CALG_SHA1, 0, &hKey, ptc)); ptc->dwErrorCode = NTE_BAD_FLAGS; LOG_TRY(TGenKey(hProv, CALG_RC4, TEST_INVALID_FLAG, &hKey, ptc));
break; } case TEST_LEVEL_CONTAINER: { //
// Group 5D (negative)
//
//
// Do CryptGenKey TEST_LEVEL_CONTAINER negative test cases
//
//
// Test that CRYPT_USER_PROTECTED fails with a CRYPT_SILENT context
//
LOG_TRY(CreateNewContext(&hProv, pwszContainer, CRYPT_NEWKEYSET | CRYPT_SILENT, ptc));
ptc->dwErrorCode = NTE_SILENT_CONTEXT; LOG_TRY(TGenKey(hProv, AT_SIGNATURE, CRYPT_USER_PROTECTED, &hKey, ptc));
LOG_TRY(TRelease(hProv, 0, ptc)); hProv = 0;
//
// Test that CRYPT_USER_PROTECTED fails with a CRYPT_VERIFYCONTEXT context
//
LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
//
// In Windows 2000, the Microsoft CSP's ignore the USER_PROTECTED flag
// because the VERIFYCONTEXT flag is set. Therefore the following
// call succeeds unexpectedly. That usage should be flagged as an
// error.
//
ptc->KnownErrorID = KNOWN_CRYPTGENKEY_SILENTCONTEXT; ptc->pwszErrorHelp = L"The CRYPT_USER_PROTECTED flag should fail when a VERIFYCONTEXT provider handle is used";
ptc->dwErrorCode = NTE_SILENT_CONTEXT; LOG_TRY(TGenKey(hProv, AT_SIGNATURE, CRYPT_USER_PROTECTED, &hKey, ptc)); ptc->KnownErrorID = KNOWN_ERROR_UNKNOWN;
break; } }
fSuccess = TRUE;
Cleanup:
if (hKey) { TDestroyKey(hKey, ptc); } if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: PositiveGetKeyParamTests
// Purpose: Run the test cases for CryptGetKeyParam
//
BOOL PositiveGetKeyParamTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; HCRYPTPROV hProv = 0; HCRYPTKEY hKey = 0; DWORD dw = 0; DWORD cb = 0; PBYTE pb = NULL; PTESTCASE ptc = &(pCSPInfo->TestCase); DWORD dwSavedErrorLevel = 0;
//
// Group 4G
//
//
// Do CryptGetKeyParam positive test cases
//
LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
//
// Test CryptGetKeyParam for a stream cipher key
//
LOG_TRY(CreateNewKey( hProv, CALG_RC4, CRYPT_CREATE_SALT | CRYPT_EXPORTABLE | (40 << 16), &hKey, ptc));
// KP_ALGID
cb = sizeof(dw); LOG_TRY(TGetKey( hKey, KP_ALGID, (PBYTE) &dw, &cb, 0, ptc));
if (CALG_RC4 != dw) { LOG_TRY(LogBadParam( API_CRYPTGETKEYPARAM, L"CryptGetKeyParam KP_ALGID doesn't match", ptc)); }
// KP_BLOCKLEN
cb = sizeof(dw); LOG_TRY(TGetKey( hKey, KP_BLOCKLEN, (PBYTE) &dw, &cb, 0, ptc));
if (0 != dw) { LOG_TRY(LogBadParam( API_CRYPTGETKEYPARAM, L"CryptGetKeyParam KP_BLOCKLEN should be zero", ptc)); }
// KP_KEYLEN
cb = sizeof(dw); LOG_TRY(TGetKey( hKey, KP_KEYLEN, (PBYTE) &dw, &cb, 0, ptc));
// TODO: Determine the best way to verify KP_KEYLEN. CSP's will return
// the effective KEYLEN, including parity bits.
// KP_SALT
cb = 0; LOG_TRY(TGetKey( hKey, KP_SALT, NULL, &cb, 0, ptc));
//
// The MS_ENHANCED_PROV will use salt length zero for any key size even
// when CRYPT_CREATE_SALT has been specified.
//
// The MS_BASE_PROV will exhibit one of the following behaviors:
// 1) Default - use 11 bytes of zeroed salt
// 2) CRYPT_CREATE_SALT - use 11 bytes of random salt
// 3) CRYPT_NO_SALT - use no salt
//
// For this reason, various valid-looking salting behaviors
// should not be considered errors.
//
dwSavedErrorLevel = ptc->dwErrorLevel; ptc->dwErrorLevel = CSP_ERROR_WARNING; if (0 == cb) { LOG_TRY(LogBadParam( API_CRYPTGETKEYPARAM, L"CryptGetKeyParam KP_SALT has zero length after CryptGenKey CRYPT_CREATE_SALT", ptc)); }
LOG_TRY(TestAlloc(&pb, cb, ptc));
LOG_TRY(TGetKey( hKey, KP_SALT, pb, &cb, 0, ptc));
// Verify that salt is not completely zero
while (cb && (0 == pb[cb - 1])) cb--;
if (0 == cb) { LOG_TRY(LogBadParam( API_CRYPTGETKEYPARAM, L"CryptGetKeyParam KP_SALT should not be zeroized after CryptGenKey CRYPT_CREATE_SALT", ptc)); }
free(pb); pb = NULL; ptc->dwErrorLevel = dwSavedErrorLevel;
// KP_PERMISSIONS
cb = sizeof(dw); LOG_TRY(TGetKey( hKey, KP_PERMISSIONS, (PBYTE) &dw, &cb, 0, ptc));
if (! (CRYPT_EXPORT & dw)) { LOG_TRY(LogBadParam( API_CRYPTGETKEYPARAM, L"CryptGetKeyParam KP_PERMISSIONS, CRYPT_EXPORT should be set", ptc)); }
LOG_TRY(TDestroyKey(hKey, ptc)); hKey = 0;
//
// Test CryptGetKeyParam with a block cipher key
//
LOG_TRY(CreateNewKey(hProv, CALG_RC2, CRYPT_EXPORTABLE, &hKey, ptc));
// KP_BLOCKLEN
cb = sizeof(dw); LOG_TRY(TGetKey( hKey, KP_BLOCKLEN, (PBYTE) &dw, &cb, 0, ptc));
if (0 == dw) { LOG_TRY(LogBadParam( API_CRYPTGETKEYPARAM, L"CryptGetKeyParam KP_BLOCKLEN should not be zero for CALG_RC2 key", ptc)); }
// KP_EFFECTIVE_KEYLEN
cb = sizeof(dw); LOG_TRY(TGetKey( hKey, KP_EFFECTIVE_KEYLEN, (PBYTE) &dw, &cb, 0, ptc));
// TODO: In general, how should the effective key length
// be determined?
// KP_IV
cb = 0; LOG_TRY(TGetKey( hKey, KP_IV, NULL, &cb, 0, ptc));
LOG_TRY(TestAlloc(&pb, cb, ptc));
LOG_TRY(TGetKey( hKey, KP_IV, pb, &cb, 0, ptc));
// Verify that IV is zero
while (cb && (! pb[cb - 1])) cb--;
if (0 != cb) { LOG_TRY(LogBadParam( API_CRYPTGETKEYPARAM, L"CryptGetKeyParam KP_IV should be zero", ptc)); }
free(pb); pb = NULL;
// KP_PADDING
cb = sizeof(dw); LOG_TRY(TGetKey( hKey, KP_PADDING, (PBYTE) &dw, &cb, 0, ptc));
if (PKCS5_PADDING != dw) { LOG_TRY(LogBadParam( API_CRYPTGETKEYPARAM, L"CryptGetKeyParam KP_PADDING should be PKCS5_PADDING", ptc)); }
// KP_MODE
cb = sizeof(dw); LOG_TRY(TGetKey( hKey, KP_MODE, (PBYTE) &dw, &cb, 0, ptc));
if (CRYPT_MODE_CBC != dw) { LOG_TRY(LogBadParam( API_CRYPTGETKEYPARAM, L"CryptGetKeyParam KP_MODE should be CRYPT_MODE_CBC", ptc)); }
// KP_MODE_BITS
cb = sizeof(dw); LOG_TRY(TGetKey( hKey, KP_MODE_BITS, (PBYTE) &dw, &cb, 0, ptc));
// TODO: Looks like this should always be initialized to zero. Is that true?
if (0 != dw) { LOG_TRY(LogBadParam( API_CRYPTGETKEYPARAM, L"CryptGetKeyParam KP_MODE_BITS should be zero", ptc)); }
fSuccess = TRUE;
Cleanup:
if (pb) { free(pb); } if (hKey) { TDestroyKey(hKey, ptc); } if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: NegativeGetKeyParamTests
// Purpose: Run the negative test cases for CryptGetKeyParam
//
BOOL NegativeGetKeyParamTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; //LPWSTR pwszContainer = TEST_CONTAINER;
HCRYPTPROV hProv = 0; HCRYPTKEY hKey = 0; DWORD dw = 0; DWORD cb = 0; PTESTCASE ptc = &(pCSPInfo->TestCase);
//
// Group 4G
//
//
// Do CryptGetKeyParam negative test cases
//
cb = sizeof(dw); ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TGetKey(0, KP_KEYLEN, (PBYTE) &dw, &cb, 0, ptc)); ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TGetKey(TEST_INVALID_HANDLE, KP_KEYLEN, (PBYTE) &dw, &cb, 0, ptc));
LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
LOG_TRY(CreateNewKey(hProv, CALG_RC4, 0, &hKey, ptc));
/*
ptc->dwErrorCode = ERROR_INVALID_PARAMETER; LOG_TRY(TGetKey(hKey, KP_KEYLEN, NULL, &cb, 0, ptc)); */
ptc->dwErrorCode = ERROR_INVALID_PARAMETER; LOG_TRY(TGetKey(hKey, KP_KEYLEN, (PBYTE) TEST_INVALID_POINTER, NULL, 0, ptc));
cb = 1; ptc->dwErrorCode = ERROR_MORE_DATA; LOG_TRY(TGetKey(hKey, KP_KEYLEN, (PBYTE) &dw, &cb, 0, ptc));
ptc->dwErrorCode = NTE_BAD_FLAGS; LOG_TRY(TGetKey(hKey, KP_KEYLEN, (PBYTE) &dw, &cb, TEST_INVALID_FLAG, ptc));
ptc->dwErrorCode = NTE_BAD_TYPE; LOG_TRY(TGetKey(hKey, TEST_INVALID_FLAG, (PBYTE) &dw, &cb, 0, ptc)); /*
LOG_TRY(TRelease(hProv, 0, ptc)); hProv = 0;
// Provider handle used to create hKey is now invalid
ptc->dwErrorCode = NTE_BAD_UID; LOG_TRY(TGetKey(hKey, KP_KEYLEN, (PBYTE) &dw, &cb, 0, ptc)); */
fSuccess = TRUE;
Cleanup:
if (hKey) { TDestroyKey(hKey, ptc); } if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: TestHashSessionKeyProc
// Purpose: Callback function for testing CryptHashSessionKey
// using AlgListIterate. For each session key algorithm
// supported by the target CSP, this function will be called.
//
BOOL TestHashSessionKeyProc( PALGNODE pAlgNode, PTESTCASE ptc, PVOID pvTestHashSessionKey){ BOOL fSuccess = FALSE; DWORD dwFlags = 0; HASH_SESSION_INFO HashSessionInfo; PTEST_HASH_SESSION_KEY pTestHashSessionKey = (PTEST_HASH_SESSION_KEY) pvTestHashSessionKey;
//
// Run the HashSessionKey scenario twice:
// 1) dwFlags = 0 --> hash is Big Endian
// 2) dwFlags = CRYPT_LITTLE_ENDIAN
//
while (TEST_INVALID_FLAG != dwFlags) { memset(&HashSessionInfo, 0, sizeof(HashSessionInfo)); HashSessionInfo.aiHash = pTestHashSessionKey->aiHash; HashSessionInfo.aiKey = pAlgNode->ProvEnumalgsEx.aiAlgid; HashSessionInfo.dwKeySize = pAlgNode->ProvEnumalgsEx.dwMaxLen; HashSessionInfo.dwFlags = dwFlags; LOG_TRY(CreateHashedSessionKey( pTestHashSessionKey->hProv, &HashSessionInfo, ptc)); LOG_TRY(VerifyHashedSessionKey( pTestHashSessionKey->hInteropProv, &HashSessionInfo, ptc));
if (CRYPT_LITTLE_ENDIAN == dwFlags) { dwFlags = TEST_INVALID_FLAG; } else { dwFlags = CRYPT_LITTLE_ENDIAN; } } fSuccess = TRUE;Cleanup:
return fSuccess;}
//
// Function: InteropHashSessionKeyTests
// Purpose: Run the interoperability test cases for CryptHashSessionKey
// between the CSP under test and a second CSP.
//
BOOL InteropHashSessionKeyTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; //LPWSTR pwszContainer = TEST_CONTAINER;
PTESTCASE ptc = &(pCSPInfo->TestCase); TEST_HASH_SESSION_KEY TestHashSessionKey;
memset(&TestHashSessionKey, 0, sizeof(TestHashSessionKey));
TestHashSessionKey.aiHash = CALG_SHA1;
LOG_TRY(CreateNewContext( &(TestHashSessionKey.hProv), NULL, CRYPT_VERIFYCONTEXT, ptc));
LOG_TRY(CreateNewInteropContext( &(TestHashSessionKey.hInteropProv), NULL, CRYPT_VERIFYCONTEXT, ptc));
LOG_TRY(AlgListIterate( pCSPInfo->pAlgList, DataEncryptFilter, TestHashSessionKeyProc, (PVOID) &TestHashSessionKey, ptc));
fSuccess = TRUE;
Cleanup: if (TestHashSessionKey.hProv) { TRelease(TestHashSessionKey.hProv, 0, ptc); } if (TestHashSessionKey.hInteropProv) { TRelease(TestHashSessionKey.hInteropProv, 0, ptc); }
return fSuccess; }
//
// Function: PositiveHashSessionKeyTests
// Purpose: Run the test cases for CryptHashSessionKey
//
BOOL PositiveHashSessionKeyTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; //LPWSTR pwszContainer = TEST_CONTAINER;
HCRYPTPROV hProv = 0; HCRYPTKEY hKey = 0; HCRYPTHASH hHash = 0; PTESTCASE ptc = &(pCSPInfo->TestCase); LOG_TRY(CreateNewContext( &hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
//
// Group 4H
//
//
// Do CryptHashSessionKey test cases
//
//
// Hash a stream cipher key
//
LOG_TRY(CreateNewHash(hProv, CALG_SHA1, &hHash, ptc));
LOG_TRY(CreateNewKey(hProv, CALG_RC4, 0, &hKey, ptc));
LOG_TRY(THashSession(hHash, hKey, 0, ptc));
//
// Hash the key again with the CRYPT_LITTLE_ENDIAN flag
//
LOG_TRY(THashSession(hHash, hKey, CRYPT_LITTLE_ENDIAN, ptc));
fSuccess = TRUE;
Cleanup: if (hKey) { TDestroyKey(hKey, ptc); } if (hHash) { TDestroyHash(hHash, ptc); } if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess; }
//
// Function: NegativeHashSessionKeyTests
// Purpose: Run the negative test cases for CryptHashSessionKey
//
BOOL NegativeHashSessionKeyTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; //LPWSTR pwszContainer = TEST_CONTAINER;
HCRYPTPROV hProv = 0; HCRYPTKEY hKey = 0; HCRYPTKEY hHash = 0; DWORD cb = 0; BYTE rgHashVal[HASH_LENGTH_SHA1]; PTESTCASE ptc = &(pCSPInfo->TestCase);
//
// Group 4H
//
//
// Do CryptHashSessionKey negative test cases
//
LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
LOG_TRY(CreateNewKey(hProv, CALG_RC4, 0, &hKey, ptc));
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(THashSession(0, hKey, 0, ptc)); ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(THashSession(TEST_INVALID_HANDLE, hKey, 0, ptc));
LOG_TRY(CreateNewHash(hProv, CALG_SHA1, &hHash, ptc));
ptc->dwErrorCode = NTE_BAD_FLAGS; LOG_TRY(THashSession(hHash, hKey, TEST_INVALID_FLAG, ptc));
ptc->dwErrorCode = NTE_BAD_KEY; LOG_TRY(THashSession(hHash, TEST_INVALID_HANDLE, 0, ptc));
cb = sizeof(rgHashVal); LOG_TRY(TGetHash(hHash, HP_HASHVAL, rgHashVal, &cb, 0, ptc));
// Hash is now finished, so any attempt to hash data should fail
ptc->dwErrorCode = NTE_BAD_HASH_STATE; LOG_TRY(THashSession(hHash, hKey, 0, ptc));
/*
LOG_TRY(TRelease(hProv, 0, ptc)); hProv = 0;
// Provider handle used to create hHash is now invalid
ptc->dwErrorCode = NTE_BAD_UID; LOG_TRY(THashSession(hHash, hKey, 0, ptc)); */
fSuccess = TRUE;
Cleanup: if (hKey) { TDestroyKey(hKey, ptc); } if (hHash) { TDestroyHash(hHash, ptc); } if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess; }
//
// Function: PositiveSetKeyParamTests
// Purpose: Run the test cases for CryptSetKeyParam
//
BOOL PositiveSetKeyParamTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; //LPWSTR pwszContainer = TEST_CONTAINER;
HCRYPTPROV hProv = 0; HCRYPTKEY hKey = 0; PBYTE pbData = NULL; DWORD cbData = 0; DWORD dw = 0; PTESTCASE ptc = &(pCSPInfo->TestCase); DATA_BLOB db;
memset(&db, 0, sizeof(db));
LOG_TRY(CreateNewContext( &hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
//
// Create a block cipher key for testing SetKeyParam
//
LOG_TRY(CreateNewKey(hProv, CALG_RC2, (40 << 16) | CRYPT_CREATE_SALT, &hKey, ptc));
//
// Group 4I
//
//
// Do CryptSetKeyParam test cases
//
//
// Test KP_SALT
//
LOG_TRY(TGetKey(hKey, KP_SALT, NULL, &cbData, 0, ptc));
LOG_TRY(TestAlloc(&pbData, cbData, ptc));
memset(pbData, TEST_SALT_BYTE, cbData);
// Set key's salt to a known value
LOG_TRY(TSetKey(hKey, KP_SALT, pbData, 0, ptc));
// Retrieve the salt value from the CSP for verification
LOG_TRY(TGetKey(hKey, KP_SALT, pbData, &cbData, 0, ptc));
while (cbData && (pbData[cbData - 1] == TEST_SALT_BYTE)) { cbData--; }
if (0 != cbData) { LOG_TRY(LogBadParam( API_CRYPTSETKEYPARAM, L"CryptSetKeyParam KP_SALT bytes have incorrect value", ptc)); }
free(pbData); pbData = NULL;
//
// Test KP_SALT_EX
//
db.cbData = TEST_SALT_LEN;
LOG_TRY(TestAlloc(&(db.pbData), TEST_SALT_LEN, ptc));
memset(db.pbData, TEST_SALT_BYTE, TEST_SALT_LEN);
LOG_TRY(TSetKey(hKey, KP_SALT_EX, (PBYTE) &db, 0, ptc));
// TODO: Not sure how to verify KP_SALT_EX values
//
// Test KP_PERMISSIONS
//
dw = CRYPT_EXPORT;
//
// The Microsoft CSP's do not allow the exportability of a key
// to be changed.
//
ptc->KnownErrorID = KNOWN_CRYPTSETKEYPARAM_EXPORT; ptc->pwszErrorHelp = L"Attempt to change key to exportable"; LOG_TRY(TSetKey(hKey, KP_PERMISSIONS, (PBYTE) &dw, 0, ptc)); ptc->pwszErrorHelp = NULL; dw = 0; cbData = sizeof(dw); LOG_TRY(TGetKey(hKey, KP_PERMISSIONS, (PBYTE) &dw, &cbData, 0, ptc));
if (! (CRYPT_EXPORT & dw)) { LOG_TRY(LogBadParam( API_CRYPTSETKEYPARAM, L"CryptGetKeyParam KP_PERMISSIONS should now include CRYPT_EXPORT", ptc)); } ptc->KnownErrorID = KNOWN_ERROR_UNKNOWN;
//
// Test KP_EFFECTIVE_KEYLEN
//
dw = TEST_EFFECTIVE_KEYLEN; LOG_TRY(TSetKey(hKey, KP_EFFECTIVE_KEYLEN, (PBYTE) &dw, 0, ptc));
dw = 0; cbData = sizeof(dw); LOG_TRY(TGetKey(hKey, KP_EFFECTIVE_KEYLEN, (PBYTE) &dw, &cbData, 0, ptc));
if (TEST_EFFECTIVE_KEYLEN != dw) { LOG_TRY(LogBadParam( API_CRYPTSETKEYPARAM, L"CryptSetKeyParam KP_EFFECTIVE_KEYLEN failed", ptc)); }
//
// KP_IV
//
LOG_TRY(TGetKey(hKey, KP_IV, NULL, &cbData, 0, ptc));
LOG_TRY(TestAlloc(&pbData, cbData, ptc));
memset(pbData, TEST_IV_BYTE, cbData);
LOG_TRY(TSetKey(hKey, KP_IV, pbData, 0, ptc));
memset(pbData, 0x00, cbData);
LOG_TRY(TGetKey(hKey, KP_IV, pbData, &cbData, 0, ptc));
while (cbData && (TEST_IV_BYTE == pbData[cbData - 1])) { cbData--; }
if (0 != cbData) { LOG_TRY(LogBadParam( API_CRYPTSETKEYPARAM, L"CryptSetKeyParam TEST_IV_BYTE contains incorrect data", ptc)); }
free(pbData); pbData = NULL;
//
// KP_PADDING
//
dw = PKCS5_PADDING; LOG_TRY(TSetKey(hKey, KP_PADDING, (PBYTE) &dw, 0, ptc));
dw = 0; cbData = sizeof(dw); LOG_TRY(TGetKey(hKey, KP_PADDING, (PBYTE) &dw, &cbData, 0, ptc));
if (PKCS5_PADDING != dw) { LOG_TRY(LogBadParam( API_CRYPTSETKEYPARAM, L"CryptSetKeyParam KP_PADDING has incorrect value", ptc)); }
//
// KP_MODE
//
dw = CRYPT_MODE_ECB; LOG_TRY(TSetKey(hKey, KP_MODE, (PBYTE) &dw, 0, ptc));
dw = 0; cbData = sizeof(dw); LOG_TRY(TGetKey(hKey, KP_MODE, (PBYTE) &dw, &cbData, 0, ptc));
if (CRYPT_MODE_ECB != dw) { LOG_TRY(LogBadParam( API_CRYPTSETKEYPARAM, L"CryptSetKeyParam KP_MODE has incorrect value", ptc)); }
//
// KP_MODE_BITS
//
dw = TEST_MODE_BITS; LOG_TRY(TSetKey(hKey, KP_MODE_BITS, (PBYTE) &dw, 0, ptc));
dw = 0; cbData = sizeof(dw); LOG_TRY(TGetKey(hKey, KP_MODE_BITS, (PBYTE) &dw, &cbData, 0, ptc));
if (TEST_MODE_BITS != dw) { LOG_TRY(LogBadParam( API_CRYPTSETKEYPARAM, L"CryptSetKeyParam KP_MODE_BITS contains incorrect value", ptc)); }
fSuccess = TRUE;
Cleanup:
if (hKey) { TDestroyKey(hKey, ptc); } if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: NegativeSetKeyParamTests
// Purpose: Run the negative test cases for CryptSetKeyParam
//
BOOL NegativeSetKeyParamTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; //LPWSTR pwszContainer = TEST_CONTAINER;
HCRYPTPROV hProv = 0; HCRYPTKEY hKey = 0; DWORD dw = 0; PTESTCASE ptc = &(pCSPInfo->TestCase);
//
// Group 4I
//
//
// Do CryptSetKeyParam negative test cases
//
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TSetKey(0, KP_PERMISSIONS, (PBYTE) &dw, 0, ptc)); ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TSetKey(TEST_INVALID_HANDLE, KP_PERMISSIONS, (PBYTE) &dw, 0, ptc));
LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
LOG_TRY(CreateNewKey(hProv, CALG_RC4, 0, &hKey, ptc));
ptc->dwErrorCode = ERROR_INVALID_PARAMETER; LOG_TRY(TSetKey(hKey, KP_PERMISSIONS, NULL, 0, ptc));
ptc->dwErrorCode = NTE_BAD_FLAGS; LOG_TRY(TSetKey(hKey, KP_PERMISSIONS, (PBYTE) &dw, TEST_INVALID_FLAG, ptc));
ptc->dwErrorCode = NTE_BAD_TYPE; LOG_TRY(TSetKey(hKey, TEST_INVALID_FLAG, (PBYTE) &dw, 0, ptc));
fSuccess = TRUE;
Cleanup:
if (hKey) { TDestroyKey(hKey, ptc); } if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: PositiveExportKeyTests
// Purpose: Run the test cases for CryptExportKey. The set of test cases depends on the current
// CSP class being tested, as specified in the dwCSPClass parameter.
//
BOOL PositiveExportKeyTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; LPWSTR pwszContainer = TEST_CONTAINER; HCRYPTPROV hProv = 0; HCRYPTKEY hKey = 0; HCRYPTKEY hEncryptKey = 0; PBYTE pbKey = NULL; DWORD cbKey = 0; PTESTCASE ptc = &(pCSPInfo->TestCase); LOG_TRY(CreateNewContext(&hProv, pwszContainer, CRYPT_NEWKEYSET, ptc)); //
// Group 5C
//
//
// Do CryptExportKey test cases
//
switch (pCSPInfo->TestCase.dwCSPClass) { case CLASS_SIG_ONLY: { LOG_TRY(CreateNewKey(hProv, AT_SIGNATURE, CRYPT_EXPORTABLE, &hKey, ptc)); LOG_TRY(CreateNewKey(hProv, CALG_RC4, 0, &hEncryptKey, ptc));
//
// Export a PRIVATEKEYBLOB
//
// Private key export is not permitted on Smart Cards
if (! pCSPInfo->fSmartCardCSP) { LOG_TRY(TExportKey(hKey, hEncryptKey, PRIVATEKEYBLOB, 0, NULL, &cbKey, ptc)); LOG_TRY(TestAlloc(&pbKey, cbKey, ptc)); LOG_TRY(TExportKey(hKey, hEncryptKey, PRIVATEKEYBLOB, 0, pbKey, &cbKey, ptc)); free(pbKey); pbKey = NULL; } //
// Export a PUBLICKEYBLOB
//
cbKey = 0; LOG_TRY(TExportKey(hKey, 0, PUBLICKEYBLOB, 0, NULL, &cbKey, ptc)); LOG_TRY(TestAlloc(&pbKey, cbKey, ptc)); LOG_TRY(TExportKey(hKey, 0, PUBLICKEYBLOB, 0, pbKey, &cbKey, ptc)); free(pbKey); pbKey = NULL; LOG_TRY(TDestroyKey(hKey, ptc)); hKey = 0; //
// Export a SYMMETRICWRAPKEYBLOB
//
LOG_TRY(CreateNewKey(hProv, CALG_RC4, CRYPT_EXPORTABLE, &hKey, ptc)); cbKey = 0; LOG_TRY(TExportKey(hKey, hEncryptKey, SYMMETRICWRAPKEYBLOB, 0, NULL, &cbKey, ptc)); LOG_TRY(TestAlloc(&pbKey, cbKey, ptc)); LOG_TRY(TExportKey(hKey, hEncryptKey, SYMMETRICWRAPKEYBLOB, 0, pbKey, &cbKey, ptc)); break; } case CLASS_SIG_KEYX: { //
// Export a SIMPLEBLOB
//
LOG_TRY(CreateNewKey(hProv, CALG_RC4, CRYPT_EXPORTABLE, &hKey, ptc));
LOG_TRY(CreateNewKey(hProv, AT_KEYEXCHANGE, 0, &hEncryptKey, ptc)); cbKey = 0; LOG_TRY(TExportKey(hKey, hEncryptKey, SIMPLEBLOB, 0, NULL, &cbKey, ptc)); LOG_TRY(TestAlloc(&pbKey, cbKey, ptc)); LOG_TRY(TExportKey(hKey, hEncryptKey, SIMPLEBLOB, 0, pbKey, &cbKey, ptc)); free(pbKey); pbKey = NULL; //
// Export a SIMPLEBLOB with the CRYPT_OAEP flag
//
cbKey = 0; LOG_TRY(TExportKey(hKey, hEncryptKey, SIMPLEBLOB, CRYPT_OAEP, NULL, &cbKey, ptc)); LOG_TRY(TestAlloc(&pbKey, cbKey, ptc)); LOG_TRY(TExportKey(hKey, hEncryptKey, SIMPLEBLOB, CRYPT_OAEP, pbKey, &cbKey, ptc)); break; } default: { goto Cleanup; } } fSuccess = TRUE; Cleanup: if (pbKey) { free(pbKey); } if (hKey) { TDestroyKey(hKey, ptc); } if (hEncryptKey) { TDestroyKey(hEncryptKey, ptc); } if (hProv) { TRelease(hProv, 0, ptc); } return fSuccess;}
//
// Function: NegativeExportKeyTests
// Purpose: Run the negative test cases for CryptExportKey. The set of test cases depends on the current
// CSP class being tested, as specified in the dwCSPClass parameter.
//
BOOL NegativeExportKeyTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; LPWSTR pwszContainer = TEST_CONTAINER; LPWSTR pwszContainer2 = TEST_CONTAINER_2; HCRYPTPROV hProv = 0; HCRYPTPROV hProv2 = 0; HCRYPTKEY hKey = 0; HCRYPTKEY hKeyExch = 0; HCRYPTKEY hEncryptKey = 0; DWORD dw = 0; DWORD cb = 0; PBYTE pb = NULL; PTESTCASE ptc = &(pCSPInfo->TestCase);
//
// Group 5C
//
//
// Run only the negative test cases appropriate for the current CSP class
//
switch (ptc->dwCSPClass) { case CLASS_SIG_ONLY: { //
// Do CryptExportKey CLASS_SIG_ONLY negative test cases
//
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TExportKey(0, 0, PUBLICKEYBLOB, 0, (PBYTE) &dw, &cb, ptc)); ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TExportKey(TEST_INVALID_HANDLE, 0, PUBLICKEYBLOB, 0, (PBYTE) &dw, &cb, ptc)); // The TEST_LEVEL_CONTAINER CryptAcquireContext tests should be run before
// other Container level tests to ensure that this works.
LOG_TRY(CreateNewContext(&hProv, pwszContainer, CRYPT_NEWKEYSET, ptc)); // Create an exportable signature key pair
LOG_TRY(CreateNewKey(hProv, AT_SIGNATURE, CRYPT_EXPORTABLE, &hKey, ptc)); ptc->dwErrorCode = ERROR_INVALID_PARAMETER; LOG_TRY(TExportKey(hKey, 0, PUBLICKEYBLOB, 0, (PBYTE) TEST_INVALID_POINTER, NULL, ptc)); // Indicate a buffer length that is too small
cb = 1; ptc->dwErrorCode = ERROR_MORE_DATA; LOG_TRY(TExportKey(hKey, 0, PUBLICKEYBLOB, 0, (PBYTE) &dw, &cb, ptc)); // cb should contain the actual required buffer size to export
// try to export to buffer that's too small, will AV
ptc->dwErrorCode = ERROR_INVALID_PARAMETER; LOG_TRY(TExportKey(hKey, 0, PUBLICKEYBLOB, 0, (PBYTE) TEST_INVALID_POINTER, &cb, ptc)); // invalid flags
ptc->dwErrorCode = NTE_BAD_FLAGS; LOG_TRY(TExportKey(hKey, 0, PUBLICKEYBLOB, TEST_INVALID_FLAG, (PBYTE) &dw, &cb, ptc)); // invalid blob type
ptc->dwErrorCode = NTE_BAD_TYPE; LOG_TRY(TExportKey(hKey, 0, TEST_INVALID_FLAG, 0, NULL, &cb, ptc));
// Private key export is not permitted on Smart Cards
if (pCSPInfo->fSmartCardCSP) { LOG_TRY(CreateNewKey(hProv, CALG_RC4, 0, &hEncryptKey, ptc));
ptc->dwErrorCode = NTE_BAD_TYPE; LOG_TRY(TExportKey(hKey, hEncryptKey, PRIVATEKEYBLOB, 0, NULL, &cb, ptc)); } else { LOG_TRY(TDestroyKey(hKey, ptc)); hKey = 0; // Create a new non-exportable signature key pair
LOG_TRY(CreateNewKey(hProv, AT_SIGNATURE, 0, &hKey, ptc));
// Try to export non-exportable key
ptc->dwErrorCode = NTE_BAD_KEY_STATE; LOG_TRY(TExportKey(hKey, 0, PRIVATEKEYBLOB, 0, (PBYTE) &dw, &cb, ptc)); } break; } case CLASS_SIG_KEYX: { //
// Do CryptExportKey CLASS_SIG_KEYX negative test cases
//
// Create context and key handle for signature pair
LOG_TRY(CreateNewContext(&hProv, pwszContainer, CRYPT_NEWKEYSET, ptc)); LOG_TRY(CreateNewKey(hProv, AT_SIGNATURE, CRYPT_EXPORTABLE, &hKey, ptc));
// Create key handle for exchange pair
LOG_TRY(CreateNewKey(hProv, AT_KEYEXCHANGE, 0, &hKeyExch, ptc));
// Should not be able to export PUBLICKEYBLOB with exchange key specified
ptc->dwErrorCode = NTE_BAD_PUBLIC_KEY; LOG_TRY(TExportKey(hKey, hKeyExch, PUBLICKEYBLOB, 0, (PBYTE) &dw, &cb, ptc));
// Destroy signature key
LOG_TRY(TDestroyKey(hKey, ptc)); hKey = 0;
// Create symmetric key
LOG_TRY(CreateNewKey(hProv, CALG_RC4, CRYPT_EXPORTABLE, &hKey, ptc));
ptc->dwErrorCode = NTE_BAD_KEY; LOG_TRY(TExportKey(hKey, TEST_INVALID_HANDLE, SIMPLEBLOB, 0, (PBYTE) &dw, &cb, ptc));
// Destroy the key exchange pair handle
LOG_TRY(TDestroyKey(hKeyExch, ptc)); hKeyExch = 0;
// Create separate cryptographic context
LOG_TRY(CreateNewContext(&hProv2, pwszContainer2, CRYPT_NEWKEYSET, ptc));
// Create new key exchange pair in new context
LOG_TRY(CreateNewKey(hProv, AT_KEYEXCHANGE, 0, &hKeyExch, ptc));
// Should not be able to export using keys from separate contexts
ptc->dwErrorCode = NTE_BAD_KEY; LOG_TRY(TExportKey(hKey, hKeyExch, PRIVATEKEYBLOB, 0, (PBYTE) &dw, &cb, ptc));
break; } }
fSuccess = TRUE;
Cleanup:
if (hKey) { TDestroyKey(hKey, ptc); } if (hKeyExch) { TDestroyKey(hKeyExch, ptc); } if (hEncryptKey) { TDestroyKey(hKey, ptc); } if (hProv) { TRelease(hProv, 0, ptc); } if (hProv2) { TRelease(hProv2, 0, ptc); }
return fSuccess;}
//
// Function: PositiveGetUserKeyTests
// Purpose: Run the test cases for CryptGetUserKey
//
BOOL PositiveGetUserKeyTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; LPWSTR pwszContainer = TEST_CONTAINER; HCRYPTPROV hProv = 0; HCRYPTKEY hKey = 0; PTESTCASE ptc = &(pCSPInfo->TestCase);
LOG_TRY(CreateNewContext(&hProv, pwszContainer, CRYPT_NEWKEYSET, ptc));
//
// Group 5E
//
//
// Do CryptGetUserKey test cases
//
switch(ptc->dwCSPClass) { case CLASS_SIG_ONLY: { LOG_TRY(CreateNewKey(hProv, AT_SIGNATURE, 0, &hKey, ptc));
LOG_TRY(TDestroyKey(hKey, ptc));
LOG_TRY(TGetUser(hProv, AT_SIGNATURE, &hKey, ptc));
break; } case CLASS_SIG_KEYX: { LOG_TRY(CreateNewKey(hProv, AT_KEYEXCHANGE, 0, &hKey, ptc));
LOG_TRY(TDestroyKey(hKey, ptc));
LOG_TRY(TGetUser(hProv, AT_KEYEXCHANGE, &hKey, ptc));
break; } default: { goto Cleanup; } }
fSuccess = TRUE;
Cleanup:
if (hKey) { TDestroyKey(hKey, ptc); } if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: NegativeGetUserKeyTests
// Purpose: Run the negative test cases for CryptGetUserKey
//
BOOL NegativeGetUserKeyTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; LPWSTR pwszContainer = TEST_CONTAINER; HCRYPTPROV hProv = 0; HCRYPTKEY hKey = 0; PTESTCASE ptc = &(pCSPInfo->TestCase);
//
// Group 5E
//
switch (ptc->dwCSPClass) { case CLASS_SIG_ONLY: { //
// Do CryptGetUserKey negative test cases
//
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TGetUser(0, AT_SIGNATURE, &hKey, ptc)); ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TGetUser(TEST_INVALID_HANDLE, AT_SIGNATURE, &hKey, ptc)); //
// Use context with no container access
//
LOG_TRY(CreateNewContext(&hProv, NULL, CRYPT_VERIFYCONTEXT, ptc));
//
// Create a non-persisted key pair.
//
/*
LOG_TRY(CreateNewKey(hProv, AT_SIGNATURE, 0, &hKey, ptc));
LOG_TRY(TDestroyKey(hKey, ptc)); */ // Not sure what expected error code should be here
ptc->dwErrorCode = NTE_NO_KEY; LOG_TRY(TGetUser(hProv, AT_SIGNATURE, &hKey, ptc)); LOG_TRY(TRelease(hProv, 0, ptc)); hProv = 0; // Create new context but no key
LOG_TRY(CreateNewContext(&hProv, pwszContainer, CRYPT_NEWKEYSET, ptc)); ptc->dwErrorCode = NTE_BAD_KEY; LOG_TRY(TGetUser(hProv, TEST_INVALID_FLAG, &hKey, ptc)); ptc->dwErrorCode = NTE_NO_KEY; LOG_TRY(TGetUser(hProv, AT_SIGNATURE, &hKey, ptc)); break; } case CLASS_SIG_KEYX: { // Create new context and signature key pair
LOG_TRY(CreateNewContext(&hProv, pwszContainer, CRYPT_NEWKEYSET, ptc)); LOG_TRY(CreateNewKey(hProv, AT_SIGNATURE, 0, &hKey, ptc));
// Request key exchange key pair, should fail since it hasn't been created
ptc->dwErrorCode = NTE_NO_KEY; LOG_TRY(TGetUser(hProv, AT_KEYEXCHANGE, &hKey, ptc));
break; } }
fSuccess = TRUE;
Cleanup:
if (hKey) { TDestroyKey(hKey, ptc); } if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: TestPrivateKeyBlobProc
//
BOOL TestPrivateKeyBlobProc( PALGNODE pAlgNode, PTESTCASE ptc, PVOID pvKeyExportInfo){ BOOL fSuccess = FALSE; HCRYPTKEY hKey = 0; HCRYPTKEY hEncryptKey = 0; PBYTE pbKey = NULL; DWORD cbKey = 0; PKEY_EXPORT_INFO pKeyExportInfo = (PKEY_EXPORT_INFO) pvKeyExportInfo; LOG_TRY(CreateNewKey( pKeyExportInfo->hProv, pKeyExportInfo->aiKey, CRYPT_EXPORTABLE | (pKeyExportInfo->dwKeySize << 16), &hKey, ptc));
if (pKeyExportInfo->fUseEncryptKey) { LOG_TRY(CreateNewKey( pKeyExportInfo->hProv, pAlgNode->ProvEnumalgsEx.aiAlgid, pKeyExportInfo->dwEncryptKeySize << 16, &hEncryptKey, ptc)); }
LOG_TRY(TExportKey( hKey, hEncryptKey, PRIVATEKEYBLOB, pKeyExportInfo->dwExportFlags, NULL, &cbKey, ptc));
LOG_TRY(TestAlloc(&pbKey, cbKey, ptc));
LOG_TRY(TExportKey( hKey, hEncryptKey, PRIVATEKEYBLOB, pKeyExportInfo->dwExportFlags, pbKey, &cbKey, ptc));
LOG_TRY(TDestroyKey(hKey, ptc)); hKey = 0;
LOG_TRY(TImportKey( pKeyExportInfo->hProv, pbKey, cbKey, hEncryptKey, pKeyExportInfo->dwExportFlags, &hKey, ptc));
fSuccess = TRUE;
Cleanup:
if (pbKey) { free(pbKey); } if (hKey) { TDestroyKey(hKey, ptc); } if (hEncryptKey) { TDestroyKey(hEncryptKey, ptc); }
return fSuccess;}
//
// Function: TestSymmetricWrapKeyBlobProc
//
BOOL TestSymmetricWrapKeyBlobProc( PALGNODE pAlgNode, PTESTCASE ptc, PVOID pvKeyExportInfo){ BOOL fSuccess = FALSE; HCRYPTKEY hKey = 0; HCRYPTKEY hEncryptKey = 0; PBYTE pbKey = NULL; DWORD cbKey = 0; PKEY_EXPORT_INFO pKeyExportInfo = (PKEY_EXPORT_INFO) pvKeyExportInfo; //
// Create the key to be exported
//
LOG_TRY(CreateNewKey( pKeyExportInfo->hProv, pAlgNode->ProvEnumalgsEx.aiAlgid, CRYPT_EXPORTABLE | (pKeyExportInfo->dwKeySize << 16), &hKey, ptc));
if (! pKeyExportInfo->fUseEncryptKey) { return FALSE; }
//
// Create the encryption key
//
LOG_TRY(CreateNewKey( pKeyExportInfo->hProv, pKeyExportInfo->aiEncryptKey, pKeyExportInfo->dwEncryptKeySize << 16, &hEncryptKey, ptc)); LOG_TRY(TExportKey( hKey, hEncryptKey, SYMMETRICWRAPKEYBLOB, pKeyExportInfo->dwExportFlags, NULL, &cbKey, ptc));
LOG_TRY(TestAlloc(&pbKey, cbKey, ptc));
LOG_TRY(TExportKey( hKey, hEncryptKey, SYMMETRICWRAPKEYBLOB, pKeyExportInfo->dwExportFlags, pbKey, &cbKey, ptc));
LOG_TRY(TDestroyKey(hKey, ptc)); hKey = 0;
LOG_TRY(TImportKey( pKeyExportInfo->hProv, pbKey, cbKey, hEncryptKey, pKeyExportInfo->dwExportFlags, &hKey, ptc));
fSuccess = TRUE;
Cleanup:
if (pbKey) { free(pbKey); } if (hKey) { TDestroyKey(hKey, ptc); } if (hEncryptKey) { TDestroyKey(hEncryptKey, ptc); }
return fSuccess;}
//
// Function: TestSymmetricWrapperProc
// Purpose: Test all possible combinations of wrapping one symmetric
// key algorithm with another. This function will be called once for
// each encryption key alg, and this function will use AlgListIterate
// to call TestSymmetricWrapKeyBlobProc once for each encryption
// key alg.
//
BOOL TestSymmetricWrapperProc( PALGNODE pAlgNode, PTESTCASE ptc, PVOID pvKeyExportInfo){ BOOL fSuccess = FALSE; ((PKEY_EXPORT_INFO) pvKeyExportInfo)->aiEncryptKey = pAlgNode->ProvEnumalgsEx.aiAlgid;
LOG_TRY(AlgListIterate( ((PKEY_EXPORT_INFO) pvKeyExportInfo)->pAlgList, DataEncryptFilter, TestSymmetricWrapKeyBlobProc, pvKeyExportInfo, ptc));
fSuccess = TRUE;
Cleanup: return fSuccess;}
//
// Function: ScenarioImportKeyTests
// Purpose: Test CryptImportKey and CryptExportKey for PRIVATEKEYBLOB and
// SYMMETRICWRAPKEYBLOB scenarios. Repeat for all supported encryption
// algorithms.
//
BOOL ScenarioImportKeyTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; LPWSTR pwszContainer = TEST_CONTAINER; PTESTCASE ptc = &(pCSPInfo->TestCase); PALGNODE pAlgList = pCSPInfo->pAlgList; KEY_EXPORT_INFO KeyExportInfo;
memset(&KeyExportInfo, 0, sizeof(KeyExportInfo));
LOG_TRY(CreateNewContext( &(KeyExportInfo.hProv), pwszContainer, CRYPT_NEWKEYSET, ptc));
//
// Run the PRIVATEKEYBLOB variations
//
KeyExportInfo.aiKey = AT_KEYEXCHANGE; KeyExportInfo.fUseEncryptKey = TRUE; LOG_TRY(AlgListIterate( pAlgList, DataEncryptFilter, TestPrivateKeyBlobProc, (PVOID) &KeyExportInfo, ptc));
//
// Run the SYMMETRICWRAPKEYBLOB variations
//
KeyExportInfo.aiKey = 0; KeyExportInfo.pAlgList = pAlgList;
LOG_TRY(AlgListIterate( pAlgList, DataEncryptFilter, TestSymmetricWrapperProc, (PVOID) &KeyExportInfo, ptc));
fSuccess = TRUE;
Cleanup:
if (KeyExportInfo.hProv) { TRelease(KeyExportInfo.hProv, 0, ptc); }
return fSuccess;}
//
// RSA Signature PRIVATEKEYBLOB
//
BYTE rgbPrivateKeyBlob [] = {0x07, 0x02, 0x00, 0x00, 0x00, 0x24, 0x00, 0x00,0x52, 0x53, 0x41, 0x32, 0x00, 0x02, 0x00, 0x00,0x01, 0x00, 0x01, 0x00, 0xf3, 0xd8, 0x26, 0xb9,0xbc, 0x43, 0xe4, 0x7c, 0x73, 0x36, 0xf6, 0xc3,0x92, 0x1e, 0x2d, 0x69, 0x8d, 0x17, 0x78, 0xdf,0x49, 0x9d, 0x1c, 0x5d, 0xbd, 0x9d, 0xf9, 0x66,0xd8, 0x27, 0xa2, 0x5f, 0x40, 0x95, 0x20, 0xe1,0xbf, 0xd4, 0x0b, 0x0d, 0xd7, 0xb6, 0x2d, 0x8b,0x05, 0x06, 0x9d, 0x9f, 0x4d, 0x17, 0x9e, 0x82,0x5e, 0x48, 0x74, 0xcf, 0x73, 0x1d, 0x60, 0xea,0x62, 0x7f, 0xfe, 0xeb, 0x37, 0x3e, 0x03, 0x3b,0x2b, 0x50, 0xc6, 0x28, 0x4a, 0x7d, 0xd9, 0x08,0xb3, 0x2e, 0x3c, 0x61, 0x61, 0x78, 0xf7, 0xd8,0xfd, 0x50, 0x05, 0x87, 0xfe, 0x6a, 0x68, 0x6e,0x15, 0xa8, 0x99, 0xfd, 0x25, 0x7d, 0x22, 0xef,0x9f, 0x70, 0x1c, 0xa7, 0x38, 0xa5, 0x18, 0x31,0x82, 0x72, 0x71, 0x72, 0x95, 0x01, 0x70, 0x12,0x04, 0xc8, 0xb9, 0xa0, 0xa1, 0xde, 0x8f, 0xef,0xc3, 0x30, 0x3a, 0xee, 0xc1, 0x57, 0xf3, 0x63,0xef, 0xb5, 0x78, 0x12, 0xb7, 0x69, 0x55, 0x45,0x57, 0x45, 0x51, 0x65, 0x01, 0x6e, 0x77, 0xad,0xe1, 0x0c, 0xa0, 0x02, 0x20, 0x91, 0x2c, 0x36,0x42, 0xad, 0x81, 0xdf, 0x21, 0x60, 0x5c, 0x06,0x0f, 0x4b, 0x26, 0xb4, 0x58, 0x1a, 0xda, 0x19,0x6c, 0x5b, 0x7c, 0x9a, 0x80, 0xcb, 0x15, 0x2d,0xb3, 0xde, 0x2b, 0xb2, 0xf8, 0xb8, 0x9d, 0xc8,0x38, 0x41, 0x93, 0xa3, 0xb1, 0x8d, 0x3e, 0x7e,0x3c, 0x78, 0xd7, 0x6f, 0xfd, 0xea, 0xc4, 0xf8,0xbb, 0x44, 0xb8, 0x1e, 0x3f, 0x70, 0x98, 0x38,0x4e, 0x4c, 0x2f, 0x95, 0xb8, 0xef, 0x21, 0x2e,0x12, 0x95, 0x0e, 0x3f, 0xb9, 0xdd, 0xa1, 0x97,0xdb, 0xcf, 0xdb, 0xcc, 0x86, 0xfe, 0x54, 0xae,0x59, 0xe6, 0xa7, 0x83, 0xd3, 0x7d, 0x5f, 0x5c,0xd1, 0xf6, 0x5a, 0xf0, 0xc1, 0xe2, 0xf8, 0xb8,0xc0, 0x7c, 0xd8, 0x2a, 0xcd, 0xc4, 0x31, 0xd5,0xe5, 0xc2, 0xa9, 0xa3, 0xe9, 0x70, 0x64, 0x28,0xf0, 0xb8, 0x31, 0x52, 0x6c, 0x8a, 0x3c, 0xae,0x43, 0xc4, 0xa5, 0x93, 0x1b, 0x86, 0x0f, 0x71,0xd1, 0x27, 0xb4, 0xe2};
//
// RSA Signature PUBLICKEYBLOB
//
BYTE rgbPublicKeyBlob [] ={0x06, 0x02, 0x00, 0x00, 0x00, 0x24, 0x00, 0x00,0x52, 0x53, 0x41, 0x31, 0x00, 0x02, 0x00, 0x00,0x01, 0x00, 0x01, 0x00, 0xd7, 0x90, 0x56, 0x7a,0x9e, 0x87, 0x53, 0x90, 0x94, 0x37, 0x46, 0x4e,0x99, 0xe7, 0xee, 0xc5, 0xa8, 0x24, 0x10, 0x5c,0xd3, 0xc9, 0x22, 0x15, 0xab, 0xfa, 0xa5, 0x2f,0x4e, 0x51, 0x73, 0x83, 0xef, 0x4c, 0x87, 0xe7,0x79, 0x83, 0xd0, 0xf0, 0xb7, 0x34, 0xf1, 0xe8,0x76, 0xb2, 0x6a, 0x0b, 0x13, 0x82, 0x9c, 0x89,0xeb, 0x57, 0xf1, 0x6b, 0x9c, 0x47, 0x99, 0xd2,0x26, 0x9d, 0x75, 0xc4};
//
// Function: PositiveImportKeyTests
// Purpose: Run the test cases for CryptImportKey. The set of test cases to be run
// depends on the current CSP class being tested, as specified in the dwCSPClass
// parameter.
//
BOOL PositiveImportKeyTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; LPWSTR pwszContainer = TEST_CONTAINER; HCRYPTKEY hKey = 0; HCRYPTKEY hEncryptKey = 0; HCRYPTPROV hProv = 0; PBYTE pbKey = NULL; DWORD cbKey = 0; PTESTCASE ptc = &(pCSPInfo->TestCase);
LOG_TRY(CreateNewContext(&hProv, pwszContainer, CRYPT_NEWKEYSET, ptc)); //
// Group 5F
//
//
// Do CryptImportKey positive test cases
//
switch (pCSPInfo->TestCase.dwCSPClass) { case CLASS_SIG_ONLY: { //
// Import a previously generated unencrypted PRIVATEKEYBLOB
//
LOG_TRY(TImportKey( hProv, rgbPrivateKeyBlob, sizeof(rgbPrivateKeyBlob), 0, 0, &hKey, ptc)); LOG_TRY(TDestroyKey(hKey, ptc)); hKey = 0; //
// Import a encrypted PRIVATEKEYBLOB generated from this CSP
//
LOG_TRY(CreateNewKey(hProv, AT_SIGNATURE, CRYPT_EXPORTABLE, &hKey, ptc)); LOG_TRY(CreateNewKey(hProv, CALG_RC4, 0, &hEncryptKey, ptc)); LOG_TRY(TExportKey(hKey, hEncryptKey, PRIVATEKEYBLOB, 0, NULL, &cbKey, ptc)); LOG_TRY(TestAlloc(&pbKey, cbKey, ptc)); LOG_TRY(TExportKey(hKey, hEncryptKey, PRIVATEKEYBLOB, 0, pbKey, &cbKey, ptc)); LOG_TRY(TDestroyKey(hKey, ptc)); hKey = 0; LOG_TRY(TImportKey(hProv, pbKey, cbKey, hEncryptKey, 0, &hKey, ptc)); LOG_TRY(TDestroyKey(hKey, ptc)); hKey = 0; free(pbKey); pbKey = NULL; //
// Import a previously generated PUBLICKEYBLOB
//
LOG_TRY(TImportKey( hProv, rgbPublicKeyBlob, sizeof(rgbPublicKeyBlob), 0, 0, &hKey, ptc)); LOG_TRY(TDestroyKey(hKey, ptc)); hKey = 0; //
// Import a SYMMETRICWRAPKEYBLOB
//
LOG_TRY(CreateNewKey(hProv, CALG_RC4, CRYPT_EXPORTABLE, &hKey, ptc)); cbKey = 0; LOG_TRY(TExportKey(hKey, hEncryptKey, SYMMETRICWRAPKEYBLOB, 0, NULL, &cbKey, ptc)); LOG_TRY(TestAlloc(&pbKey, cbKey, ptc)); LOG_TRY(TExportKey(hKey, hEncryptKey, SYMMETRICWRAPKEYBLOB, 0, pbKey, &cbKey, ptc)); LOG_TRY(TDestroyKey(hKey, ptc)); hKey = 0; LOG_TRY(TImportKey(hProv, pbKey, cbKey, hEncryptKey, 0, &hKey, ptc)); break; } case CLASS_SIG_KEYX: { //
// Import a SIMPLEBLOB
//
LOG_TRY(CreateNewKey(hProv, AT_KEYEXCHANGE, 0, &hEncryptKey, ptc)); LOG_TRY(CreateNewKey(hProv, CALG_RC4, CRYPT_EXPORTABLE, &hKey, ptc)); cbKey = 0; LOG_TRY(TExportKey(hKey, hEncryptKey, SIMPLEBLOB, 0, NULL, &cbKey, ptc)); LOG_TRY(TestAlloc(&pbKey, cbKey, ptc)); LOG_TRY(TExportKey(hKey, hEncryptKey, SIMPLEBLOB, 0, pbKey, &cbKey, ptc)); LOG_TRY(TDestroyKey(hKey, ptc)); hKey = 0; LOG_TRY(TImportKey(hProv, pbKey, cbKey, hEncryptKey, 0, &hKey, ptc)); LOG_TRY(TDestroyKey(hKey, ptc)); hKey = 0; free(pbKey); pbKey = NULL; //
// Import a SIMPLEBLOB with the CRYPT_OAEP flag
//
LOG_TRY(CreateNewKey(hProv, CALG_RC4, CRYPT_EXPORTABLE, &hKey, ptc)); cbKey = 0; LOG_TRY(TExportKey(hKey, hEncryptKey, SIMPLEBLOB, CRYPT_OAEP, NULL, &cbKey, ptc)); LOG_TRY(TestAlloc(&pbKey, cbKey, ptc)); LOG_TRY(TExportKey(hKey, hEncryptKey, SIMPLEBLOB, CRYPT_OAEP, pbKey, &cbKey, ptc)); LOG_TRY(TDestroyKey(hKey, ptc)); hKey = 0; LOG_TRY(TImportKey(hProv, pbKey, cbKey, hEncryptKey, CRYPT_OAEP, &hKey, ptc)); break; }
default: { goto Cleanup; } } fSuccess = TRUE;
Cleanup:
if (pbKey) { free(pbKey); } if (hKey) { TDestroyKey(hKey, ptc); } if (hEncryptKey) { TDestroyKey(hEncryptKey, ptc); } if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: NegativeImportKeyTests
// Purpose: Run the negative test cases for CryptImportKey. The set of test cases to be run
// depends on the current CSP class being tested, as specified in the dwCSPClass
// parameter.
//
BOOL NegativeImportKeyTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; LPWSTR pwszContainer = TEST_CONTAINER; HCRYPTPROV hProv = 0; HCRYPTKEY hKey = 0; HCRYPTKEY hKeyExch = 0; HCRYPTKEY hKeySig = 0; HCRYPTKEY hKeyEncr = 0; DWORD dw = 0; DWORD cb = 0; PBYTE pbKey = NULL; BLOBHEADER *pBlobHeader = NULL; PTESTCASE ptc = &(pCSPInfo->TestCase); // Acquire context with key container access
LOG_TRY(CreateNewContext(&hProv, pwszContainer, CRYPT_NEWKEYSET, ptc));
//
// Group 5F
//
switch (ptc->dwCSPClass) { case CLASS_SIG_ONLY: { //
// Do CryptImportKey negative test cases for CSP CLASS_SIG_ONLY
//
cb = sizeof(dw); ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TImportKey(0, (PBYTE) &dw, cb, 0, PUBLICKEYBLOB, &hKey, ptc)); ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TImportKey(TEST_INVALID_HANDLE, (PBYTE) &dw, cb, 0, PUBLICKEYBLOB, &hKey, ptc)); // Create a key signature key pair
LOG_TRY(CreateNewKey(hProv, AT_SIGNATURE, CRYPT_EXPORTABLE, &hKey, ptc)); // Get correct blob size for signature key public blob
ptc->fExpectSuccess = TRUE; LOG_TRY(TExportKey(hKey, 0, PUBLICKEYBLOB, 0, NULL, &cb, ptc)); LOG_TRY(TestAlloc(&pbKey, cb, ptc)); // Export the key
LOG_TRY(TExportKey(hKey, 0, PUBLICKEYBLOB, 0, pbKey, &cb, ptc)); // Destroy the key handle
LOG_TRY(TDestroyKey(hKey, ptc)); hKey = 0; ptc->fExpectSuccess = FALSE; // Invalid flag value
ptc->KnownErrorID = KNOWN_CRYPTIMPORTKEY_BADFLAGS; ptc->dwErrorCode = NTE_BAD_FLAGS; LOG_TRY(TImportKey(hProv, pbKey, cb, 0, TEST_INVALID_FLAG, &hKey, ptc)); ptc->KnownErrorID = KNOWN_ERROR_UNKNOWN;
// Pass in too short buffer
ptc->dwErrorCode = ERROR_INVALID_PARAMETER; LOG_TRY(TImportKey(hProv, (PBYTE) TEST_INVALID_POINTER, cb, 0, 0, &hKey, ptc)); break; } case CLASS_SIG_KEYX: { //
// Do CryptImportKey negative test cases for CSP CLASS_SIG_KEYX
//
// Create a key signature key pair
LOG_TRY(CreateNewKey(hProv, AT_SIGNATURE, CRYPT_EXPORTABLE, &hKeySig, ptc));
// Create a key exchange key pair
LOG_TRY(CreateNewKey(hProv, AT_KEYEXCHANGE, 0, &hKeyExch, ptc)); // Get correct blob size for signature key public blob
ptc->fExpectSuccess = TRUE; LOG_TRY(TExportKey(hKeySig, 0, PUBLICKEYBLOB, 0, NULL, &cb, ptc)); ptc->fExpectSuccess = FALSE; // Attempt to import an unencrypted key blob using a key-exchange key
ptc->dwErrorCode = ERROR_INVALID_PARAMETER; LOG_TRY(TImportKey(hProv, (PBYTE) TEST_INVALID_POINTER, cb, hKeyExch, 0, &hKey, ptc));
// Get correct blob size for encrypted signature key blob
/*
ptc->fExpectSuccess = TRUE; LOG_TRY(TExportKey(hKeySig, hKeyExch, PRIVATEKEYBLOB, 0, NULL, &cb, ptc));
LOG_TRY(TestAlloc(&pbKey, cb, ptc));
// Export the encrypted signature key
LOG_TRY(TExportKey(hKeySig, hKeyExch, PRIVATEKEYBLOB, 0, pbKey, &cb, ptc)); ptc->fExpectSuccess = FALSE;
// Attempt to import encrypted key blob with invalid key-exchange handle
ptc->dwErrorCode = NTE_BAD_KEY; LOG_TRY(TImportKey(hProv, pbKey, cb, TEST_INVALID_HANDLE, 0, &hKey, ptc));
// Free the key blob memory
free(pbKey); */
// Create a new encryption key
LOG_TRY(CreateNewKey(hProv, CALG_RC4, CRYPT_EXPORTABLE, &hKeyEncr, ptc));
// Get blob size for exporting encrypted symmetric key
ptc->fExpectSuccess = TRUE; LOG_TRY(TExportKey(hKeyEncr, hKeyExch, SIMPLEBLOB, 0, NULL, &cb, ptc));
LOG_TRY(TestAlloc(&pbKey, cb, ptc));
// Export encrypted symmetric key
LOG_TRY(TExportKey(hKeyEncr, hKeyExch, SIMPLEBLOB, 0, pbKey, &cb, ptc)); ptc->fExpectSuccess = FALSE;
// Attempt to import encrypted key blob with invalid key-exchange handle
ptc->dwErrorCode = NTE_BAD_KEY; LOG_TRY(TImportKey(hProv, pbKey, cb, TEST_INVALID_HANDLE, 0, &hKey, ptc));
pBlobHeader = (BLOBHEADER *) pbKey;
// Save header encryption alg
dw = pBlobHeader->aiKeyAlg;
// Clear header encryption alg field
pBlobHeader->aiKeyAlg = 0;
ptc->pwszErrorHelp = L"The blob header encryption algorithm is missing"; ptc->KnownErrorID = KNOWN_CRYPTIMPORTKEY_BADALGID; ptc->dwErrorCode = NTE_BAD_ALGID; LOG_TRY(TImportKey(hProv, pbKey, cb, hKeyExch, 0, &hKey, ptc)); ptc->pwszErrorHelp = NULL; ptc->KnownErrorID = KNOWN_ERROR_UNKNOWN;
// Restore header encryption alg
pBlobHeader->aiKeyAlg = dw;
// Save blob type header field
dw = pBlobHeader->bType;
// Clear blob type header field
pBlobHeader->bType = 0;
ptc->dwErrorCode = NTE_BAD_TYPE; LOG_TRY(TImportKey(hProv, pbKey, cb, hKeyExch, 0, &hKey, ptc));
// Restore blob type header field
pBlobHeader->bType = (BYTE) dw;
// Save blob version header field
dw = pBlobHeader->bVersion;
// Clear blob version header field
pBlobHeader->bVersion = 0;
ptc->dwErrorCode = NTE_BAD_VER; LOG_TRY(TImportKey(hProv, pbKey, cb, hKeyExch, 0, &hKey, ptc)); break; } }
fSuccess = TRUE;
Cleanup:
if (pbKey) { free(pbKey); } if (hKey) { TDestroyKey(hKey, ptc); } if (hKeySig) { TDestroyKey(hKeySig, ptc); } if (hKeyExch) { TDestroyKey(hKeyExch, ptc); } if (hKeyEncr) { TDestroyKey(hKeyEncr, ptc); } if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: PositiveSignHashTests
// Purpose: Run the test cases for CryptSignHash. The set of positive test cases to be run depends on the
// current CSP class being tested, as specified in the dwCSPClass parameter.
//
BOOL PositiveSignHashTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; LPWSTR pwszContainer = TEST_CONTAINER; HCRYPTPROV hProv = 0; HCRYPTKEY hKey = 0; HCRYPTHASH hHash = 0; PBYTE pbSignature = NULL; DWORD cbSignature = 0; PTESTCASE ptc = &(pCSPInfo->TestCase);
LOG_TRY(CreateNewContext(&hProv, pwszContainer, CRYPT_NEWKEYSET, ptc));
//
// Group 5G
//
//
// Do CryptSignHash positive test cases
//
switch(ptc->dwCSPClass) { case CLASS_SIG_ONLY: { //
// Sign a hash with a signature key pair
//
LOG_TRY(CreateNewKey(hProv, AT_SIGNATURE, 0, &hKey, ptc));
LOG_TRY(CreateNewHash(hProv, CALG_SHA1, &hHash, ptc));
LOG_TRY(TSignHash(hHash, AT_SIGNATURE, NULL, 0, NULL, &cbSignature, ptc));
LOG_TRY(TestAlloc(&pbSignature, cbSignature, ptc));
LOG_TRY(TSignHash(hHash, AT_SIGNATURE, NULL, 0, pbSignature, &cbSignature, ptc));
free(pbSignature); pbSignature = NULL;
//
// Sign with the CRYPT_NOHASHOID flag
//
LOG_TRY(TSignHash( hHash, AT_SIGNATURE, NULL, CRYPT_NOHASHOID, NULL, &cbSignature, ptc));
LOG_TRY(TestAlloc(&pbSignature, cbSignature, ptc));
LOG_TRY(TSignHash( hHash, AT_SIGNATURE, NULL, CRYPT_NOHASHOID, pbSignature, &cbSignature, ptc));
break; } case CLASS_SIG_KEYX: { //
// Sign a hash with a key exchange key pair
//
LOG_TRY(CreateNewKey(hProv, AT_KEYEXCHANGE, 0, &hKey, ptc));
LOG_TRY(CreateNewHash(hProv, CALG_SHA1, &hHash, ptc));
LOG_TRY(TSignHash(hHash, AT_KEYEXCHANGE, NULL, 0, NULL, &cbSignature, ptc));
LOG_TRY(TestAlloc(&pbSignature, cbSignature, ptc));
LOG_TRY(TSignHash(hHash, AT_KEYEXCHANGE, NULL, 0, pbSignature, &cbSignature, ptc));
free(pbSignature); pbSignature = NULL;
//
// Sign with the CRYPT_NOHASHOID flag
//
LOG_TRY(TSignHash( hHash, AT_KEYEXCHANGE, NULL, CRYPT_NOHASHOID, NULL, &cbSignature, ptc));
LOG_TRY(TestAlloc(&pbSignature, cbSignature, ptc));
LOG_TRY(TSignHash( hHash, AT_KEYEXCHANGE, NULL, CRYPT_NOHASHOID, pbSignature, &cbSignature, ptc));
break; } default: { goto Cleanup; } }
fSuccess = TRUE;
Cleanup:
if (pbSignature) { free(pbSignature); } if (hKey) { TDestroyKey(hKey, ptc); } if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: NegativeSignHashTests
// Purpose: Run the negative test cases for CryptSignHash.
//
BOOL NegativeSignHashTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; LPWSTR pwszContainer = TEST_CONTAINER; HCRYPTPROV hProv = 0; HCRYPTKEY hKey = 0; HCRYPTHASH hHash = 0; DWORD dw = 0; DWORD cb = 0; PTESTCASE ptc = &(pCSPInfo->TestCase);
//
// Group 5G
//
//
// Do CryptSignHash negative test cases
//
// Create provider handle with key container access
LOG_TRY(CreateNewContext(&hProv, pwszContainer, CRYPT_NEWKEYSET, ptc)); // Create hash
LOG_TRY(CreateNewHash(hProv, CALG_SHA1, &hHash, ptc));
// Attempt to sign with a keyset that doesn't exist
ptc->dwErrorCode = NTE_BAD_KEYSET; LOG_TRY(TSignHash(hHash, AT_SIGNATURE, NULL, 0, (PBYTE) &dw, &cb, ptc));
// Create signature key pair
LOG_TRY(CreateNewKey(hProv, AT_SIGNATURE, 0, &hKey, ptc));
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TSignHash(0, AT_SIGNATURE, NULL, 0, (PBYTE) &dw, &cb, ptc));
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TSignHash(TEST_INVALID_HANDLE, AT_SIGNATURE, NULL, 0, (PBYTE) &dw, &cb, ptc));
cb = 1; ptc->dwErrorCode = ERROR_MORE_DATA; LOG_TRY(TSignHash(hHash, AT_SIGNATURE, NULL, 0, (PBYTE) &dw, &cb, ptc));
ptc->dwErrorCode = NTE_BAD_ALGID; LOG_TRY(TSignHash(hHash, TEST_INVALID_FLAG, NULL, 0, (PBYTE) &dw, &cb, ptc));
ptc->dwErrorCode = NTE_BAD_FLAGS; LOG_TRY(TSignHash(hHash, AT_SIGNATURE, NULL, TEST_INVALID_FLAG, (PBYTE) &dw, &cb, ptc));
// Release the provider handle
/*
LOG_TRY(TRelease(hProv, 0, ptc)); hProv = 0;
// Provider handle used to create hHash is now invalid
ptc->dwErrorCode = NTE_BAD_UID; LOG_TRY(TSignHash(hHash, AT_SIGNATURE, NULL, 0, (PBYTE) &dw, &cb, ptc)); */
fSuccess = TRUE;
Cleanup:
if (hKey) { TDestroyKey(hKey, ptc); } if (hHash) { TDestroyHash(hHash, ptc); } if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: SignAndVerifySignatureProc
//
BOOL SignAndVerifySignatureProc( PALGNODE pAlgNode, PTESTCASE ptc, PVOID pvSignHashInfo){ BOOL fSuccess = FALSE; HCRYPTHASH hHash = 0; PBYTE pbSignature = NULL; DWORD cbSignature = 0; PSIGN_HASH_INFO pSignHashInfo = (PSIGN_HASH_INFO) pvSignHashInfo;
LOG_TRY(CreateNewHash( pSignHashInfo->hProv, pAlgNode->ProvEnumalgsEx.aiAlgid, &hHash, ptc));
LOG_TRY(THashData( hHash, pSignHashInfo->dbBaseData.pbData, pSignHashInfo->dbBaseData.cbData, 0, ptc));
//
// Sign the hash with the Signature key pair and verify
// the signature.
//
LOG_TRY(TSignHash( hHash, AT_SIGNATURE, NULL, 0, NULL, &cbSignature, ptc));
LOG_TRY(TestAlloc(&pbSignature, cbSignature, ptc));
LOG_TRY(TSignHash( hHash, AT_SIGNATURE, NULL, 0, pbSignature, &cbSignature, ptc));
LOG_TRY(TVerifySign( hHash, pbSignature, cbSignature, pSignHashInfo->hSigKey, NULL, 0, ptc));
free(pbSignature); pbSignature = NULL;
//
// Sign the hash with the Key Exchange key pair and
// verify the signature.
//
LOG_TRY(TSignHash( hHash, AT_KEYEXCHANGE, NULL, 0, NULL, &cbSignature, ptc));
LOG_TRY(TestAlloc(&pbSignature, cbSignature, ptc));
LOG_TRY(TSignHash( hHash, AT_KEYEXCHANGE, NULL, 0, pbSignature, &cbSignature, ptc));
LOG_TRY(TVerifySign( hHash, pbSignature, cbSignature, pSignHashInfo->hExchKey, NULL, 0, ptc));
fSuccess = TRUE;
Cleanup:
if (pbSignature) { free(pbSignature); } if (hHash) { TDestroyHash(hHash, ptc); }
return fSuccess;}
//
// Function: ScenarioVerifySignatureTests
// Purpose: For each supported hash algorithm, call
// SignAndVerifySignatureProc.
//
BOOL ScenarioVerifySignatureTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; LPWSTR pwszContainer = TEST_CONTAINER; PTESTCASE ptc = &(pCSPInfo->TestCase); PALGNODE pAlgList = pCSPInfo->pAlgList; SIGN_HASH_INFO SignHashInfo;
memset(&SignHashInfo, 0, sizeof(SignHashInfo));
LOG_TRY(CreateNewContext( &(SignHashInfo.hProv), pwszContainer, CRYPT_NEWKEYSET, ptc));
LOG_TRY(CreateNewKey( SignHashInfo.hProv, AT_SIGNATURE, 0, &(SignHashInfo.hSigKey), ptc));
LOG_TRY(CreateNewKey( SignHashInfo.hProv, AT_KEYEXCHANGE, 0, &(SignHashInfo.hExchKey), ptc));
SignHashInfo.dbBaseData.cbData = wcslen(TEST_HASH_DATA) * sizeof(WCHAR);
LOG_TRY(TestAlloc( &(SignHashInfo.dbBaseData.pbData), SignHashInfo.dbBaseData.cbData, ptc));
memcpy( SignHashInfo.dbBaseData.pbData, TEST_HASH_DATA, SignHashInfo.dbBaseData.cbData);
//
// The SignAndVerifySignatureProc isn't meant to work with
// MAC algorithms, so filter those out.
//
LOG_TRY(AlgListIterate( pAlgList, HashAlgFilter, SignAndVerifySignatureProc, (PVOID) &SignHashInfo, ptc));
fSuccess = TRUE;
Cleanup:
if (SignHashInfo.dbBaseData.pbData) { free(SignHashInfo.dbBaseData.pbData); } if (SignHashInfo.hExchKey) { TDestroyKey(SignHashInfo.hExchKey, ptc); } if (SignHashInfo.hSigKey) { TDestroyKey(SignHashInfo.hSigKey, ptc); } if (SignHashInfo.hProv) { TRelease(SignHashInfo.hProv, 0, ptc); }
return fSuccess;}
//
// Function: PositiveVerifySignatureTests
// Purpose: Run the test cases for CryptVerifySignature
//
BOOL PositiveVerifySignatureTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; LPWSTR pwszContainer = TEST_CONTAINER; HCRYPTPROV hProv = 0; HCRYPTKEY hKey = 0; HCRYPTHASH hHash = 0; PBYTE pbSignature = NULL; DWORD cbSignature = 0; PTESTCASE ptc = &(pCSPInfo->TestCase);
LOG_TRY(CreateNewContext(&hProv, pwszContainer, CRYPT_NEWKEYSET, ptc));
//
// Group 5H
//
//
// Do CryptVerifySignature positive test cases
//
switch(ptc->dwCSPClass) { case CLASS_SIG_ONLY: { //
// Sign and verify a hash using a signature key pair
//
LOG_TRY(CreateNewKey(hProv, AT_SIGNATURE, 0, &hKey, ptc));
LOG_TRY(CreateNewHash(hProv, CALG_SHA1, &hHash, ptc));
LOG_TRY(TSignHash(hHash, AT_SIGNATURE, NULL, 0, NULL, &cbSignature, ptc));
LOG_TRY(TestAlloc(&pbSignature, cbSignature, ptc));
LOG_TRY(TSignHash(hHash, AT_SIGNATURE, NULL, 0, pbSignature, &cbSignature, ptc));
LOG_TRY(TVerifySign( hHash, pbSignature, cbSignature, hKey, NULL, 0, ptc));
free(pbSignature); pbSignature = NULL;
//
// Sign and verify using the CRYPT_NOHASHOID flag
//
LOG_TRY(TSignHash( hHash, AT_SIGNATURE, NULL, CRYPT_NOHASHOID, NULL, &cbSignature, ptc));
LOG_TRY(TestAlloc(&pbSignature, cbSignature, ptc));
LOG_TRY(TSignHash( hHash, AT_SIGNATURE, NULL, CRYPT_NOHASHOID, pbSignature, &cbSignature, ptc));
LOG_TRY(TVerifySign( hHash, pbSignature, cbSignature, hKey, NULL, CRYPT_NOHASHOID, ptc));
break; } case CLASS_SIG_KEYX: { //
// Sign and verify a hash with a key exchange key pair
//
LOG_TRY(CreateNewKey(hProv, AT_KEYEXCHANGE, 0, &hKey, ptc));
LOG_TRY(CreateNewHash(hProv, CALG_SHA1, &hHash, ptc));
LOG_TRY(TSignHash(hHash, AT_KEYEXCHANGE, NULL, 0, NULL, &cbSignature, ptc));
LOG_TRY(TestAlloc(&pbSignature, cbSignature, ptc));
LOG_TRY(TSignHash(hHash, AT_KEYEXCHANGE, NULL, 0, pbSignature, &cbSignature, ptc));
LOG_TRY(TVerifySign( hHash, pbSignature, cbSignature, hKey, NULL, 0, ptc));
free(pbSignature); pbSignature = NULL;
//
// Sign and verify using the CRYPT_NOHASHOID flag
//
LOG_TRY(TSignHash( hHash, AT_KEYEXCHANGE, NULL, CRYPT_NOHASHOID, NULL, &cbSignature, ptc));
LOG_TRY(TestAlloc(&pbSignature, cbSignature, ptc));
LOG_TRY(TSignHash( hHash, AT_KEYEXCHANGE, NULL, CRYPT_NOHASHOID, pbSignature, &cbSignature, ptc));
LOG_TRY(TVerifySign( hHash, pbSignature, cbSignature, hKey, NULL, CRYPT_NOHASHOID, ptc));
break; } default: { goto Cleanup; } }
fSuccess = TRUE;
Cleanup:
if (pbSignature) { free(pbSignature); } if (hKey) { TDestroyKey(hKey, ptc); } if (hProv) { TRelease(hProv, 0, ptc); }
return fSuccess;}
//
// Function: NegativeVerifySignatureTests
// Purpose: Run the negative test cases for CryptVerifySignature
//
BOOL NegativeVerifySignatureTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; LPWSTR pwszContainer = TEST_CONTAINER; HCRYPTPROV hProv = 0; HCRYPTKEY hKey = 0; HCRYPTHASH hHash = 0; //DWORD dw = 0;
DWORD cb = 0; PBYTE pb = NULL; PTESTCASE ptc = &(pCSPInfo->TestCase);
//
// Group 5H
//
//
// Do CryptVerifySignature negative test cases
//
// Create new context with key container access
LOG_TRY(CreateNewContext(&hProv, pwszContainer, CRYPT_NEWKEYSET, ptc));
// Create new signature key pair
LOG_TRY(CreateNewKey(hProv, AT_SIGNATURE, 0, &hKey, ptc));
// Create new hash
LOG_TRY(CreateNewHash(hProv, CALG_SHA1, &hHash, ptc));
// Sign the hash
ptc->fExpectSuccess = TRUE; LOG_TRY(TSignHash(hHash, AT_SIGNATURE, NULL, 0, NULL, &cb, ptc));
LOG_TRY(TestAlloc(&pb, cb, ptc));
LOG_TRY(TSignHash(hHash, AT_SIGNATURE, NULL, 0, pb, &cb, ptc)); ptc->fExpectSuccess = FALSE;
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TVerifySign(0, pb, cb, hKey, NULL, 0, ptc));
ptc->dwErrorCode = ERROR_INVALID_HANDLE; LOG_TRY(TVerifySign(TEST_INVALID_HANDLE, pb, cb, hKey, NULL, 0, ptc));
ptc->dwErrorCode = ERROR_INVALID_PARAMETER; LOG_TRY(TVerifySign(hHash, NULL, cb, hKey, NULL, 0, ptc));
ptc->dwErrorCode = NTE_BAD_FLAGS; LOG_TRY(TVerifySign(hHash, pb, cb, hKey, NULL, TEST_INVALID_FLAG, ptc));
// Use invalid signature key handle
ptc->dwErrorCode = NTE_BAD_KEY; LOG_TRY(TVerifySign(hHash, pb, cb, TEST_INVALID_HANDLE, NULL, 0, ptc));
// Indicate a too-short buffer length
ptc->dwErrorCode = NTE_BAD_SIGNATURE; LOG_TRY(TVerifySign(hHash, pb, cb - 1, hKey, NULL, 0, ptc));
// Flip the bits in the last byte of the signature blob
pb[cb - 1] = ~(pb[cb - 1]);
ptc->dwErrorCode = NTE_BAD_SIGNATURE; LOG_TRY(TVerifySign(hHash, pb, cb, hKey, NULL, 0, ptc));
/*
// Release the context used to create hHash
LOG_TRY(TRelease(hProv, 0, ptc)); hProv = 0;
// Provider handle used to create hHash is now invalid
ptc->dwErrorCode = NTE_BAD_UID; LOG_TRY(TVerifySign(hHash, pb, cb, hKey, NULL, 0, ptc)); */
fSuccess = TRUE;
Cleanup:
if (hHash) { TDestroyHash(hHash, ptc); } if (hKey) { TDestroyKey(hKey, ptc); } if (hProv) { TRelease(hProv, 0, ptc); } if (pb) { free(pb); }
return fSuccess;}
//
// Function: TestKeyExchangeProc
// Purpose: Simulate a key/data exchange scenario for the specified
// encryption alg.
//
BOOL TestKeyExchangeProc( PALGNODE pAlgNode, PTESTCASE ptc, PVOID pvExchangeProcInfo){ BOOL fSuccess = FALSE; PEXCHANGE_PROC_INFO pExchangeProcInfo = (PEXCHANGE_PROC_INFO) pvExchangeProcInfo; KEYEXCHANGE_INFO KeyExchangeInfo; KEYEXCHANGE_STATE KeyExchangeState;
memset(&KeyExchangeInfo, 0, sizeof(KeyExchangeInfo)); memset(&KeyExchangeState, 0, sizeof(KeyExchangeState));
KeyExchangeInfo.aiHash = pExchangeProcInfo->aiHashAlg; KeyExchangeInfo.aiSessionKey = pAlgNode->ProvEnumalgsEx.aiAlgid; KeyExchangeInfo.dbPlainText.pbData = pExchangeProcInfo->dbPlainText.pbData; KeyExchangeInfo.dbPlainText.cbData = pExchangeProcInfo->dbPlainText.cbData; KeyExchangeInfo.dwPubKeySize = pExchangeProcInfo->dwPublicKeySize;
LOG_TRY(RSA1_CreateKeyPair( pExchangeProcInfo->hProv, &KeyExchangeInfo, &KeyExchangeState, ptc));
LOG_TRY(RSA2_EncryptPlainText( pExchangeProcInfo->hInteropProv, &KeyExchangeInfo, &KeyExchangeState, ptc));
LOG_TRY(RSA3_DecryptAndCheck( pExchangeProcInfo->hProv, &KeyExchangeInfo, &KeyExchangeState, ptc));
fSuccess = TRUE;
Cleanup:
return fSuccess;}
//
// Function: InteropKeyExchangeTests
// Purpose: Run the TestKeyExchangeProc for each encryption algorithm
// supported by this CSP. Cryptographic context A will be from the CSP
// under test. Context B will be from the interop context specified
// by the user.
//
BOOL InteropKeyExchangeTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; LPWSTR pwszContainer = TEST_CONTAINER; LPWSTR pwszInteropContainer = TEST_CONTAINER_2; PTESTCASE ptc = &(pCSPInfo->TestCase); PALGNODE pAlgList = pCSPInfo->pAlgList; EXCHANGE_PROC_INFO ExchangeProcInfo;
memset(&ExchangeProcInfo, 0, sizeof(ExchangeProcInfo));
LOG_TRY(CreateNewContext( &(ExchangeProcInfo.hProv), pwszContainer, CRYPT_NEWKEYSET, ptc));
LOG_TRY(CreateNewInteropContext( &(ExchangeProcInfo.hInteropProv), pwszInteropContainer, CRYPT_NEWKEYSET, ptc));
//
// Note: Using the following hard-coded information for this
// test.
//
ExchangeProcInfo.aiHashAlg = CALG_SHA1; ExchangeProcInfo.dbPlainText.cbData = wcslen(TEST_HASH_DATA) * sizeof(WCHAR);
LOG_TRY(TestAlloc( &(ExchangeProcInfo.dbPlainText.pbData), ExchangeProcInfo.dbPlainText.cbData, ptc));
memcpy( ExchangeProcInfo.dbPlainText.pbData, TEST_DECRYPT_DATA, ExchangeProcInfo.dbPlainText.cbData);
LOG_TRY(AlgListIterate( pAlgList, DataEncryptFilter, TestKeyExchangeProc, (PVOID) &ExchangeProcInfo, ptc));
fSuccess = TRUE;
Cleanup:
if (ExchangeProcInfo.dbPlainText.pbData) { free(ExchangeProcInfo.dbPlainText.pbData); } if (ExchangeProcInfo.hProv) { TRelease(ExchangeProcInfo.hProv, 0, ptc); } if (ExchangeProcInfo.hInteropProv) { TRelease(ExchangeProcInfo.hInteropProv, 0, ptc); }
return fSuccess;}
//
// Function: ScenarioKeyExchangeTests
// Purpose: Run the TestKeyExchangeProc for each encryption algorithm
// supported by this CSP. Both of the cryptographic contexts in the
// scenario will be from the CSP under test.
//
BOOL ScenarioKeyExchangeTests(PCSPINFO pCSPInfo){ BOOL fSuccess = FALSE; LPWSTR pwszContainer = TEST_CONTAINER; LPWSTR pwszContainer2 = TEST_CONTAINER_2; PTESTCASE ptc = &(pCSPInfo->TestCase); PALGNODE pAlgList = pCSPInfo->pAlgList; EXCHANGE_PROC_INFO ExchangeProcInfo;
memset(&ExchangeProcInfo, 0, sizeof(ExchangeProcInfo));
LOG_TRY(CreateNewContext( &(ExchangeProcInfo.hProv), pwszContainer, CRYPT_NEWKEYSET, ptc));
LOG_TRY(CreateNewContext( &(ExchangeProcInfo.hInteropProv), pwszContainer2, CRYPT_NEWKEYSET, ptc));
//
// Note: Using the following hard-coded information for this
// test.
//
ExchangeProcInfo.aiHashAlg = CALG_SHA1; ExchangeProcInfo.dbPlainText.cbData = wcslen(TEST_HASH_DATA) * sizeof(WCHAR);
LOG_TRY(TestAlloc( &(ExchangeProcInfo.dbPlainText.pbData), ExchangeProcInfo.dbPlainText.cbData, ptc));
memcpy( ExchangeProcInfo.dbPlainText.pbData, (PVOID) TEST_DECRYPT_DATA, ExchangeProcInfo.dbPlainText.cbData);
LOG_TRY(AlgListIterate( pAlgList, DataEncryptFilter, TestKeyExchangeProc, (PVOID) &ExchangeProcInfo, ptc));
fSuccess = TRUE;
Cleanup:
if (ExchangeProcInfo.dbPlainText.pbData) { free(ExchangeProcInfo.dbPlainText.pbData); } if (ExchangeProcInfo.hProv) { TRelease(ExchangeProcInfo.hProv, 0, ptc); } if (ExchangeProcInfo.hInteropProv) { TRelease(ExchangeProcInfo.hInteropProv, 0, ptc); }
return fSuccess;}
//
// Function: GetKnownErrorValue
//
DWORD GetKnownErrorValue( IN KNOWN_ERROR_ID KnownErrorID, IN DWORD dwCurrentErrorLevel){ DWORD dwActualErrorLevel = dwCurrentErrorLevel; int iErrorTable = 0;
//
// Search the g_KnownErrorTable for KnownErrorID
//
for ( iErrorTable = 0; iErrorTable < (sizeof(g_KnownErrorTable) / sizeof(KNOWN_ERROR_INFO)); iErrorTable++) { if (KnownErrorID == g_KnownErrorTable[iErrorTable].KnownErrorID) { //
// This is a known error. Get the error level that should be
// applied.
//
dwActualErrorLevel = g_KnownErrorTable[iErrorTable].dwErrorLevel;
//
// Check the version information for this error
//
if (! IsVersionCorrect( g_KnownErrorTable[iErrorTable].dwMajorVersion, g_KnownErrorTable[iErrorTable].dwMinorVersion, g_KnownErrorTable[iErrorTable].dwServicePackMajor, g_KnownErrorTable[iErrorTable].dwServicePackMinor)) { //
// This error is old. Increase the error level.
//
dwActualErrorLevel = IncrementErrorLevel(dwActualErrorLevel); } } }
return dwActualErrorLevel;}
//
// Function: IsAPIRelevant
// Purpose: Determine if the test case supplied in the pTableEntry parameter
// is appropriate for the supplied dwCSPClass and dwTestLevel.
//
BOOL IsAPIRelevant( IN DWORD dwCSPClass, IN DWORD dwTestLevel, IN DWORD dwTestType, IN PTESTTABLEENTRY pTableEntry){ DWORD dwAPITestLevels = 0;
switch (dwCSPClass) { case CLASS_SIG_ONLY: { dwAPITestLevels = pTableEntry->dwClassSigOnly; break; } case CLASS_SIG_KEYX: { dwAPITestLevels = pTableEntry->dwClassSigKeyX; break; } case CLASS_FULL: { dwAPITestLevels = pTableEntry->dwClassFull; break; } case CLASS_OPTIONAL: { dwAPITestLevels = pTableEntry->dwClassOptional; break; } default: { return FALSE; } }
if ((dwTestType == pTableEntry->dwTestType) && (dwAPITestLevels & dwTestLevel)) { return TRUE; }
return FALSE;}
//
// Function: InitTestCase
// Purpose: Initialize a TESTCASE structure with the most typical default
// values.
//
void InitTestCase(PTESTCASE pTestCase){ //
// Initialize the TESTCASE structure for this API test
//
memset(pTestCase, 0, sizeof(TESTCASE)); //
// For now, set a low-enough error level so that the test will
// continue after most failed test cases.
//
// The pTestCase->dwErrorLevel is where most of the control of the flow of the
// test (with respect to error handling) is afforded. The flags used here should
// be a function of the environment in which the test is being run, and should
// be optionally controllable by command-line.
//
pTestCase->dwErrorLevel = CSP_ERROR_CONTINUE; pTestCase->KnownErrorID = KNOWN_ERROR_UNKNOWN;}
//
// Function: RunTestsByClassAndLevel
// Purpose: For a given CSP Class and Test Level, run the appropriate set
// of API tests, per the test mappings in the
// g_TestFunctionMappings table.
//
BOOL RunTestsByClassAndLevel( IN DWORD dwCSPClass, IN DWORD dwTestLevel, IN DWORD dwTestType, PCSPINFO pCspInfo){ BOOL fErrorOccurred = FALSE; int iAPI = 0;
//
// For each (CSP_CLASS, TEST_LEVEL) combination, run through
// each of the entries in the test table above.
//
for ( iAPI = 0; iAPI < (sizeof(g_TestFunctionMappings) / sizeof(TESTTABLEENTRY)); ++iAPI) { //
// Determine if the current TESTTABLEENTRY in TestFunctionMappings is
// applicable for the current (dwCSPClass, dwTestLevel) combination.
//
if (IsAPIRelevant( dwCSPClass, dwTestLevel, dwTestType, &(g_TestFunctionMappings[iAPI]))) { if (LogBeginAPI( g_TestFunctionMappings[iAPI].ApiName, dwTestType)) { //
// Initialize the test TESTCASE member of the CSPINFO struct
// to typical values.
//
InitTestCase(&(pCspInfo->TestCase)); pCspInfo->TestCase.dwTestLevel = dwTestLevel; pCspInfo->TestCase.dwCSPClass = dwCSPClass; pCspInfo->TestCase.fSmartCardCSP = pCspInfo->fSmartCardCSP; if (TEST_CASES_POSITIVE == dwTestType) { pCspInfo->TestCase.fExpectSuccess = TRUE; } //
// Run the current test case
//
if (! (*(g_TestFunctionMappings[iAPI].pTestFunc))(pCspInfo)) { fErrorOccurred = TRUE; } LogEndAPI( g_TestFunctionMappings[iAPI].ApiName, dwTestType); } } }
return ! fErrorOccurred;}
//
// Function: RunStandardTests
// Purpose: Iterate through the [CSP_CLASS, TEST_LEVEL] combinations for each
// test listed in the g_TestFunctionMappings table.
//
BOOL RunStandardTests( IN DWORD dwTargetCSPClass, IN DWORD dwTestType, PCSPINFO pCspInfo){ BOOL fErrorOccurred = FALSE; DWORD dwCSPClass = 0; DWORD dwTestLevel = 0; int iCSPClass = 0; int iTestLevel = 0; dwCSPClass = g_rgCspClasses[iCSPClass];
//
// Run through each possible CSP_CLASS but stop after the CSP_CLASS
// specified by the dwTargetCSPClass parameter.
//
while ( LogBeginCSPClass(dwCSPClass)) { //
// Run through each TEST_LEVEL for the current CSP_CLASS
//
for ( iTestLevel = 0; iTestLevel < (sizeof(g_rgTestLevels) / sizeof(dwTestLevel)); ++iTestLevel) { dwTestLevel = g_rgTestLevels[iTestLevel];
if (LogBeginTestLevel(dwTestLevel)) { if (! RunTestsByClassAndLevel( dwCSPClass, dwTestLevel, dwTestType, pCspInfo)) { fErrorOccurred = TRUE; } LogEndTestLevel(dwTestLevel); } }
LogEndCSPClass(dwCSPClass);
if (dwCSPClass == dwTargetCSPClass) { break; } else { iCSPClass++; dwCSPClass = g_rgCspClasses[iCSPClass]; } }
return ! fErrorOccurred;}
//
// Function: RunPositiveTests
// Purpose: Run all of the positive test cases for a CSP of the
// specified class.
//
BOOL RunPositiveTests(DWORD dwTargetCSPClass, PCSPINFO pCSPInfo){ return RunStandardTests(dwTargetCSPClass, TEST_CASES_POSITIVE, pCSPInfo);}
//
// Function: RunNegativeTests
// Purpose: Run all of the negative test cases for a CSP of the
// specified class.
//
BOOL RunNegativeTests(DWORD dwTargetCSPClass, PCSPINFO pCSPInfo){ return RunStandardTests(dwTargetCSPClass, TEST_CASES_NEGATIVE, pCSPInfo);}
//
// Function: RunScenarioTests
// Purpose: Run all of the CSP Test Suite Scenario tests.
//
BOOL RunScenarioTests(PCSPINFO pCSPInfo){ BOOL fErrorOccurred = FALSE; int iScenarioTable = 0; for ( iScenarioTable = 0; iScenarioTable < (sizeof(g_ScenarioTestTable) / sizeof(BASIC_TEST_TABLE)); iScenarioTable++) { InitTestCase(&(pCSPInfo->TestCase)); pCSPInfo->TestCase.fExpectSuccess = TRUE; pCSPInfo->TestCase.dwErrorLevel = CSP_ERROR_API;
LogBeginScenarioTest(g_ScenarioTestTable[iScenarioTable].pwszDescription);
//
// Run the current test case
//
if (! (*(g_ScenarioTestTable[iScenarioTable].pTestFunc))(pCSPInfo)) { fErrorOccurred = TRUE; }
LogEndScenarioTest(); }
return ! fErrorOccurred;}
//
// Function: RunInteropTests
// Purpose: Run all of the CSP Test Suite Interoperability tests.
//
BOOL RunInteropTests(PCSPINFO pCSPInfo){ BOOL fErrorOccurred = FALSE; int iInteropTable = 0;
for ( iInteropTable = 0; iInteropTable < (sizeof(g_InteropTestTable) / sizeof(BASIC_TEST_TABLE)); iInteropTable++) { InitTestCase(&(pCSPInfo->TestCase)); pCSPInfo->TestCase.fExpectSuccess = TRUE; pCSPInfo->TestCase.dwErrorLevel = CSP_ERROR_API;
LogBeginInteropTest(g_InteropTestTable[iInteropTable].pwszDescription);
//
// Run the current test case
//
if (! (*(g_InteropTestTable[iInteropTable].pTestFunc))(pCSPInfo)) { fErrorOccurred = TRUE; }
LogEndInteropTest(); }
return ! fErrorOccurred;}
//
// Function: CleanupCspInfo
// Purpose: Perform any cleanup or memory-freeing necessary for the
// CSPINFO struct.
//
void CleanupCspInfo(PCSPINFO pCSPInfo){ PALGNODE pAlgNode = NULL;
if (pCSPInfo->pwszCSPName) { free(pCSPInfo->pwszCSPName); } //
// Free the linked ALGNODE list
//
while (pCSPInfo->pAlgList) { pAlgNode = pCSPInfo->pAlgList->pAlgNodeNext; free(pCSPInfo->pAlgList); pCSPInfo->pAlgList = pAlgNode; }}
//
// Function: GetProviderType
// Purpose: Given the name of the CSP under test, call CryptEnumProviders
// until that CSP is found. Return the type for that CSP to the caller.
//
BOOL GetProviderType( IN LPWSTR pwszProvName, OUT PDWORD pdwProvType){ WCHAR rgProvName [MAX_PATH * sizeof(WCHAR)]; DWORD cb = sizeof(rgProvName); DWORD dwIndex = 0;
memset(rgProvName, 0, sizeof(rgProvName));
while (CryptEnumProviders( dwIndex, NULL, 0, pdwProvType, rgProvName, &cb)) { if (0 == wcscmp(rgProvName, pwszProvName)) { return TRUE; } else { dwIndex++; cb = sizeof(rgProvName); } }
return FALSE;}
//
// Function: DeleteDefaultContainer
// Purpose: Delete the default key container for the CSP
// under test.
//
BOOL DeleteDefaultContainer(PCSPINFO pCSPInfo){ HCRYPTPROV hProv = 0;
return CryptAcquireContext( &hProv, NULL, pCSPInfo->pwszCSPName, pCSPInfo->dwExternalProvType, CRYPT_DELETEKEYSET);}
//
// Function: DeleteAllContainers
// Purpose: Delete all key containers for the CSP
// under test.
//
BOOL DeleteAllContainers(PCSPINFO pCSPInfo){ HCRYPTPROV hDefProv = 0; HCRYPTPROV hProv = 0; CHAR rgszContainer[MAX_PATH]; LPWSTR pwszContainer = NULL; DWORD cbContainer = MAX_PATH; BOOL fCreatedDefaultKeyset = FALSE; DWORD dwFlags = CRYPT_FIRST;
if (! CryptAcquireContext( &hDefProv, NULL, pCSPInfo->pwszCSPName, pCSPInfo->dwExternalProvType, 0)) { return FALSE; }
while (CryptGetProvParam( hDefProv, PP_ENUMCONTAINERS, (PBYTE) rgszContainer, &cbContainer, dwFlags)) { if (dwFlags) { dwFlags = 0; }
pwszContainer = MkWStr(rgszContainer);
if (! CryptAcquireContext( &hProv, pwszContainer, pCSPInfo->pwszCSPName, pCSPInfo->dwExternalProvType, CRYPT_DELETEKEYSET)) { return FALSE; }
cbContainer = sizeof(rgszContainer); free(pwszContainer); }
if (! CryptReleaseContext(hDefProv, 0)) { return FALSE; } return TRUE; }
//
// Function: main
// Purpose: Test entry function
//
int __cdecl wmain(int argc, WCHAR *wargv[]){ BOOL fInvalidArgs = FALSE; int iCspTypeTable = 0; DWORD dwTestsToRun = TEST_CASES_POSITIVE; BOOL fDeleteDefaultContainer = FALSE; int iCsp = 0; DWORD dwProvType = 0; DWORD cbCspName = 0; DWORD dwError = 0; WCHAR rgwszCsp[ MAX_PATH ]; WCHAR rgwszOption[ MAX_PATH ]; WCHAR rgwsz[BUFFER_SIZE]; CSPINFO CspInfo; LOGINIT_INFO LogInitInfo; BOOL fDeleteAllContainers = FALSE;
memset(&CspInfo, 0, sizeof(CspInfo)); memset(&LogInitInfo, 0, sizeof(LogInitInfo));
if (argc < MINIMUM_ARGC) { fInvalidArgs = TRUE; goto Ret; }
argc--; wargv++; while (argc) { if (L'-' != wargv[0][0]) { fInvalidArgs = TRUE; goto Ret; }
switch (wargv[0][1]) { case L't': { // Assign which test to run
--argc; ++wargv; dwTestsToRun = _wtoi(*wargv); break; } case L'c': { // Assign CSP Name
--argc; ++wargv;
cbCspName = 0; GetNextRegisteredCSP( NULL, &cbCspName, &(CspInfo.dwExternalProvType), _wtoi(*wargv));
if (NULL == (CspInfo.pwszCSPName = (LPWSTR) malloc(cbCspName))) { wprintf(L"Insufficient memory\n"); goto Ret; }
dwError = GetNextRegisteredCSP( CspInfo.pwszCSPName, &cbCspName, &(CspInfo.dwExternalProvType), _wtoi(*wargv));
if (ERROR_SUCCESS != dwError) { fInvalidArgs = TRUE; goto Ret; } break; } case L'i': { // Assign interop CSP name
--argc; ++wargv; cbCspName = 0; GetNextRegisteredCSP( NULL, &cbCspName, &(LogInitInfo.dwInteropCSPExternalType), _wtoi(*wargv));
if (NULL == (LogInitInfo.pwszInteropCSPName = (LPWSTR) malloc(cbCspName))) { wprintf(L"Insufficient memory\n"); goto Ret; }
dwError = GetNextRegisteredCSP( LogInitInfo.pwszInteropCSPName, &cbCspName, &(LogInitInfo.dwInteropCSPExternalType), _wtoi(*wargv));
if (ERROR_SUCCESS != dwError) { fInvalidArgs = TRUE; goto Ret; } break; }
case L'd': { // Option to delete the default container
fDeleteDefaultContainer = TRUE; break; }
case L'a': { // Option to delete all containers
fDeleteAllContainers = TRUE; break; }
default: { fInvalidArgs = TRUE; goto Ret; } }
argc--; wargv++; }
if ( (0 != argc) || (NULL == CspInfo.pwszCSPName)) { // Bad combination of args
fInvalidArgs = TRUE; goto Ret; }
//
// If no interop CSP was specified, look for a default
//
if ( TEST_CASES_INTEROP == dwTestsToRun && NULL == LogInitInfo.pwszInteropCSPName) { if (! CryptGetDefaultProvider( CspInfo.dwExternalProvType, NULL, CRYPT_MACHINE_DEFAULT, NULL, &cbCspName)) { printf("No default interop provider found for this CSP type\n"); fInvalidArgs = TRUE; goto Ret; }
if (NULL == (LogInitInfo.pwszInteropCSPName = (LPWSTR) malloc(cbCspName))) { wprintf(L"Insufficient memory\n"); goto Ret; }
if (! CryptGetDefaultProvider( CspInfo.dwExternalProvType, NULL, CRYPT_MACHINE_DEFAULT, LogInitInfo.pwszInteropCSPName, &cbCspName)) { printf("No default interop provider found for this CSP type\n"); fInvalidArgs = TRUE; goto Ret; } LogInitInfo.dwInteropCSPExternalType = CspInfo.dwExternalProvType; }
//
// Search for an entry for the external CSP type in the test suite
// CspTypeTable. The table provides mappings from external types to
// internal types used by the test.
//
while ( iCspTypeTable < (sizeof(g_CspTypeTable) / sizeof(CSPTYPEMAP)) && g_CspTypeTable[iCspTypeTable].dwExternalProvType != CspInfo.dwExternalProvType) { iCspTypeTable++; } //
// Check that the CSP type was found in the g_CspTypeTable
//
if (iCspTypeTable == (sizeof(g_CspTypeTable) / sizeof(CSPTYPEMAP))) { fInvalidArgs = TRUE; goto Ret; }
CspInfo.dwInternalProvType = g_CspTypeTable[iCspTypeTable].dwProvType; CspInfo.dwCSPInternalClass = g_CspTypeTable[iCspTypeTable].dwCSPClass;
LogInitInfo.dwCSPExternalType = CspInfo.dwExternalProvType; LogInitInfo.dwCSPInternalClass = g_CspTypeTable[iCspTypeTable].dwCSPClass; LogInitInfo.dwCSPInternalType = g_CspTypeTable[iCspTypeTable].dwProvType; LogInitInfo.pwszCSPName = CspInfo.pwszCSPName;
// Initialize logging routines
LogInit(&LogInitInfo);
//
// Log the settings being used (including command-line
// options that were specified).
//
swprintf( rgwszOption, L"CSP under test: %s", CspInfo.pwszCSPName); LogUserOption(rgwszOption);
swprintf( rgwszOption, L"CSP type: %s", g_CspTypeTable[iCspTypeTable].pwszExternalProvType); LogUserOption(rgwszOption);
if (TEST_CASES_INTEROP == dwTestsToRun) { swprintf( rgwszOption, L"Interop CSP: %s", LogInitInfo.pwszInteropCSPName); LogUserOption(rgwszOption); }
TestCaseTypeToString(dwTestsToRun, rgwsz); swprintf( rgwszOption, L"Test case set: %s", rgwsz); LogUserOption(rgwszOption);
//
// Delete default container, if requested
//
if (fDeleteDefaultContainer) { LogInfo(L"Deleting default container..."); if (DeleteDefaultContainer(&CspInfo)) { LogInfo(L"...Success"); } else { swprintf( rgwszOption, L"...Failed 0x%x", GetLastError()); LogInfo(rgwszOption); } LogClose(); goto Ret; }
//
// Delete all containers, if requested
//
if (fDeleteAllContainers) { LogInfo(L"Deleting all containers..."); if (DeleteAllContainers(&CspInfo)) { LogInfo(L"...Success"); } else { swprintf( rgwszOption, L"...Failed 0x%x", GetLastError()); LogInfo(rgwszOption); } LogClose(); goto Ret; }
//
// Run the set of tests requested by the user
//
switch (dwTestsToRun) { case TEST_CASES_POSITIVE: { RunPositiveTests( g_CspTypeTable[iCspTypeTable].dwCSPClass, &CspInfo);
break; } case TEST_CASES_NEGATIVE: { RunNegativeTests( g_CspTypeTable[iCspTypeTable].dwCSPClass, &CspInfo);
break; } case TEST_CASES_SCENARIO: { RunScenarioTests(&CspInfo);
break; } case TEST_CASES_INTEROP: { RunInteropTests(&CspInfo);
break; } }
LogClose();Ret: CleanupCspInfo(&CspInfo);
if (LogInitInfo.pwszInteropCSPName) { free(LogInitInfo.pwszInteropCSPName); }
if (fInvalidArgs) { Usage();
wprintf(L"\nRegistered CSP's:\n");
cbCspName = MAX_PATH; for ( iCsp = 0; ERROR_SUCCESS == GetNextRegisteredCSP( rgwszCsp, &cbCspName, &dwProvType, ENUMERATE_REGISTERED_CSP); iCsp++) { wprintf(L" %d: %s, Type %d\n", iCsp, rgwszCsp, dwProvType); } exit(1); }
return 0;}
|
