/* * Unit tests for rsaenh functions * * Copyright (c) 2004 Michael Jung * Copyright (c) 2006 Juan Lang * Copyright (c) 2007 Vijay Kiran Kamuju * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public * License as published by the Free Software Foundation; either * version 2.1 of the License, or (at your option) any later version. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this library; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA */ #include #include #include "wine/test.h" #include "windef.h" #include "winbase.h" #include "winerror.h" #include "wincrypt.h" #include "winreg.h" static HCRYPTPROV hProv; static const char szContainer[] = "winetest"; static const char szProvider[] = MS_ENHANCED_PROV_A; typedef struct _ctdatatype { unsigned char origstr[32]; unsigned char decstr[32]; int strlen; int enclen; int buflen; } cryptdata; static const cryptdata cTestData[4] = { {"abcdefghijkl", {'a','b','c','d','e','f','g','h',0x2,0x2,'k','l',0}, 12,8,16}, {"abcdefghij", {'a','b','c','d','e','f','g','h',0x2,0x2,0}, 10,8,16}, {"abcdefgh", {'a','b','c','d','e','f','g','h',0}, 8,8,16}, {"abcdefghijkl", {'a','b','c','d','e','f','g','h','i','j','k','l',0}, 12,12,16} }; /* * 1. Take the MD5 Hash of the container name (with an extra null byte) * 2. Turn the hash into a 4 DWORD hex value * 3. Append a '_' * 4. Add the MachineGuid * */ static void uniquecontainer(char *unique) { /* MD5 hash of "winetest\0" in 4 DWORD hex */ static const char szContainer_md5[] = "9d20fd8d05ed2b8455d125d0bf6d6a70"; static const char szCryptography[] = "Software\\Microsoft\\Cryptography"; static const char szMachineGuid[] = "MachineGuid"; HKEY hkey; char guid[MAX_PATH]; DWORD size = MAX_PATH; HRESULT ret; /* Get the MachineGUID */ ret = RegOpenKeyExA(HKEY_LOCAL_MACHINE, szCryptography, 0, KEY_READ | KEY_WOW64_64KEY, &hkey); if (ret == ERROR_ACCESS_DENIED) { /* Windows 2000 can't handle KEY_WOW64_64KEY */ RegOpenKeyA(HKEY_LOCAL_MACHINE, szCryptography, &hkey); } RegQueryValueExA(hkey, szMachineGuid, NULL, NULL, (LPBYTE)guid, &size); RegCloseKey(hkey); lstrcpy(unique, szContainer_md5); lstrcat(unique, "_"); lstrcat(unique, guid); } static void printBytes(const char *heading, const BYTE *pb, size_t cb) { size_t i; printf("%s: ",heading); for(i=0;ibitlen / 8 + 5 * rsaPubKey->bitlen / 16; for (; dwLen < sizeof(abPlainPrivateKey); dwLen++) { result = CryptImportKey(hProv, abPlainPrivateKey, dwLen, 0, 0, &hKeyExchangeKey); ok(result, "CryptImportKey failed at size %d: %d (%08x)\n", dwLen, GetLastError(), GetLastError()); if (result) CryptDestroyKey(hKeyExchangeKey); } } static void test_verify_signature(void) { HCRYPTHASH hHash; HCRYPTKEY hPubSignKey; BYTE abData[] = "Wine rocks!"; BOOL result; BYTE abPubKey[148] = { 0x06, 0x02, 0x00, 0x00, 0x00, 0x24, 0x00, 0x00, 0x52, 0x53, 0x41, 0x31, 0x00, 0x04, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x71, 0x64, 0x9f, 0x19, 0x89, 0x1c, 0x21, 0xcc, 0x36, 0xa3, 0xc9, 0x27, 0x08, 0x8a, 0x09, 0xc6, 0xbe, 0xeb, 0xd3, 0xf8, 0x19, 0xa9, 0x92, 0x57, 0xe4, 0xb9, 0x5d, 0xda, 0x88, 0x93, 0xe4, 0x6b, 0x38, 0x77, 0x14, 0x8a, 0x96, 0xc0, 0xb6, 0x4e, 0x42, 0xf5, 0x01, 0xdc, 0xf0, 0xeb, 0x3c, 0xc7, 0x7b, 0xc4, 0xfd, 0x7c, 0xde, 0x93, 0x34, 0x0a, 0x92, 0xe5, 0x97, 0x9c, 0x3e, 0x65, 0xb8, 0x91, 0x2f, 0xe3, 0xf3, 0x89, 0xcd, 0x6c, 0x26, 0xa4, 0x6c, 0xc7, 0x6d, 0x0b, 0x2c, 0xa2, 0x0b, 0x29, 0xe2, 0xfc, 0x30, 0xfa, 0x20, 0xdb, 0x4c, 0xb8, 0x91, 0xb8, 0x69, 0x63, 0x96, 0x41, 0xc2, 0xb4, 0x60, 0xeb, 0xcd, 0xff, 0x3a, 0x1f, 0x94, 0xb1, 0x23, 0xcf, 0x0f, 0x49, 0xad, 0xd5, 0x33, 0x85, 0x71, 0xaf, 0x12, 0x87, 0x84, 0xef, 0xa0, 0xea, 0xe1, 0xc1, 0xd4, 0xc7, 0xe1, 0x21, 0x50, 0xac }; /* md2 with hash oid */ BYTE abSignatureMD2[128] = { 0x4a, 0x4e, 0xb7, 0x5e, 0x32, 0xda, 0xdb, 0x67, 0x9f, 0x77, 0x84, 0x32, 0x00, 0xba, 0x5f, 0x6b, 0x0d, 0xcf, 0xd9, 0x99, 0xbd, 0x96, 0x31, 0xda, 0x23, 0x4c, 0xd9, 0x4a, 0x90, 0x84, 0x20, 0x59, 0x51, 0xdc, 0xd4, 0x93, 0x3a, 0xae, 0x0a, 0x0a, 0xa1, 0x76, 0xfa, 0xb5, 0x68, 0xee, 0xc7, 0x34, 0x41, 0xd3, 0xe7, 0x5a, 0x0e, 0x22, 0x61, 0x40, 0xea, 0x24, 0x56, 0xf1, 0x91, 0x5a, 0xf7, 0xa7, 0x5b, 0xf4, 0x98, 0x6b, 0xc3, 0xef, 0xad, 0xc0, 0x5e, 0x6b, 0x87, 0x76, 0xcb, 0x1f, 0x62, 0x06, 0x7c, 0xf6, 0x48, 0x97, 0x81, 0x8d, 0xef, 0x51, 0x51, 0xdc, 0x21, 0x91, 0x57, 0x1e, 0x79, 0x6f, 0x49, 0xb5, 0xde, 0x31, 0x07, 0x45, 0x99, 0x46, 0xc3, 0x4f, 0xca, 0x2d, 0x0e, 0x4c, 0x10, 0x25, 0xcb, 0x1a, 0x98, 0x63, 0x41, 0x93, 0x47, 0xc0, 0xb2, 0xbc, 0x10, 0x3c, 0xe7, 0xd4, 0x3c, 0x1e }; /* md2 without hash oid */ BYTE abSignatureMD2NoOID[128] = { 0x0c, 0x21, 0x3e, 0x60, 0xf9, 0xd0, 0x36, 0x2d, 0xe1, 0x10, 0x45, 0x45, 0x85, 0x03, 0x29, 0x19, 0xef, 0x19, 0xd9, 0xa6, 0x7e, 0x9c, 0x0d, 0xbd, 0x03, 0x0e, 0xb9, 0x51, 0x9e, 0x74, 0x79, 0xc4, 0xde, 0x25, 0xf2, 0x35, 0x74, 0x55, 0xbc, 0x65, 0x7e, 0x33, 0x28, 0xa8, 0x1e, 0x72, 0xaa, 0x99, 0xdd, 0xf5, 0x26, 0x20, 0x29, 0xf8, 0xa6, 0xdf, 0x28, 0x4b, 0x1c, 0xdb, 0xa1, 0x41, 0x56, 0xbc, 0xf9, 0x9c, 0x66, 0xc0, 0x37, 0x41, 0x55, 0xa0, 0xe2, 0xec, 0xbf, 0x71, 0xf0, 0x5d, 0x25, 0x01, 0x75, 0x91, 0xe2, 0x81, 0xb2, 0x9f, 0x57, 0xa7, 0x5c, 0xd2, 0xfa, 0x66, 0xdb, 0x71, 0x2b, 0x1f, 0xad, 0x30, 0xde, 0xea, 0x49, 0x73, 0x30, 0x6a, 0x22, 0x54, 0x49, 0x4e, 0xae, 0xf6, 0x88, 0xc9, 0xff, 0x71, 0xba, 0xbf, 0x27, 0xc5, 0xfa, 0x06, 0xe2, 0x91, 0x71, 0x8a, 0x7e, 0x0c, 0xc2, 0x07 }; /* md4 with hash oid */ BYTE abSignatureMD4[128] = { 0x1c, 0x78, 0xaa, 0xea, 0x74, 0xf4, 0x83, 0x51, 0xae, 0x66, 0xe3, 0xa9, 0x1c, 0x03, 0x39, 0x1b, 0xac, 0x7e, 0x4e, 0x85, 0x7e, 0x1c, 0x38, 0xd2, 0x82, 0x43, 0xb3, 0x6f, 0x6f, 0x46, 0x45, 0x8e, 0x17, 0x74, 0x58, 0x29, 0xca, 0xe1, 0x03, 0x13, 0x45, 0x79, 0x34, 0xdf, 0x5c, 0xd6, 0xc3, 0xf9, 0x7a, 0x1c, 0x9d, 0xff, 0x6f, 0x03, 0x7d, 0x0f, 0x59, 0x1a, 0x2d, 0x0e, 0x94, 0xb4, 0x75, 0x96, 0xd1, 0x48, 0x63, 0x6e, 0xb2, 0xc4, 0x5c, 0xd9, 0xab, 0x49, 0xb4, 0x90, 0xd9, 0x57, 0x04, 0x6e, 0x4c, 0xb6, 0xea, 0x00, 0x94, 0x4a, 0x34, 0xa0, 0xd9, 0x63, 0xef, 0x2c, 0xde, 0x5b, 0xb9, 0xbe, 0x35, 0xc8, 0xc1, 0x31, 0xb5, 0x31, 0x15, 0x18, 0x90, 0x39, 0xf5, 0x2a, 0x34, 0x6d, 0xb4, 0xab, 0x09, 0x34, 0x69, 0x54, 0x4d, 0x11, 0x2f, 0xf3, 0xa2, 0x36, 0x0e, 0xa8, 0x45, 0xe7, 0x36, 0xac }; /* md4 without hash oid */ BYTE abSignatureMD4NoOID[128] = { 0xd3, 0x60, 0xb2, 0xb0, 0x22, 0x0a, 0x99, 0xda, 0x04, 0x85, 0x64, 0xc6, 0xc6, 0xdb, 0x11, 0x24, 0xe9, 0x68, 0x2d, 0xf7, 0x09, 0xef, 0xb6, 0xa0, 0xa2, 0xfe, 0x45, 0xee, 0x85, 0x49, 0xcd, 0x36, 0xf7, 0xc7, 0x9d, 0x2b, 0x4c, 0x68, 0xda, 0x85, 0x8c, 0x50, 0xcc, 0x4f, 0x4b, 0xe1, 0x82, 0xc3, 0xbe, 0xa3, 0xf1, 0x78, 0x6b, 0x60, 0x42, 0x3f, 0x67, 0x22, 0x14, 0xe4, 0xe1, 0xa4, 0x6e, 0xa9, 0x4e, 0xf1, 0xd4, 0xb0, 0xce, 0x82, 0xac, 0x06, 0xba, 0x2c, 0xbc, 0xf7, 0xcb, 0xf6, 0x0c, 0x3f, 0xf6, 0x79, 0xfe, 0xb3, 0xd8, 0x5a, 0xbc, 0xdb, 0x05, 0x41, 0xa4, 0x07, 0x57, 0x9e, 0xa2, 0x96, 0xfc, 0x60, 0x4b, 0xf7, 0x6f, 0x86, 0x26, 0x1f, 0xc2, 0x2c, 0x67, 0x08, 0xcd, 0x7f, 0x91, 0xe9, 0x16, 0xb5, 0x0e, 0xd9, 0xc4, 0xc4, 0x97, 0xeb, 0x91, 0x3f, 0x20, 0x6c, 0xf0, 0x68, 0x86, 0x7f }; /* md5 with hash oid */ BYTE abSignatureMD5[128] = { 0x4f, 0xe0, 0x8c, 0x9b, 0x43, 0xdd, 0x02, 0xe5, 0xf4, 0xa1, 0xdd, 0x88, 0x4c, 0x9c, 0x40, 0x0f, 0x6c, 0x43, 0x86, 0x64, 0x00, 0xe6, 0xac, 0xf7, 0xd0, 0x92, 0xaa, 0xc4, 0x62, 0x9a, 0x48, 0x98, 0x1a, 0x56, 0x6d, 0x75, 0xec, 0x04, 0x89, 0xec, 0x69, 0x93, 0xd6, 0x61, 0x37, 0xb2, 0x36, 0xb5, 0xb2, 0xba, 0xf2, 0xf5, 0x21, 0x0c, 0xf1, 0x04, 0xc8, 0x2d, 0xf5, 0xa0, 0x8d, 0x6d, 0x10, 0x0b, 0x68, 0x63, 0xf2, 0x08, 0x68, 0xdc, 0xbd, 0x95, 0x25, 0x7d, 0xee, 0x63, 0x5c, 0x3b, 0x98, 0x4c, 0xea, 0x41, 0xdc, 0x6a, 0x8b, 0x6c, 0xbb, 0x29, 0x2b, 0x1c, 0x5c, 0x8b, 0x7d, 0x94, 0x24, 0xa9, 0x7a, 0x62, 0x94, 0xf3, 0x3a, 0x6a, 0xb2, 0x4c, 0x33, 0x59, 0x00, 0xcd, 0x7d, 0x37, 0x79, 0x90, 0x31, 0xd1, 0xd9, 0x84, 0x12, 0xe5, 0x08, 0x5e, 0xb3, 0x60, 0x61, 0x27, 0x78, 0x37, 0x63, 0x01 }; /* md5 without hash oid */ BYTE abSignatureMD5NoOID[128] = { 0xc6, 0xad, 0x5c, 0x2b, 0x9b, 0xe0, 0x99, 0x2f, 0x5e, 0x55, 0x04, 0x32, 0x65, 0xe0, 0xb5, 0x75, 0x01, 0x9a, 0x11, 0x4d, 0x0e, 0x9a, 0xe1, 0x9f, 0xc7, 0xbf, 0x77, 0x6d, 0xa9, 0xfd, 0xcc, 0x9d, 0x8b, 0xd1, 0x31, 0xed, 0x5a, 0xd2, 0xe5, 0x5f, 0x42, 0x3b, 0xb5, 0x3c, 0x32, 0x30, 0x88, 0x49, 0xcb, 0x67, 0xb8, 0x2e, 0xc9, 0xf5, 0x2b, 0xc8, 0x35, 0x71, 0xb5, 0x1b, 0x32, 0x3f, 0x44, 0x4c, 0x66, 0x93, 0xcb, 0xe8, 0x48, 0x7c, 0x14, 0x23, 0xfb, 0x12, 0xa5, 0xb7, 0x86, 0x94, 0x6b, 0x19, 0x17, 0x20, 0xc6, 0xb8, 0x09, 0xe8, 0xbb, 0xdb, 0x00, 0x2b, 0x96, 0x4a, 0x93, 0x00, 0x26, 0xd3, 0x07, 0xa0, 0x06, 0xce, 0x5a, 0x13, 0x69, 0x6b, 0x62, 0x5a, 0x56, 0x61, 0x6a, 0xd8, 0x11, 0x3b, 0xd5, 0x67, 0xc7, 0x4d, 0xf6, 0x66, 0x63, 0xc5, 0xe3, 0x8f, 0x7c, 0x7c, 0xb1, 0x3e, 0x55, 0x43 }; /* sha with hash oid */ BYTE abSignatureSHA[128] = { 0x5a, 0x4c, 0x66, 0xc9, 0x30, 0x67, 0xcb, 0x91, 0x3c, 0x4d, 0xd5, 0x8d, 0xea, 0x4e, 0x85, 0xcd, 0xd9, 0x68, 0x3a, 0xf3, 0x24, 0x3c, 0x99, 0x24, 0x25, 0x32, 0x93, 0x3d, 0xd6, 0x2f, 0x86, 0x94, 0x23, 0x09, 0xee, 0x02, 0xd4, 0x15, 0xdc, 0x5f, 0x0e, 0x44, 0x45, 0x13, 0x5f, 0x18, 0x5d, 0x1a, 0xd7, 0x0b, 0xd1, 0x23, 0xd6, 0x35, 0x98, 0x52, 0x57, 0x45, 0x74, 0x92, 0xe3, 0x50, 0xb4, 0x20, 0x28, 0x2a, 0x11, 0xbf, 0x49, 0xb4, 0x2c, 0xc5, 0xd4, 0x1a, 0x27, 0x4e, 0xdf, 0xa0, 0xb5, 0x7a, 0xc8, 0x14, 0xdd, 0x9b, 0xb6, 0xca, 0xd6, 0xff, 0xb2, 0x6b, 0xd8, 0x98, 0x67, 0x80, 0xab, 0x53, 0x52, 0xbb, 0xe1, 0x2a, 0xce, 0x79, 0x2f, 0x00, 0x53, 0x26, 0xd8, 0xa7, 0x43, 0xca, 0x72, 0x0e, 0x68, 0x97, 0x37, 0x71, 0x87, 0xc2, 0x6a, 0x98, 0xbb, 0x6c, 0xa0, 0x01, 0xff, 0x04, 0x9d, 0xa6 }; /* sha without hash oid */ BYTE abSignatureSHANoOID[128] = { 0x86, 0xa6, 0x2b, 0x9a, 0x04, 0xda, 0x47, 0xc6, 0x4f, 0x97, 0x8a, 0x8a, 0xf4, 0xfa, 0x63, 0x1a, 0x32, 0x89, 0x56, 0x41, 0x37, 0x91, 0x15, 0x2f, 0x2d, 0x1c, 0x8f, 0xdc, 0x88, 0x40, 0xbb, 0x37, 0x3e, 0x06, 0x33, 0x1b, 0xde, 0xda, 0x7c, 0x65, 0x91, 0x35, 0xca, 0x45, 0x17, 0x0e, 0x24, 0xbe, 0x9e, 0xf6, 0x4e, 0x8a, 0xa4, 0x3e, 0xca, 0xe6, 0x11, 0x36, 0xb8, 0x3a, 0xf0, 0xde, 0x71, 0xfe, 0xdd, 0xb3, 0xcb, 0x6c, 0x39, 0xe0, 0x5f, 0x0c, 0x9e, 0xa8, 0x40, 0x26, 0x9c, 0x81, 0xe9, 0xc4, 0x15, 0x90, 0xbf, 0x4f, 0xd2, 0xc1, 0xa1, 0x80, 0x52, 0xfd, 0xf6, 0x3d, 0x99, 0x1b, 0x9c, 0x8a, 0x27, 0x1b, 0x0c, 0x9a, 0xf3, 0xf9, 0xa2, 0x00, 0x3e, 0x5b, 0xdf, 0xc2, 0xb4, 0x71, 0xa5, 0xbd, 0xf8, 0xae, 0x63, 0xbb, 0x4a, 0xc9, 0xdd, 0x67, 0xc1, 0x3e, 0x93, 0xee, 0xf1, 0x1f, 0x24, 0x5b }; result = CryptImportKey(hProv, abPubKey, 148, 0, 0, &hPubSignKey); ok(result, "%08x\n", GetLastError()); if (!result) return; result = CryptCreateHash(hProv, CALG_MD2, 0, 0, &hHash); ok(result, "%08x\n", GetLastError()); if (!result) return; result = CryptHashData(hHash, abData, (DWORD)sizeof(abData), 0); ok(result, "%08x\n", GetLastError()); if (!result) return; /*check that a NULL pointer signature is correctly handled*/ result = CryptVerifySignature(hHash, NULL, 128, hPubSignKey, NULL, 0); ok(!result && ERROR_INVALID_PARAMETER == GetLastError(), "Expected ERROR_INVALID_PARAMETER error, got %08x\n", GetLastError()); if (result) return; /* check that we get a bad signature error when the signature is too short*/ SetLastError(0xdeadbeef); result = CryptVerifySignature(hHash, abSignatureMD2, 64, hPubSignKey, NULL, 0); ok((!result && NTE_BAD_SIGNATURE == GetLastError()) || broken(result), /* Win9x, WinMe, NT4 */ "Expected NTE_BAD_SIGNATURE, got %08x\n", GetLastError()); result = CryptVerifySignature(hHash, abSignatureMD2, 128, hPubSignKey, NULL, 0); ok(result, "%08x\n", GetLastError()); if (!result) return; /* It seems that CPVerifySignature doesn't care about the OID at all. */ result = CryptVerifySignature(hHash, abSignatureMD2NoOID, 128, hPubSignKey, NULL, 0); ok(result, "%08x\n", GetLastError()); if (!result) return; result = CryptVerifySignature(hHash, abSignatureMD2NoOID, 128, hPubSignKey, NULL, CRYPT_NOHASHOID); ok(result, "%08x\n", GetLastError()); if (!result) return; CryptDestroyHash(hHash); result = CryptCreateHash(hProv, CALG_MD4, 0, 0, &hHash); ok(result, "%08x\n", GetLastError()); if (!result) return; result = CryptHashData(hHash, abData, (DWORD)sizeof(abData), 0); ok(result, "%08x\n", GetLastError()); if (!result) return; result = CryptVerifySignature(hHash, abSignatureMD4, 128, hPubSignKey, NULL, 0); ok(result, "%08x\n", GetLastError()); if (!result) return; result = CryptVerifySignature(hHash, abSignatureMD4NoOID, 128, hPubSignKey, NULL, 0); ok(result, "%08x\n", GetLastError()); if (!result) return; result = CryptVerifySignature(hHash, abSignatureMD4NoOID, 128, hPubSignKey, NULL, CRYPT_NOHASHOID); ok(result, "%08x\n", GetLastError()); if (!result) return; CryptDestroyHash(hHash); result = CryptCreateHash(hProv, CALG_MD5, 0, 0, &hHash); ok(result, "%08x\n", GetLastError()); if (!result) return; result = CryptHashData(hHash, abData, (DWORD)sizeof(abData), 0); ok(result, "%08x\n", GetLastError()); if (!result) return; result = CryptVerifySignature(hHash, abSignatureMD5, 128, hPubSignKey, NULL, 0); ok(result, "%08x\n", GetLastError()); if (!result) return; result = CryptVerifySignature(hHash, abSignatureMD5NoOID, 128, hPubSignKey, NULL, 0); ok(result, "%08x\n", GetLastError()); if (!result) return; result = CryptVerifySignature(hHash, abSignatureMD5NoOID, 128, hPubSignKey, NULL, CRYPT_NOHASHOID); ok(result, "%08x\n", GetLastError()); if (!result) return; CryptDestroyHash(hHash); result = CryptCreateHash(hProv, CALG_SHA, 0, 0, &hHash); ok(result, "%08x\n", GetLastError()); if (!result) return; result = CryptHashData(hHash, abData, (DWORD)sizeof(abData), 0); ok(result, "%08x\n", GetLastError()); if (!result) return; result = CryptVerifySignature(hHash, abSignatureSHA, 128, hPubSignKey, NULL, 0); ok(result, "%08x\n", GetLastError()); if (!result) return; result = CryptVerifySignature(hHash, abSignatureSHANoOID, 128, hPubSignKey, NULL, 0); ok(result, "%08x\n", GetLastError()); if (!result) return; result = CryptVerifySignature(hHash, abSignatureSHANoOID, 128, hPubSignKey, NULL, CRYPT_NOHASHOID); ok(result, "%08x\n", GetLastError()); if (!result) return; CryptDestroyHash(hHash); CryptDestroyKey(hPubSignKey); } static void test_rsa_encrypt(void) { HCRYPTKEY hRSAKey; BYTE abData[2048] = "Wine rocks!"; BOOL result; DWORD dwVal, dwLen; /* It is allowed to use the key exchange key for encryption/decryption */ result = CryptGetUserKey(hProv, AT_KEYEXCHANGE, &hRSAKey); ok (result, "%08x\n", GetLastError()); if (!result) return; dwLen = 12; result = CryptEncrypt(hRSAKey, 0, TRUE, 0, NULL, &dwLen, (DWORD)sizeof(abData)); ok(result, "CryptEncrypt failed: %08x\n", GetLastError()); ok(dwLen == 128, "Unexpected length %d\n", dwLen); dwLen = 12; result = CryptEncrypt(hRSAKey, 0, TRUE, 0, abData, &dwLen, (DWORD)sizeof(abData)); ok (result, "%08x\n", GetLastError()); if (!result) return; result = CryptDecrypt(hRSAKey, 0, TRUE, 0, abData, &dwLen); ok (result && dwLen == 12 && !memcmp(abData, "Wine rocks!", 12), "%08x\n", GetLastError()); dwVal = 0xdeadbeef; dwLen = sizeof(DWORD); result = CryptGetKeyParam(hRSAKey, KP_PERMISSIONS, (BYTE*)&dwVal, &dwLen, 0); ok(result, "%08x\n", GetLastError()); ok(dwVal == (CRYPT_MAC|CRYPT_WRITE|CRYPT_READ|CRYPT_DECRYPT|CRYPT_ENCRYPT) || broken(dwVal == 0xffffffff), /* Win9x/NT4 */ "expected CRYPT_MAC|CRYPT_WRITE|CRYPT_READ|CRYPT_DECRYPT|CRYPT_ENCRYPT," " got %08x\n", dwVal); /* An RSA key doesn't support salt */ result = CryptGetKeyParam(hRSAKey, KP_SALT, NULL, &dwLen, 0); ok(!result && (GetLastError() == NTE_BAD_KEY || GetLastError() == NTE_NOT_FOUND /* Win7 */), "expected NTE_BAD_KEY or NTE_NOT_FOUND, got %08x\n", GetLastError()); /* The key exchange key's public key may be exported.. */ result = CryptExportKey(hRSAKey, 0, PUBLICKEYBLOB, 0, NULL, &dwLen); ok(result, "%08x\n", GetLastError()); /* but its private key may not be. */ SetLastError(0xdeadbeef); result = CryptExportKey(hRSAKey, 0, PRIVATEKEYBLOB, 0, NULL, &dwLen); ok((!result && GetLastError() == NTE_BAD_KEY_STATE) || broken(result), /* Win9x/NT4 */ "expected NTE_BAD_KEY_STATE, got %08x\n", GetLastError()); /* Setting the permissions of the key exchange key isn't allowed, either. */ dwVal |= CRYPT_EXPORT; SetLastError(0xdeadbeef); result = CryptSetKeyParam(hRSAKey, KP_PERMISSIONS, (BYTE *)&dwVal, 0); ok(!result && (GetLastError() == NTE_BAD_DATA || GetLastError() == NTE_BAD_FLAGS), "expected NTE_BAD_DATA or NTE_BAD_FLAGS, got %08x\n", GetLastError()); CryptDestroyKey(hRSAKey); /* It is not allowed to use the signature key for encryption/decryption */ result = CryptGetUserKey(hProv, AT_SIGNATURE, &hRSAKey); ok (result, "%08x\n", GetLastError()); if (!result) return; dwVal = 0xdeadbeef; dwLen = sizeof(DWORD); result = CryptGetKeyParam(hRSAKey, KP_PERMISSIONS, (BYTE*)&dwVal, &dwLen, 0); ok(result, "%08x\n", GetLastError()); ok(dwVal == (CRYPT_MAC|CRYPT_WRITE|CRYPT_READ|CRYPT_DECRYPT|CRYPT_ENCRYPT) || broken(dwVal == 0xffffffff), /* Win9x/NT4 */ "expected CRYPT_MAC|CRYPT_WRITE|CRYPT_READ|CRYPT_DECRYPT|CRYPT_ENCRYPT," " got %08x\n", dwVal); /* The signature key's public key may also be exported.. */ result = CryptExportKey(hRSAKey, 0, PUBLICKEYBLOB, 0, NULL, &dwLen); ok(result, "%08x\n", GetLastError()); /* but its private key may not be. */ SetLastError(0xdeadbeef); result = CryptExportKey(hRSAKey, 0, PRIVATEKEYBLOB, 0, NULL, &dwLen); ok((!result && GetLastError() == NTE_BAD_KEY_STATE) || broken(result), /* Win9x/NT4 */ "expected NTE_BAD_KEY_STATE, got %08x\n", GetLastError()); /* Setting the permissions of the signature key isn't allowed, either. */ dwVal |= CRYPT_EXPORT; SetLastError(0xdeadbeef); result = CryptSetKeyParam(hRSAKey, KP_PERMISSIONS, (BYTE *)&dwVal, 0); ok(!result && (GetLastError() == NTE_BAD_DATA || GetLastError() == NTE_BAD_FLAGS), "expected NTE_BAD_DATA or NTE_BAD_FLAGS, got %08x\n", GetLastError()); dwLen = 12; result = CryptEncrypt(hRSAKey, 0, TRUE, 0, abData, &dwLen, (DWORD)sizeof(abData)); ok (!result && GetLastError() == NTE_BAD_KEY, "%08x\n", GetLastError()); CryptDestroyKey(hRSAKey); } static void test_import_export(void) { DWORD dwLen, dwDataLen, dwVal; HCRYPTKEY hPublicKey, hPrivKey; BOOL result; ALG_ID algID; BYTE emptyKey[2048], *exported_key; static BYTE abPlainPublicKey[84] = { 0x06, 0x02, 0x00, 0x00, 0x00, 0xa4, 0x00, 0x00, 0x52, 0x53, 0x41, 0x31, 0x00, 0x02, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11 }; static BYTE priv_key_with_high_bit[] = { 0x07, 0x02, 0x00, 0x00, 0x00, 0x24, 0x00, 0x00, 0x52, 0x53, 0x41, 0x32, 0x00, 0x04, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0xd5, 0xa2, 0x0d, 0x66, 0xfe, 0x65, 0xb5, 0xf1, 0xc9, 0x6b, 0xf5, 0x58, 0x04, 0x38, 0x2d, 0xf4, 0xa3, 0x5a, 0xda, 0x9e, 0x95, 0x81, 0x85, 0x3d, 0x01, 0x07, 0xb2, 0x03, 0x77, 0x70, 0x79, 0x6e, 0x6c, 0x26, 0x42, 0xa4, 0x12, 0xfd, 0xaa, 0x29, 0x83, 0x04, 0xce, 0x91, 0x90, 0x39, 0x5e, 0x49, 0x56, 0xfd, 0x0a, 0xe5, 0xb1, 0xea, 0x3b, 0xb2, 0x70, 0xb0, 0x20, 0xc1, 0x1f, 0x22, 0x07, 0x3e, 0x4d, 0xc0, 0x73, 0xfd, 0x92, 0x8f, 0x87, 0xd8, 0xd1, 0xd1, 0x28, 0xd8, 0x19, 0xd1, 0x93, 0x83, 0xe0, 0xb8, 0x9f, 0x53, 0xf4, 0x6a, 0x7c, 0xcb, 0x10, 0x53, 0xd0, 0x37, 0x02, 0xb4, 0xa5, 0xf7, 0xa2, 0x28, 0x6e, 0x26, 0xef, 0x5c, 0x14, 0x01, 0x40, 0x1e, 0xa3, 0xe1, 0xda, 0x76, 0xd0, 0x12, 0x84, 0xb7, 0x48, 0x7d, 0xc8, 0x67, 0x5c, 0xb2, 0xd5, 0x2e, 0xaf, 0x8e, 0x7d, 0x32, 0x59, 0x92, 0x01, 0xd6, 0x5b, 0x68, 0x28, 0x9b, 0xb1, 0x6c, 0x69, 0xeb, 0x61, 0x5b, 0x4b, 0x13, 0xe2, 0xbd, 0x7d, 0xbe, 0xce, 0xe8, 0x41, 0x54, 0xca, 0xa8, 0xdd, 0xc7, 0xfe, 0x8b, 0xdf, 0xf6, 0x55, 0x6c, 0x50, 0x11, 0xc8, 0x15, 0x13, 0x42, 0x59, 0x9f, 0xbb, 0xea, 0x73, 0x78, 0x7b, 0x22, 0x8d, 0x96, 0x62, 0xe5, 0xda, 0xa2, 0x85, 0x5c, 0x20, 0x74, 0x9f, 0x1c, 0x12, 0xf2, 0x48, 0x06, 0x1a, 0xc6, 0xd5, 0x94, 0xec, 0x31, 0x6b, 0xb6, 0x7b, 0x54, 0x61, 0x77, 0xec, 0x7c, 0x6f, 0xb7, 0x55, 0x3d, 0x6b, 0x98, 0x05, 0xd7, 0x8a, 0x73, 0x25, 0xf2, 0x8f, 0xe4, 0xb8, 0x8d, 0x27, 0x18, 0x0d, 0x05, 0xba, 0x23, 0x54, 0x37, 0x10, 0xf0, 0x1c, 0x41, 0xa6, 0xae, 0x4c, 0x2a, 0x6a, 0x2f, 0x7f, 0x68, 0x43, 0x86, 0xe7, 0x9c, 0xfd, 0x9e, 0xf1, 0xfe, 0x84, 0xe3, 0xb6, 0x99, 0x51, 0xfe, 0x1e, 0xbd, 0x01, 0xc6, 0x10, 0xef, 0x88, 0xa4, 0xd8, 0x53, 0x14, 0x88, 0x15, 0xc9, 0xe5, 0x86, 0xe2, 0x8d, 0x85, 0x2e, 0x0d, 0xec, 0x15, 0xa7, 0x48, 0xfa, 0x18, 0xfb, 0x01, 0x8d, 0x2b, 0x90, 0x70, 0x7f, 0x78, 0xb1, 0x33, 0x7e, 0xfe, 0x82, 0x40, 0x5f, 0x4a, 0x97, 0xc2, 0x42, 0x22, 0xd5, 0x5f, 0xbc, 0xbd, 0xab, 0x26, 0x98, 0xcd, 0xb5, 0xdf, 0x7e, 0xa0, 0x68, 0xa7, 0x12, 0x9e, 0xa5, 0xa2, 0x90, 0x85, 0xc5, 0xca, 0x73, 0x4a, 0x59, 0x8a, 0xec, 0xcf, 0xdd, 0x65, 0x5d, 0xc1, 0xaa, 0x86, 0x53, 0xd5, 0xde, 0xbb, 0x23, 0x24, 0xb8, 0x9b, 0x74, 0x03, 0x20, 0xb4, 0xf0, 0xe4, 0xdd, 0xd2, 0x03, 0xfd, 0x67, 0x55, 0x19, 0x28, 0x1d, 0xc1, 0xb8, 0xa5, 0x89, 0x0e, 0xc0, 0x80, 0x9d, 0xdd, 0xda, 0x9d, 0x30, 0x5c, 0xc8, 0xbb, 0xfe, 0x8f, 0xce, 0xd5, 0xf6, 0xdf, 0xfa, 0x14, 0xaf, 0xe4, 0xba, 0xb0, 0x84, 0x45, 0xd8, 0x67, 0xa7, 0xd0, 0xce, 0x89, 0x2a, 0x30, 0x8c, 0xfa, 0xe9, 0x65, 0xa4, 0x21, 0x2d, 0x6b, 0xa2, 0x9b, 0x8f, 0x92, 0xbd, 0x3a, 0x10, 0x71, 0x12, 0xc2, 0x02, 0x3d, 0xd5, 0x83, 0x1d, 0xfa, 0x42, 0xb7, 0x48, 0x1b, 0x31, 0xe3, 0x82, 0x90, 0x2d, 0x91, 0x59, 0xf9, 0x38, 0x52, 0xe5, 0xdb, 0xc1, 0x4d, 0x3a, 0xe6, 0x9b, 0x6a, 0xbb, 0xea, 0xa4, 0x8d, 0x5e, 0xc4, 0x00, 0x01, 0xb8, 0xec, 0x91, 0xc1, 0xdb, 0x63, 0xbd, 0x57, 0xb6, 0x26, 0x15, 0xb6, 0x3e, 0xa2, 0xdf, 0x62, 0x8d, 0xa8, 0xbe, 0xe1, 0xf1, 0x39, 0xbd, 0x18, 0xd2, 0x6f, 0xd7, 0xda, 0xdc, 0x71, 0x30, 0xf1, 0x21, 0x71, 0xa4, 0x08, 0x43, 0x46, 0xdf, 0x50, 0xbd, 0x3c, 0x60, 0x5b, 0x63, 0x35, 0xe3, 0x37, 0x5b, 0x25, 0x17, 0x54, 0x5e, 0x68, 0x60, 0xb6, 0x49, 0xef, 0x6e, 0x09, 0xef, 0xda, 0x90, 0x3e, 0xd4, 0x09, 0x33, 0x36, 0x57, 0x9a, 0x14, 0xbd, 0xf7, 0xb1, 0x98, 0x30, 0x42, 0x03, 0x84, 0x61, 0xeb, 0x8e, 0x50, 0xdc, 0x6a, 0x93, 0x1b, 0x32, 0x51, 0xf9, 0xc6, 0xc2, 0x19, 0xb3, 0x5d, 0xe2, 0xf8, 0xc5, 0x8f, 0x68, 0xaa, 0x1d, 0xdb, 0xd3, 0x7f, 0x8d, 0x98, 0x9c, 0x16, 0x8c, 0xc3, 0xcd, 0xd9, 0xdb, 0x08, 0xe6, 0x36, 0x60, 0xb6, 0x36, 0xdc, 0x1d, 0x59, 0xb6, 0x5f, 0x01, 0x5e }; static const BYTE expected_exported_priv_key[] = { 0x07, 0x02, 0x00, 0x00, 0x00, 0x24, 0x00, 0x00, 0x52, 0x53, 0x41, 0x32, 0x00, 0x04, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0xd5, 0xa2, 0x0d, 0x66, 0xfe, 0x65, 0xb5, 0xf1, 0xc9, 0x6b, 0xf5, 0x58, 0x04, 0x38, 0x2d, 0xf4, 0xa3, 0x5a, 0xda, 0x9e, 0x95, 0x81, 0x85, 0x3d, 0x01, 0x07, 0xb2, 0x03, 0x77, 0x70, 0x79, 0x6e, 0x6c, 0x26, 0x42, 0xa4, 0x12, 0xfd, 0xaa, 0x29, 0x83, 0x04, 0xce, 0x91, 0x90, 0x39, 0x5e, 0x49, 0x56, 0xfd, 0x0a, 0xe5, 0xb1, 0xea, 0x3b, 0xb2, 0x70, 0xb0, 0x20, 0xc1, 0x1f, 0x22, 0x07, 0x3e, 0x4d, 0xc0, 0x73, 0xfd, 0x92, 0x8f, 0x87, 0xd8, 0xd1, 0xd1, 0x28, 0xd8, 0x19, 0xd1, 0x93, 0x83, 0xe0, 0xb8, 0x9f, 0x53, 0xf4, 0x6a, 0x7c, 0xcb, 0x10, 0x53, 0xd0, 0x37, 0x02, 0xb4, 0xa5, 0xf7, 0xa2, 0x28, 0x6e, 0x26, 0xef, 0x5c, 0x14, 0x01, 0x40, 0x1e, 0xa3, 0xe1, 0xda, 0x76, 0xd0, 0x12, 0x84, 0xb7, 0x48, 0x7d, 0xc8, 0x67, 0x5c, 0xb2, 0xd5, 0x2e, 0xaf, 0x8e, 0x7d, 0x32, 0x59, 0x92, 0x01, 0xd6, 0x5b, 0x68, 0x28, 0x9b, 0xb1, 0x6c, 0x69, 0xeb, 0x61, 0x5b, 0x4b, 0x13, 0xe2, 0xbd, 0x7d, 0xbe, 0xce, 0xe8, 0x41, 0x54, 0xca, 0xa8, 0xdd, 0xc7, 0xfe, 0x8b, 0xdf, 0xf6, 0x55, 0x6c, 0x50, 0x11, 0xc8, 0x15, 0x13, 0x42, 0x59, 0x9f, 0xbb, 0xea, 0x73, 0x78, 0x7b, 0x22, 0x8d, 0x96, 0x62, 0xe5, 0xda, 0xa2, 0x85, 0x5c, 0x20, 0x74, 0x9f, 0x1c, 0x12, 0xf2, 0x48, 0x06, 0x1a, 0xc6, 0xd5, 0x94, 0xec, 0x31, 0x6b, 0xb6, 0x7b, 0x54, 0x61, 0x77, 0xec, 0x7c, 0x6f, 0xb7, 0x55, 0x3d, 0x6b, 0x98, 0x05, 0xd7, 0x8a, 0x73, 0x25, 0xf2, 0x8f, 0xe4, 0xb8, 0x8d, 0x27, 0x18, 0x0d, 0x05, 0xba, 0x23, 0x54, 0x37, 0x10, 0xf0, 0x1c, 0x41, 0xa6, 0xae, 0x4c, 0x2a, 0x6a, 0x2f, 0x7f, 0x68, 0x43, 0x86, 0xe7, 0x9c, 0xfd, 0x9e, 0xf1, 0xfe, 0x84, 0xe3, 0xb6, 0x99, 0x51, 0xfe, 0x1e, 0xbd, 0x01, 0xc6, 0x10, 0xef, 0x88, 0xa4, 0xd8, 0x53, 0x14, 0x88, 0x15, 0xc9, 0xe5, 0x86, 0xe2, 0x8d, 0x85, 0x2e, 0x0d, 0xec, 0x15, 0xa7, 0x48, 0xfa, 0x18, 0xfb, 0x01, 0x8d, 0x2b, 0x90, 0x70, 0x7f, 0x78, 0xb1, 0x33, 0x7e, 0xfe, 0x82, 0x40, 0x5f, 0x4a, 0x97, 0xc2, 0x42, 0x22, 0xd5, 0x5f, 0xbc, 0xbd, 0xab, 0x26, 0x98, 0xcd, 0xb5, 0xdf, 0x7e, 0xa0, 0x68, 0xa7, 0x12, 0x9e, 0xa5, 0xa2, 0x90, 0x85, 0xc5, 0xca, 0x73, 0x4a, 0x59, 0x8a, 0xec, 0xcf, 0xdd, 0x65, 0x5d, 0xc1, 0xaa, 0x86, 0x53, 0xd5, 0xde, 0xbb, 0x23, 0x24, 0xb8, 0x9b, 0x74, 0x03, 0x20, 0xb4, 0xf0, 0xe4, 0xdd, 0xd2, 0x03, 0xfd, 0x67, 0x55, 0x19, 0x28, 0x1d, 0xc1, 0xb8, 0xa5, 0x89, 0x0e, 0xc0, 0x80, 0x9d, 0xdd, 0xda, 0x9d, 0x30, 0x5c, 0xc8, 0xbb, 0xfe, 0x8f, 0xce, 0xd5, 0xf6, 0xdf, 0xfa, 0x14, 0xaf, 0xe4, 0xba, 0xb0, 0x84, 0x45, 0xd8, 0x67, 0xa7, 0xd0, 0xce, 0x89, 0x2a, 0x30, 0x8c, 0xfa, 0xe9, 0x65, 0xa4, 0x21, 0x2d, 0x6b, 0xa2, 0x9b, 0x8f, 0x92, 0xbd, 0x3a, 0x10, 0x71, 0x12, 0xc2, 0x02, 0x3d, 0xd5, 0x83, 0x1d, 0xfa, 0x42, 0xb7, 0x48, 0x1b, 0x31, 0xe3, 0x82, 0x90, 0x2d, 0x91, 0x59, 0xf9, 0x38, 0x52, 0xe5, 0xdb, 0xc1, 0x4d, 0x3a, 0xe6, 0x9b, 0x6a, 0xbb, 0xea, 0xa4, 0x8d, 0x5e, 0xc4, 0x00, 0x01, 0xb8, 0xec, 0x91, 0xc1, 0xdb, 0x63, 0xbd, 0x57, 0xb6, 0x26, 0x15, 0xb6, 0x3e, 0xa2, 0xdf, 0x62, 0x8d, 0xa8, 0xbe, 0xe1, 0xf1, 0x39, 0xbd, 0x18, 0xd2, 0x6f, 0xd7, 0xda, 0xdc, 0x71, 0x30, 0xf1, 0x21, 0x71, 0xa4, 0x08, 0x43, 0x46, 0xdf, 0x50, 0xbd, 0x3c, 0x60, 0x5b, 0x63, 0x35, 0xe3, 0x37, 0x5b, 0x25, 0x17, 0x54, 0x5e, 0x68, 0x60, 0xb6, 0x49, 0xef, 0x6e, 0x09, 0xef, 0xda, 0x90, 0x3e, 0xd4, 0x09, 0x33, 0x36, 0x57, 0x9a, 0x14, 0xbd, 0xf7, 0xb1, 0x98, 0x30, 0x42, 0x03, 0x84, 0x61, 0xeb, 0x8e, 0x50, 0xdc, 0x6a, 0x93, 0x1b, 0x32, 0x51, 0xf9, 0xc6, 0xc2, 0x19, 0xb3, 0x5d, 0xe2, 0xf8, 0xc5, 0x8f, 0x68, 0xaa, 0x1d, 0xdb, 0xd3, 0x7f, 0x8d, 0x98, 0x9c, 0x16, 0x8c, 0xc3, 0xcd, 0xd9, 0xdb, 0x08, 0xe6, 0x36, 0x60, 0xb6, 0x36, 0xdc, 0x1d, 0x59, 0xb6, 0x5f, 0x01, 0x5e }; dwLen=84; result = CryptImportKey(hProv, abPlainPublicKey, dwLen, 0, 0, &hPublicKey); ok(result, "failed to import the public key\n"); dwDataLen=sizeof(algID); result = CryptGetKeyParam(hPublicKey, KP_ALGID, (LPBYTE)&algID, &dwDataLen, 0); ok(result, "failed to get the KP_ALGID from the imported public key\n"); ok(algID == CALG_RSA_KEYX, "Expected CALG_RSA_KEYX, got %x\n", algID); dwVal = 0xdeadbeef; dwDataLen = sizeof(DWORD); result = CryptGetKeyParam(hPublicKey, KP_PERMISSIONS, (BYTE*)&dwVal, &dwDataLen, 0); ok(result, "%08x\n", GetLastError()); ok(dwVal == (CRYPT_MAC|CRYPT_WRITE|CRYPT_READ|CRYPT_DECRYPT|CRYPT_ENCRYPT) || broken(dwVal == 0xffffffff), /* Win9x/NT4 */ "expected CRYPT_MAC|CRYPT_WRITE|CRYPT_READ|CRYPT_DECRYPT|CRYPT_ENCRYPT," " got %08x\n", dwVal); result = CryptExportKey(hPublicKey, 0, PUBLICKEYBLOB, 0, emptyKey, &dwLen); ok(result, "failed to export the fresh imported public key\n"); ok(dwLen == 84, "Expected exported key to be 84 bytes long but got %d bytes.\n",dwLen); ok(!memcmp(emptyKey, abPlainPublicKey, dwLen), "exported key is different from the imported key\n"); CryptDestroyKey(hPublicKey); result = CryptImportKey(hProv, priv_key_with_high_bit, sizeof(priv_key_with_high_bit), 0, CRYPT_EXPORTABLE, &hPrivKey); ok(result, "CryptImportKey failed: %08x\n", GetLastError()); result = CryptExportKey(hPrivKey, 0, PRIVATEKEYBLOB, 0, NULL, &dwDataLen); ok(result, "CryptExportKey failed: %08x\n", GetLastError()); exported_key = HeapAlloc(GetProcessHeap(), 0, dwDataLen); result = CryptExportKey(hPrivKey, 0, PRIVATEKEYBLOB, 0, exported_key, &dwDataLen); ok(result, "CryptExportKey failed: %08x\n", GetLastError()); ok(dwDataLen == sizeof(expected_exported_priv_key), "unexpected size %d\n", dwDataLen); ok(!memcmp(exported_key, expected_exported_priv_key, dwDataLen), "unexpected value\n"); HeapFree(GetProcessHeap(), 0, exported_key); CryptDestroyKey(hPrivKey); } static void test_import_hmac(void) { /* Test cases from RFC 2202, section 3 */ static const struct rfc2202_test_case { const char *key; DWORD key_len; const char *data; const DWORD data_len; const char *digest; } cases[] = { { "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" "\x0b\x0b\x0b\x0b", 20, "Hi There", 8, "\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c\x8e" "\xf1\x46\xbe\x00" }, { "Jefe", 4, "what do ya want for nothing?", 28, "\xef\xfc\xdf\x6a\xe5\xeb\x2f\xa2\xd2\x74\x16\xd5\xf1\x84\xdf\x9c" "\x25\x9a\x7c\x79" }, { "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" "\xaa\xaa\xaa\xaa", 20, "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" "\xdd\xdd", 50, "\x12\x5d\x73\x42\xb9\xac\x11\xcd\x91\xa3\x9a\xf4\x8a\xa1\x7b\x4f" "\x63\xf1\x75\xd3" }, { "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10" "\x11\x12\x13\x14\x15\x16\x17\x18\x19", 25, "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" "\xcd\xcd", 50, "\x4c\x90\x07\xF4\x02\x62\x50\xc6\xbc\x84\x14\xf9\xbf\x50\xc8\x6c" "\x2d\x72\x35\xda" }, { "\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c\x0c" "\x0c\x0c\x0c\x0c", 20, "Test With Truncation", 20, "\x4c\x1a\x03\x42\x4b\x55\xe0\x7f\xe7\xf2\x7b\xe1\xd5\x8b\xb9\x32" "\x4a\x9a\x5a\x04" }, { "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa", 80, "Test Using Larger Than Block-Size Key - Hash Key First", 54, "\xaa\x4a\xe5\xe1\x52\x72\xd0\x0e\x95\x70\x56\x37\xce\x8a\x3b\x55" "\xed\x40\x21\x12" }, { "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa", 80, "Test Using Larger Than Block-Size Key and Larger " "Than One Block-Size Data", 73, "\xe8\xe9\x9D\x0f\x45\x23\x7d\x78\x6d\x6b\xba\xa7\x96\x5c\x78\x08" "\xbb\xff\x1a\x91" } }; DWORD i; for (i = 0; i < sizeof(cases) / sizeof(cases[0]); i++) { const struct rfc2202_test_case *test_case = &cases[i]; DWORD size = sizeof(BLOBHEADER) + sizeof(DWORD) + test_case->key_len; BYTE *blob = HeapAlloc(GetProcessHeap(), 0, size); if (blob) { BLOBHEADER *header = (BLOBHEADER *)blob; DWORD *key_len = (DWORD *)(header + 1); BYTE *key_bytes = (BYTE *)(key_len + 1); BOOL result; HCRYPTKEY key; header->bType = PLAINTEXTKEYBLOB; header->bVersion = CUR_BLOB_VERSION; header->reserved = 0; header->aiKeyAlg = CALG_RC2; *key_len = test_case->key_len; memcpy(key_bytes, test_case->key, *key_len); result = CryptImportKey(hProv, blob, size, 0, CRYPT_IPSEC_HMAC_KEY, &key); ok(result || broken(GetLastError() == NTE_BAD_FLAGS /* Win2k */), "CryptImportKey failed on test case %d: %08x\n", i, GetLastError()); if (result) { HCRYPTHASH hash; HMAC_INFO hmac_info = { CALG_SHA1, 0 }; BYTE digest[20]; DWORD digest_size; result = CryptCreateHash(hProv, CALG_HMAC, key, 0, &hash); ok(result, "CryptCreateHash failed on test case %d: %08x\n", i, GetLastError()); result = CryptSetHashParam(hash, HP_HMAC_INFO, (BYTE *)&hmac_info, 0); ok(result, "CryptSetHashParam failed on test case %d: %08x\n", i, GetLastError()); result = CryptHashData(hash, (const BYTE *)test_case->data, test_case->data_len, 0); ok(result, "CryptHashData failed on test case %d: %08x\n", i, GetLastError()); digest_size = sizeof(digest); result = CryptGetHashParam(hash, HP_HASHVAL, digest, &digest_size, 0); ok(result, "CryptGetHashParam failed on test case %d: %08x\n", i, GetLastError()); ok(!memcmp(digest, test_case->digest, sizeof(digest)), "Unexpected value on test case %d\n", i); CryptDestroyHash(hash); CryptDestroyKey(key); } HeapFree(GetProcessHeap(), 0, blob); } } } static void test_schannel_provider(void) { HCRYPTPROV hProv; HCRYPTKEY hRSAKey, hMasterSecret, hServerWriteKey, hServerWriteMACKey; HCRYPTHASH hMasterHash, hTLS1PRF, hHMAC; BOOL result; DWORD dwLen; SCHANNEL_ALG saSChannelAlg; CRYPT_DATA_BLOB data_blob; HMAC_INFO hmacInfo = { CALG_MD5, NULL, 0, NULL, 0 }; BYTE abTLS1Master[140] = { 0x01, 0x02, 0x00, 0x00, 0x06, 0x4c, 0x00, 0x00, 0x00, 0xa4, 0x00, 0x00, 0x5b, 0x13, 0xc7, 0x68, 0xd8, 0x55, 0x23, 0x5d, 0xbc, 0xa6, 0x9d, 0x97, 0x0e, 0xcd, 0x6b, 0xcf, 0xc0, 0xdc, 0xc5, 0x53, 0x28, 0xa0, 0xca, 0xc1, 0x63, 0x4e, 0x3a, 0x24, 0x22, 0xe5, 0x4d, 0x15, 0xbb, 0xa5, 0x06, 0xc3, 0x98, 0x25, 0xdc, 0x35, 0xd3, 0xdb, 0xab, 0xb8, 0x44, 0x1b, 0xfe, 0x63, 0x88, 0x7c, 0x2e, 0x6d, 0x34, 0xd9, 0x0f, 0x7e, 0x2f, 0xc2, 0xb2, 0x6e, 0x56, 0xfa, 0xab, 0xb2, 0x88, 0xf6, 0x15, 0x6e, 0xa8, 0xcd, 0x70, 0x16, 0x94, 0x61, 0x07, 0x40, 0x9e, 0x25, 0x22, 0xf8, 0x64, 0x9f, 0xcc, 0x0b, 0xf1, 0x92, 0x4d, 0xfe, 0xc3, 0x5d, 0x52, 0xdb, 0x0f, 0xff, 0x12, 0x0f, 0x49, 0x43, 0x7d, 0xc6, 0x52, 0x61, 0xb0, 0x06, 0xc8, 0x1b, 0x90, 0xac, 0x09, 0x7e, 0x4b, 0x95, 0x69, 0x3b, 0x0d, 0x41, 0x1b, 0x4c, 0x65, 0x75, 0x4d, 0x85, 0x16, 0xc4, 0xd3, 0x1e, 0x82, 0xb3 }; BYTE abServerSecret[33] = "Super Secret Server Secret 12345"; BYTE abClientSecret[33] = "Super Secret Client Secret 12345"; BYTE abHashedHandshakes[37] = "123456789012345678901234567890123456"; BYTE abClientFinished[16] = "client finished"; BYTE abData[16] = "Wine rocks!"; BYTE abMD5Hash[16]; static const BYTE abEncryptedData[16] = { 0x13, 0xd2, 0xdd, 0xeb, 0x6c, 0x3f, 0xbe, 0xb2, 0x04, 0x86, 0xb5, 0xe5, 0x08, 0xe5, 0xf3, 0x0d }; static const BYTE abPRF[16] = { 0xa8, 0xb2, 0xa6, 0xef, 0x83, 0x4e, 0x74, 0xb1, 0xf3, 0xb1, 0x51, 0x5a, 0x1a, 0x2b, 0x11, 0x31 }; static const BYTE abMD5[16] = { 0xe1, 0x65, 0x3f, 0xdb, 0xbb, 0x3d, 0x99, 0x3c, 0x3d, 0xca, 0x6a, 0x6f, 0xfa, 0x15, 0x4e, 0xaa }; result = CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_SCHANNEL, CRYPT_VERIFYCONTEXT|CRYPT_NEWKEYSET); if (!result) { win_skip("no PROV_RSA_SCHANNEL support\n"); return; } ok (result, "%08x\n", GetLastError()); if (result) CryptReleaseContext(hProv, 0); result = CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_SCHANNEL, CRYPT_VERIFYCONTEXT); ok (result, "%08x\n", GetLastError()); if (!result) return; /* To get deterministic results, we import the TLS1 master secret (which * is typically generated from a random generator). Therefore, we need * an RSA key. */ dwLen = (DWORD)sizeof(abPlainPrivateKey); result = CryptImportKey(hProv, abPlainPrivateKey, dwLen, 0, 0, &hRSAKey); ok (result, "%08x\n", GetLastError()); if (!result) return; dwLen = (DWORD)sizeof(abTLS1Master); result = CryptImportKey(hProv, abTLS1Master, dwLen, hRSAKey, 0, &hMasterSecret); ok (result, "%08x\n", GetLastError()); if (!result) return; /* Deriving a hash from the master secret. This is due to the CryptoAPI architecture. * (Keys can only be derived from hashes, not from other keys.) * The hash can't be created yet because the key doesn't have the client * random or server random set. */ result = CryptCreateHash(hProv, CALG_SCHANNEL_MASTER_HASH, hMasterSecret, 0, &hMasterHash); ok (!result && GetLastError() == ERROR_INVALID_PARAMETER, "expected ERROR_INVALID_PARAMETER, got %08x\n", GetLastError()); /* Setting the TLS1 client and server random parameters, as well as the * MAC and encryption algorithm parameters. */ data_blob.cbData = 33; data_blob.pbData = abClientSecret; result = CryptSetKeyParam(hMasterSecret, KP_CLIENT_RANDOM, (BYTE*)&data_blob, 0); ok (result, "%08x\n", GetLastError()); if (!result) return; data_blob.cbData = 33; data_blob.pbData = abServerSecret; result = CryptSetKeyParam(hMasterSecret, KP_SERVER_RANDOM, (BYTE*)&data_blob, 0); ok (result, "%08x\n", GetLastError()); if (!result) return; result = CryptCreateHash(hProv, CALG_SCHANNEL_MASTER_HASH, hMasterSecret, 0, &hMasterHash); ok (result, "%08x\n", GetLastError()); if (!result) return; /* Deriving the server write encryption key from the master hash can't * succeed before the encryption key algorithm is set. */ result = CryptDeriveKey(hProv, CALG_SCHANNEL_ENC_KEY, hMasterHash, CRYPT_SERVER, &hServerWriteKey); ok (!result && GetLastError() == NTE_BAD_FLAGS, "expected NTE_BAD_FLAGS, got %08x\n", GetLastError()); CryptDestroyHash(hMasterHash); saSChannelAlg.dwUse = SCHANNEL_ENC_KEY; saSChannelAlg.Algid = CALG_DES; saSChannelAlg.cBits = 64; saSChannelAlg.dwFlags = 0; saSChannelAlg.dwReserved = 0; result = CryptSetKeyParam(hMasterSecret, KP_SCHANNEL_ALG, (PBYTE)&saSChannelAlg, 0); ok (result, "%08x\n", GetLastError()); if (!result) return; saSChannelAlg.dwUse = SCHANNEL_MAC_KEY; saSChannelAlg.Algid = CALG_MD5; saSChannelAlg.cBits = 128; saSChannelAlg.dwFlags = 0; saSChannelAlg.dwReserved = 0; result = CryptSetKeyParam(hMasterSecret, KP_SCHANNEL_ALG, (PBYTE)&saSChannelAlg, 0); ok (result, "%08x\n", GetLastError()); if (!result) return; result = CryptCreateHash(hProv, CALG_SCHANNEL_MASTER_HASH, hMasterSecret, 0, &hMasterHash); ok (result, "%08x\n", GetLastError()); if (!result) return; /* Deriving the server write encryption key from the master hash */ result = CryptDeriveKey(hProv, CALG_SCHANNEL_ENC_KEY, hMasterHash, CRYPT_SERVER, &hServerWriteKey); ok (result, "%08x\n", GetLastError()); if (!result) return; /* Encrypting some data with the server write encryption key and checking the result. */ dwLen = 12; result = CryptEncrypt(hServerWriteKey, 0, TRUE, 0, abData, &dwLen, 16); ok (result && (dwLen == 16) && !memcmp(abData, abEncryptedData, 16), "%08x\n", GetLastError()); /* Second test case: Test the TLS1 pseudo random number function. */ result = CryptCreateHash(hProv, CALG_TLS1PRF, hMasterSecret, 0, &hTLS1PRF); ok (result, "%08x\n", GetLastError()); if (!result) return; /* Set the label and seed parameters for the random number function */ data_blob.cbData = 36; data_blob.pbData = abHashedHandshakes; result = CryptSetHashParam(hTLS1PRF, HP_TLS1PRF_SEED, (BYTE*)&data_blob, 0); ok (result, "%08x\n", GetLastError()); if (!result) return; data_blob.cbData = 15; data_blob.pbData = abClientFinished; result = CryptSetHashParam(hTLS1PRF, HP_TLS1PRF_LABEL, (BYTE*)&data_blob, 0); ok (result, "%08x\n", GetLastError()); if (!result) return; /* Generate some pseudo random bytes and check if they are correct. */ dwLen = (DWORD)sizeof(abData); result = CryptGetHashParam(hTLS1PRF, HP_HASHVAL, abData, &dwLen, 0); ok (result && (dwLen==(DWORD)sizeof(abData)) && !memcmp(abData, abPRF, sizeof(abData)), "%08x\n", GetLastError()); /* Third test case. Derive the server write mac key. Derive an HMAC object from this one. * Hash some data with the HMAC. Compare results. */ result = CryptDeriveKey(hProv, CALG_SCHANNEL_MAC_KEY, hMasterHash, CRYPT_SERVER, &hServerWriteMACKey); ok (result, "%08x\n", GetLastError()); if (!result) return; result = CryptCreateHash(hProv, CALG_HMAC, hServerWriteMACKey, 0, &hHMAC); ok (result, "%08x\n", GetLastError()); if (!result) return; result = CryptSetHashParam(hHMAC, HP_HMAC_INFO, (PBYTE)&hmacInfo, 0); ok (result, "%08x\n", GetLastError()); if (!result) return; result = CryptHashData(hHMAC, abData, (DWORD)sizeof(abData), 0); ok (result, "%08x\n", GetLastError()); if (!result) return; dwLen = (DWORD)sizeof(abMD5Hash); result = CryptGetHashParam(hHMAC, HP_HASHVAL, abMD5Hash, &dwLen, 0); ok (result && (dwLen == 16) && !memcmp(abMD5Hash, abMD5, 16), "%08x\n", GetLastError()); CryptDestroyHash(hHMAC); CryptDestroyHash(hTLS1PRF); CryptDestroyHash(hMasterHash); CryptDestroyKey(hServerWriteMACKey); CryptDestroyKey(hServerWriteKey); CryptDestroyKey(hRSAKey); CryptDestroyKey(hMasterSecret); CryptReleaseContext(hProv, 0); CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_SCHANNEL, CRYPT_DELETEKEYSET); } /* Test that a key can be used to encrypt data and exported, and that, when * the exported key is imported again, can be used to decrypt the original * data again. */ static void test_rsa_round_trip(void) { static const char test_string[] = "Well this is a fine how-do-you-do."; HCRYPTPROV prov; HCRYPTKEY signKey, keyExchangeKey; BOOL result; BYTE data[256], *exportedKey; DWORD dataLen, keyLen; CryptAcquireContext(&prov, szContainer, NULL, PROV_RSA_FULL, CRYPT_DELETEKEYSET); /* Generate a new key... */ result = CryptAcquireContext(&prov, szContainer, NULL, PROV_RSA_FULL, CRYPT_NEWKEYSET); ok(result, "CryptAcquireContext failed: %08x\n", GetLastError()); result = CryptGenKey(prov, CALG_RSA_KEYX, CRYPT_EXPORTABLE, &signKey); ok(result, "CryptGenKey with CALG_RSA_KEYX failed with error %08x\n", GetLastError()); result = CryptGetUserKey(prov, AT_KEYEXCHANGE, &keyExchangeKey); ok(result, "CryptGetUserKey failed: %08x\n", GetLastError()); /* encrypt some data with it... */ memcpy(data, test_string, strlen(test_string) + 1); dataLen = strlen(test_string) + 1; result = CryptEncrypt(keyExchangeKey, 0, TRUE, 0, data, &dataLen, sizeof(data)); ok(result || broken(GetLastError() == NTE_BAD_KEY /* Win9x/2000 */) || broken(GetLastError() == NTE_PERM /* NT4 */), "CryptEncrypt failed: %08x\n", GetLastError()); /* export the key... */ result = CryptExportKey(keyExchangeKey, 0, PRIVATEKEYBLOB, 0, NULL, &keyLen); ok(result, "CryptExportKey failed: %08x\n", GetLastError()); exportedKey = HeapAlloc(GetProcessHeap(), 0, keyLen); result = CryptExportKey(keyExchangeKey, 0, PRIVATEKEYBLOB, 0, exportedKey, &keyLen); ok(result, "CryptExportKey failed: %08x\n", GetLastError()); /* destroy the key... */ CryptDestroyKey(keyExchangeKey); CryptDestroyKey(signKey); /* import the key again... */ result = CryptImportKey(prov, exportedKey, keyLen, 0, 0, &keyExchangeKey); ok(result, "CryptImportKey failed: %08x\n", GetLastError()); HeapFree(GetProcessHeap(), 0, exportedKey); /* and decrypt the data encrypted with the original key with the imported * key. */ result = CryptDecrypt(keyExchangeKey, 0, TRUE, 0, data, &dataLen); ok(result || broken(GetLastError() == NTE_BAD_KEY /* Win9x/2000 */) || broken(GetLastError() == NTE_PERM /* NT4 */), "CryptDecrypt failed: %08x\n", GetLastError()); if (result) { ok(dataLen == sizeof(test_string), "unexpected size %d\n", dataLen); ok(!memcmp(data, test_string, sizeof(test_string)), "unexpected value\n"); } CryptDestroyKey(keyExchangeKey); CryptReleaseContext(prov, 0); CryptAcquireContext(&prov, szContainer, NULL, PROV_RSA_FULL, CRYPT_DELETEKEYSET); } static void test_enum_container(void) { BYTE abContainerName[MAX_PATH + 2]; /* Larger than maximum name len */ DWORD dwBufferLen; BOOL result, fFound = FALSE; /* If PP_ENUMCONTAINERS is queried with CRYPT_FIRST and abData == NULL, it returns * the maximum legal length of container names (which is MAX_PATH + 1 == 261) */ SetLastError(0xdeadbeef); result = CryptGetProvParam(hProv, PP_ENUMCONTAINERS, NULL, &dwBufferLen, CRYPT_FIRST); ok (result, "%08x\n", GetLastError()); ok (dwBufferLen == MAX_PATH + 1 || broken(dwBufferLen != MAX_PATH + 1), /* Win9x, WinMe, NT4 */ "Expected dwBufferLen to be (MAX_PATH + 1), it was : %d\n", dwBufferLen); /* If the result fits into abContainerName dwBufferLen is left untouched */ dwBufferLen = (DWORD)sizeof(abContainerName); result = CryptGetProvParam(hProv, PP_ENUMCONTAINERS, abContainerName, &dwBufferLen, CRYPT_FIRST); ok (result && dwBufferLen == (DWORD)sizeof(abContainerName), "%08x\n", GetLastError()); /* We only check, if the currently open 'winetest' container is among the enumerated. */ do { if (!strcmp((const char*)abContainerName, "winetest")) fFound = TRUE; dwBufferLen = (DWORD)sizeof(abContainerName); } while (CryptGetProvParam(hProv, PP_ENUMCONTAINERS, abContainerName, &dwBufferLen, 0)); ok (fFound && GetLastError() == ERROR_NO_MORE_ITEMS, "%d, %08x\n", fFound, GetLastError()); } static BYTE signBlob[] = { 0x07,0x02,0x00,0x00,0x00,0x24,0x00,0x00,0x52,0x53,0x41,0x32,0x00,0x02,0x00,0x00, 0x01,0x00,0x01,0x00,0xf1,0x82,0x9e,0x84,0xb5,0x79,0x9a,0xbe,0x4d,0x06,0x20,0x21, 0xb1,0x89,0x0c,0xca,0xb0,0x35,0x72,0x18,0xc6,0x92,0xa8,0xe2,0xb1,0xe1,0xf6,0x56, 0x53,0x99,0x47,0x10,0x6e,0x1c,0x81,0xaf,0xb8,0xf9,0x5f,0xfe,0x76,0x7f,0x2c,0x93, 0xec,0x54,0x7e,0x5e,0xc2,0x25,0x3c,0x50,0x56,0x10,0x20,0x72,0x4a,0x93,0x03,0x12, 0x29,0x98,0xcc,0xc9,0x47,0xbf,0xbf,0x93,0xcc,0xb0,0xe5,0x53,0x14,0xc8,0x7e,0x1f, 0xa4,0x03,0x2d,0x8e,0x84,0x7a,0xd2,0xeb,0xf7,0x92,0x5e,0xa2,0xc7,0x6b,0x35,0x7d, 0xcb,0x60,0xae,0xfb,0x07,0x78,0x11,0x73,0xb5,0x79,0xe5,0x7e,0x96,0xe3,0x50,0x95, 0x80,0x0e,0x1c,0xf6,0x56,0xc6,0xe9,0x0a,0xaf,0x03,0xc6,0xdc,0x9a,0x81,0xcf,0x7a, 0x63,0x16,0x43,0xcd,0xab,0x74,0xa1,0x7d,0xe7,0xe0,0x75,0x6d,0xbd,0x19,0xae,0x0b, 0xa3,0x7f,0x6a,0x7b,0x05,0x4e,0xbc,0xec,0x18,0xfc,0x19,0xc2,0x00,0xf0,0x6a,0x2e, 0xc4,0x31,0x73,0xba,0x07,0xcc,0x9d,0x57,0xeb,0xc7,0x7c,0x00,0x7d,0x5d,0x11,0x16, 0x42,0x4b,0xe5,0x3a,0xf5,0xc7,0xf8,0xee,0xc3,0x2c,0x0d,0x86,0x03,0xe2,0xaf,0xb2, 0xd2,0x91,0xdb,0x71,0xcd,0xdf,0x81,0x5f,0x06,0xfc,0x48,0x0d,0xb6,0x88,0x9f,0xc1, 0x5e,0x24,0xa2,0x05,0x4f,0x30,0x2e,0x8f,0x8b,0x0d,0x76,0xa1,0x84,0xda,0x7b,0x44, 0x70,0x85,0xf1,0x50,0xb1,0x21,0x3d,0xe2,0x57,0x3d,0xd0,0x01,0x93,0x49,0x8e,0xc5, 0x0b,0x8b,0x0d,0x7b,0x08,0xe9,0x14,0xec,0x20,0x0d,0xea,0x02,0x00,0x63,0xe8,0x0a, 0x52,0xe8,0xfb,0x21,0xbd,0x37,0xde,0x4c,0x4d,0xc2,0xf6,0xb9,0x0d,0x2a,0xc3,0xe2, 0xc9,0xdf,0x48,0x3e,0x55,0x3d,0xe3,0xc0,0x22,0x37,0xf9,0x52,0xc0,0xd7,0x61,0x22, 0xb6,0x85,0x86,0x07 }; static void test_null_provider(void) { HCRYPTPROV prov; HCRYPTKEY key; BOOL result; DWORD keySpec, dataLen,dwParam; char szName[MAX_PATH]; result = CryptAcquireContext(NULL, szContainer, NULL, 0, 0); ok(!result && GetLastError() == NTE_BAD_PROV_TYPE, "Expected NTE_BAD_PROV_TYPE, got %08x\n", GetLastError()); result = CryptAcquireContext(NULL, szContainer, NULL, PROV_RSA_FULL, 0); ok(!result && (GetLastError() == ERROR_INVALID_PARAMETER || GetLastError() == NTE_BAD_KEYSET), "Expected ERROR_INVALID_PARAMETER or NTE_BAD_KEYSET, got %08x\n", GetLastError()); result = CryptAcquireContext(NULL, szContainer, NULL, PROV_RSA_FULL, CRYPT_DELETEKEYSET); ok(!result && ( GetLastError() == ERROR_INVALID_PARAMETER || GetLastError() == NTE_BAD_KEYSET), "Expected ERROR_INVALID_PARAMETER or NTE_BAD_KEYSET, got %08x\n", GetLastError()); result = CryptAcquireContext(&prov, szContainer, NULL, PROV_RSA_FULL, CRYPT_DELETEKEYSET); ok(!result && GetLastError() == NTE_BAD_KEYSET, "Expected NTE_BAD_KEYSET, got %08x\n", GetLastError()); result = CryptAcquireContext(&prov, szContainer, NULL, PROV_RSA_FULL, 0); ok(!result && GetLastError() == NTE_BAD_KEYSET, "Expected NTE_BAD_KEYSET, got %08x\n", GetLastError()); /* Delete the default container. */ CryptAcquireContext(&prov, NULL, NULL, PROV_RSA_FULL, CRYPT_DELETEKEYSET); /* Once you've deleted the default container you can't open it as if it * already exists. */ result = CryptAcquireContext(&prov, NULL, NULL, PROV_RSA_FULL, 0); ok(!result && GetLastError() == NTE_BAD_KEYSET, "Expected NTE_BAD_KEYSET, got %08x\n", GetLastError()); /* But you can always open the default container for CRYPT_VERIFYCONTEXT. */ result = CryptAcquireContext(&prov, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT); ok(result, "CryptAcquireContext failed: %08x\n", GetLastError()); if (!result) return; dataLen = sizeof(keySpec); result = CryptGetProvParam(prov, PP_KEYSPEC, (LPBYTE)&keySpec, &dataLen, 0); if (result) ok(keySpec == (AT_KEYEXCHANGE | AT_SIGNATURE), "Expected AT_KEYEXCHANGE | AT_SIGNATURE, got %08x\n", keySpec); /* Even though PP_KEYSPEC says both AT_KEYEXCHANGE and AT_SIGNATURE are * supported, you can't get the keys from this container. */ result = CryptGetUserKey(prov, AT_KEYEXCHANGE, &key); ok(!result && GetLastError() == NTE_NO_KEY, "Expected NTE_NO_KEY, got %08x\n", GetLastError()); result = CryptGetUserKey(prov, AT_SIGNATURE, &key); ok(!result && GetLastError() == NTE_NO_KEY, "Expected NTE_NO_KEY, got %08x\n", GetLastError()); result = CryptReleaseContext(prov, 0); ok(result, "CryptReleaseContext failed: %08x\n", GetLastError()); /* You can create a new default container. */ result = CryptAcquireContext(&prov, NULL, NULL, PROV_RSA_FULL, CRYPT_NEWKEYSET); ok(result, "CryptAcquireContext failed: %08x\n", GetLastError()); /* But you still can't get the keys (until one's been generated.) */ result = CryptGetUserKey(prov, AT_KEYEXCHANGE, &key); ok(!result && GetLastError() == NTE_NO_KEY, "Expected NTE_NO_KEY, got %08x\n", GetLastError()); result = CryptGetUserKey(prov, AT_SIGNATURE, &key); ok(!result && GetLastError() == NTE_NO_KEY, "Expected NTE_NO_KEY, got %08x\n", GetLastError()); CryptReleaseContext(prov, 0); CryptAcquireContext(&prov, NULL, NULL, PROV_RSA_FULL, CRYPT_DELETEKEYSET); CryptAcquireContext(&prov, szContainer, NULL, PROV_RSA_FULL, CRYPT_DELETEKEYSET); result = CryptAcquireContext(&prov, szContainer, NULL, PROV_RSA_FULL, 0); ok(!result && GetLastError() == NTE_BAD_KEYSET, "Expected NTE_BAD_KEYSET, got %08x\n", GetLastError()); result = CryptAcquireContext(&prov, szContainer, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT); ok(!result && GetLastError() == NTE_BAD_FLAGS, "Expected NTE_BAD_FLAGS, got %08x\n", GetLastError()); result = CryptAcquireContext(&prov, szContainer, NULL, PROV_RSA_FULL, CRYPT_NEWKEYSET); ok(result, "CryptAcquireContext failed: %08x\n", GetLastError()); if (!result) return; /* Test provider parameters getter */ dataLen = sizeof(dwParam); result = CryptGetProvParam(prov, PP_PROVTYPE, (LPBYTE)&dwParam, &dataLen, 0); ok(result && dataLen == sizeof(dwParam) && dwParam == PROV_RSA_FULL, "Expected PROV_RSA_FULL, got 0x%08X\n",dwParam); dataLen = sizeof(dwParam); result = CryptGetProvParam(prov, PP_KEYSET_TYPE, (LPBYTE)&dwParam, &dataLen, 0); ok(result && dataLen == sizeof(dwParam) && dwParam == 0, "Expected 0, got 0x%08X\n",dwParam); dataLen = sizeof(dwParam); result = CryptGetProvParam(prov, PP_KEYSTORAGE, (LPBYTE)&dwParam, &dataLen, 0); ok(result && dataLen == sizeof(dwParam) && (dwParam & CRYPT_SEC_DESCR), "Expected CRYPT_SEC_DESCR to be set, got 0x%08X\n",dwParam); dataLen = sizeof(keySpec); SetLastError(0xdeadbeef); result = CryptGetProvParam(prov, PP_KEYSPEC, (LPBYTE)&keySpec, &dataLen, 0); if (!result && GetLastError() == NTE_BAD_TYPE) skip("PP_KEYSPEC is not supported (win9x or NT)\n"); else ok(result && keySpec == (AT_KEYEXCHANGE | AT_SIGNATURE), "Expected AT_KEYEXCHANGE | AT_SIGNATURE, got %08x\n", keySpec); /* PP_CONTAINER parameter */ dataLen = sizeof(szName); result = CryptGetProvParam(prov, PP_CONTAINER, (LPBYTE)szName, &dataLen, 0); ok(result && dataLen == strlen(szContainer)+1 && strcmp(szContainer,szName) == 0, "failed getting PP_CONTAINER. result = %s. Error 0x%08X. returned length = %d\n", (result)? "TRUE":"FALSE",GetLastError(),dataLen); /* PP_UNIQUE_CONTAINER parameter */ dataLen = sizeof(szName); SetLastError(0xdeadbeef); result = CryptGetProvParam(prov, PP_UNIQUE_CONTAINER, (LPBYTE)szName, &dataLen, 0); if (!result && GetLastError() == NTE_BAD_TYPE) { skip("PP_UNIQUE_CONTAINER is not supported (win9x or NT)\n"); } else { char container[MAX_PATH]; ok(result, "failed getting PP_UNIQUE_CONTAINER : 0x%08X\n", GetLastError()); uniquecontainer(container); todo_wine { ok(dataLen == strlen(container)+1 || broken(dataLen == strlen(szContainer)+1) /* WinME */, "Expected a param length of 70, got %d\n", dataLen); ok(!strcmp(container, szName) || broken(!strcmp(szName, szContainer)) /* WinME */, "Wrong container name : %s\n", szName); } } result = CryptGetUserKey(prov, AT_KEYEXCHANGE, &key); ok(!result && GetLastError() == NTE_NO_KEY, "Expected NTE_NO_KEY, got %08x\n", GetLastError()); result = CryptGetUserKey(prov, AT_SIGNATURE, &key); ok(!result && GetLastError() == NTE_NO_KEY, "Expected NTE_NO_KEY, got %08x\n", GetLastError()); /* Importing a key exchange blob.. */ result = CryptImportKey(prov, abPlainPrivateKey, sizeof(abPlainPrivateKey), 0, 0, &key); ok(result, "CryptImportKey failed: %08x\n", GetLastError()); CryptDestroyKey(key); /* allows access to the key exchange key.. */ result = CryptGetUserKey(prov, AT_KEYEXCHANGE, &key); ok(result, "CryptGetUserKey failed: %08x\n", GetLastError()); CryptDestroyKey(key); /* but not to the private key. */ result = CryptGetUserKey(prov, AT_SIGNATURE, &key); ok(!result && GetLastError() == NTE_NO_KEY, "Expected NTE_NO_KEY, got %08x\n", GetLastError()); CryptReleaseContext(prov, 0); CryptAcquireContext(&prov, szContainer, NULL, PROV_RSA_FULL, CRYPT_DELETEKEYSET); /* Whereas importing a sign blob.. */ result = CryptAcquireContext(&prov, szContainer, NULL, PROV_RSA_FULL, CRYPT_NEWKEYSET); ok(result, "CryptAcquireContext failed: %08x\n", GetLastError()); if (!result) return; result = CryptImportKey(prov, signBlob, sizeof(signBlob), 0, 0, &key); ok(result, "CryptImportKey failed: %08x\n", GetLastError()); CryptDestroyKey(key); /* doesn't allow access to the key exchange key.. */ result = CryptGetUserKey(prov, AT_KEYEXCHANGE, &key); ok(!result && GetLastError() == NTE_NO_KEY, "Expected NTE_NO_KEY, got %08x\n", GetLastError()); /* but does to the private key. */ result = CryptGetUserKey(prov, AT_SIGNATURE, &key); ok(result, "CryptGetUserKey failed: %08x\n", GetLastError()); CryptDestroyKey(key); CryptReleaseContext(prov, 0); CryptAcquireContext(&prov, szContainer, NULL, PROV_RSA_FULL, CRYPT_DELETEKEYSET); /* Test for being able to get a key generated with CALG_RSA_SIGN. */ result = CryptAcquireContext(&prov, szContainer, NULL, PROV_RSA_FULL, CRYPT_NEWKEYSET); ok(result, "CryptAcquireContext failed: %08x\n", GetLastError()); result = CryptGenKey(prov, CALG_RSA_SIGN, 0, &key); ok(result, "CryptGenKey with CALG_RSA_SIGN failed with error %08x\n", GetLastError()); CryptDestroyKey(key); result = CryptGetUserKey(prov, AT_KEYEXCHANGE, &key); ok(!result, "expected CryptGetUserKey to fail\n"); result = CryptGetUserKey(prov, AT_SIGNATURE, &key); ok(result, "CryptGetUserKey with AT_SIGNATURE failed: %08x\n", GetLastError()); CryptDestroyKey(key); CryptReleaseContext(prov, 0); CryptAcquireContext(&prov, szContainer, NULL, PROV_RSA_FULL, CRYPT_DELETEKEYSET); /* Test for being able to get a key generated with CALG_RSA_KEYX. */ result = CryptAcquireContext(&prov, szContainer, NULL, PROV_RSA_FULL, CRYPT_NEWKEYSET); ok(result, "CryptAcquireContext failed: %08x\n", GetLastError()); result = CryptGenKey(prov, CALG_RSA_KEYX, 0, &key); ok(result, "CryptGenKey with CALG_RSA_KEYX failed with error %08x\n", GetLastError()); CryptDestroyKey(key); result = CryptGetUserKey(prov, AT_KEYEXCHANGE, &key); ok(result, "CryptGetUserKey with AT_KEYEXCHANGE failed: %08x\n", GetLastError()); CryptDestroyKey(key); result = CryptGetUserKey(prov, AT_SIGNATURE, &key); ok(!result, "expected CryptGetUserKey to fail\n"); CryptReleaseContext(prov, 0); CryptAcquireContext(&prov, szContainer, NULL, PROV_RSA_FULL, CRYPT_DELETEKEYSET); /* test for the bug in accessing the user key in a container */ result = CryptAcquireContext(&prov, szContainer, NULL, PROV_RSA_FULL, CRYPT_NEWKEYSET); ok(result, "CryptAcquireContext failed: %08x\n", GetLastError()); result = CryptGenKey(prov, AT_KEYEXCHANGE, 0, &key); ok(result, "CryptGenKey with AT_KEYEXCHANGE failed with error %08x\n", GetLastError()); CryptDestroyKey(key); CryptReleaseContext(prov,0); result = CryptAcquireContext(&prov, szContainer, NULL, PROV_RSA_FULL,0); ok(result, "CryptAcquireContext failed: 0x%08x\n", GetLastError()); result = CryptGetUserKey(prov, AT_KEYEXCHANGE, &key); ok (result, "CryptGetUserKey failed with error %08x\n", GetLastError()); CryptDestroyKey(key); CryptReleaseContext(prov, 0); CryptAcquireContext(&prov, szContainer, NULL, PROV_RSA_FULL, CRYPT_DELETEKEYSET); /* test the machine key set */ CryptAcquireContext(&prov, szContainer, NULL, PROV_RSA_FULL, CRYPT_DELETEKEYSET|CRYPT_MACHINE_KEYSET); result = CryptAcquireContext(&prov, szContainer, NULL, PROV_RSA_FULL, CRYPT_NEWKEYSET|CRYPT_MACHINE_KEYSET); ok(result, "CryptAcquireContext with CRYPT_MACHINE_KEYSET failed: %08x\n", GetLastError()); CryptReleaseContext(prov, 0); result = CryptAcquireContext(&prov, szContainer, NULL, PROV_RSA_FULL, CRYPT_MACHINE_KEYSET); ok(result, "CryptAcquireContext with CRYPT_MACHINE_KEYSET failed: %08x\n", GetLastError()); CryptReleaseContext(prov,0); result = CryptAcquireContext(&prov, szContainer, NULL, PROV_RSA_FULL, CRYPT_DELETEKEYSET|CRYPT_MACHINE_KEYSET); ok(result, "CryptAcquireContext with CRYPT_DELETEKEYSET|CRYPT_MACHINE_KEYSET failed: %08x\n", GetLastError()); result = CryptAcquireContext(&prov, szContainer, NULL, PROV_RSA_FULL, CRYPT_MACHINE_KEYSET); ok(!result && GetLastError() == NTE_BAD_KEYSET , "Expected NTE_BAD_KEYSET, got %08x\n", GetLastError()); } static void test_key_permissions(void) { HCRYPTKEY hKey1, hKey2; DWORD dwVal, dwLen; BOOL result; /* Create keys that are exportable */ if (!init_base_environment(CRYPT_EXPORTABLE)) return; result = CryptGetUserKey(hProv, AT_KEYEXCHANGE, &hKey1); ok (result, "%08x\n", GetLastError()); if (!result) return; dwVal = 0xdeadbeef; dwLen = sizeof(DWORD); result = CryptGetKeyParam(hKey1, KP_PERMISSIONS, (BYTE*)&dwVal, &dwLen, 0); ok(result, "%08x\n", GetLastError()); ok(dwVal == (CRYPT_MAC|CRYPT_WRITE|CRYPT_READ|CRYPT_EXPORT|CRYPT_DECRYPT|CRYPT_ENCRYPT) || broken(dwVal == 0xffffffff), /* Win9x/NT4 */ "expected CRYPT_MAC|CRYPT_WRITE|CRYPT_READ|CRYPT_EXPORT|CRYPT_DECRYPT|CRYPT_ENCRYPT," " got %08x\n", dwVal); /* The key exchange key's public key may be exported.. */ result = CryptExportKey(hKey1, 0, PUBLICKEYBLOB, 0, NULL, &dwLen); ok(result, "%08x\n", GetLastError()); /* and its private key may be too. */ result = CryptExportKey(hKey1, 0, PRIVATEKEYBLOB, 0, NULL, &dwLen); ok(result, "%08x\n", GetLastError()); /* Turning off the key's export permissions is "allowed".. */ dwVal &= ~CRYPT_EXPORT; result = CryptSetKeyParam(hKey1, KP_PERMISSIONS, (BYTE *)&dwVal, 0); ok(result || broken(!result && GetLastError() == NTE_BAD_DATA) || /* W2K */ broken(!result && GetLastError() == NTE_BAD_FLAGS), /* Win9x/WinME/NT4 */ "%08x\n", GetLastError()); /* but it has no effect. */ dwVal = 0xdeadbeef; dwLen = sizeof(DWORD); result = CryptGetKeyParam(hKey1, KP_PERMISSIONS, (BYTE*)&dwVal, &dwLen, 0); ok(result, "%08x\n", GetLastError()); ok(dwVal == (CRYPT_MAC|CRYPT_WRITE|CRYPT_READ|CRYPT_EXPORT|CRYPT_DECRYPT|CRYPT_ENCRYPT) || broken(dwVal == 0xffffffff), /* Win9x/NT4 */ "expected CRYPT_MAC|CRYPT_WRITE|CRYPT_READ|CRYPT_EXPORT|CRYPT_DECRYPT|CRYPT_ENCRYPT," " got %08x\n", dwVal); /* Thus, changing the export flag of the key doesn't affect whether the key * may be exported. */ result = CryptExportKey(hKey1, 0, PRIVATEKEYBLOB, 0, NULL, &dwLen); ok(result, "%08x\n", GetLastError()); result = CryptGetUserKey(hProv, AT_KEYEXCHANGE, &hKey2); ok (result, "%08x\n", GetLastError()); /* A subsequent get of the same key, into a different handle, also doesn't * show that the permissions have been changed. */ dwVal = 0xdeadbeef; dwLen = sizeof(DWORD); result = CryptGetKeyParam(hKey2, KP_PERMISSIONS, (BYTE*)&dwVal, &dwLen, 0); ok(result, "%08x\n", GetLastError()); ok(dwVal == (CRYPT_MAC|CRYPT_WRITE|CRYPT_READ|CRYPT_EXPORT|CRYPT_DECRYPT|CRYPT_ENCRYPT) || broken(dwVal == 0xffffffff), /* Win9x/NT4 */ "expected CRYPT_MAC|CRYPT_WRITE|CRYPT_READ|CRYPT_EXPORT|CRYPT_DECRYPT|CRYPT_ENCRYPT," " got %08x\n", dwVal); CryptDestroyKey(hKey2); CryptDestroyKey(hKey1); clean_up_base_environment(); } static void test_key_initialization(void) { DWORD dwLen; HCRYPTPROV prov1, prov2; HCRYPTKEY hKeyExchangeKey, hSessionKey, hKey; BOOL result; static BYTE abSessionKey[148] = { 0x01, 0x02, 0x00, 0x00, 0x01, 0x68, 0x00, 0x00, 0x00, 0xa4, 0x00, 0x00, 0xb8, 0xa4, 0xdf, 0x5e, 0x9e, 0xb1, 0xbf, 0x85, 0x3d, 0x24, 0x2d, 0x1e, 0x69, 0xb7, 0x67, 0x13, 0x8e, 0x78, 0xf2, 0xdf, 0xc6, 0x69, 0xce, 0x46, 0x7e, 0xf2, 0xf2, 0x33, 0x20, 0x6f, 0xa1, 0xa5, 0x59, 0x83, 0x25, 0xcb, 0x3a, 0xb1, 0x8a, 0x12, 0x63, 0x02, 0x3c, 0xfb, 0x4a, 0xfa, 0xef, 0x8e, 0xf7, 0x29, 0x57, 0xb1, 0x9e, 0xa7, 0xf3, 0x02, 0xfd, 0xca, 0xdf, 0x5a, 0x1f, 0x71, 0xb6, 0x26, 0x09, 0x24, 0x39, 0xda, 0xc0, 0xde, 0x2a, 0x0e, 0xcd, 0x1f, 0xe5, 0xb6, 0x4f, 0x82, 0xa0, 0xa9, 0x90, 0xd3, 0xd9, 0x6a, 0x43, 0x14, 0x2a, 0xf7, 0xac, 0xd5, 0xa0, 0x54, 0x93, 0xc4, 0xb9, 0xe7, 0x24, 0x84, 0x4d, 0x69, 0x5e, 0xcc, 0x2a, 0x32, 0xb5, 0xfb, 0xe4, 0xb4, 0x08, 0xd5, 0x36, 0x58, 0x59, 0x40, 0xfb, 0x29, 0x7f, 0xa7, 0x17, 0x25, 0xc4, 0x0d, 0x78, 0x37, 0x04, 0x8c, 0x49, 0x92 }; /* Like init_base_environment, but doesn't generate new keys, as they'll * be imported instead. */ if (!CryptAcquireContext(&prov1, szContainer, szProvider, PROV_RSA_FULL, 0)) { result = CryptAcquireContext(&prov1, szContainer, szProvider, PROV_RSA_FULL, CRYPT_NEWKEYSET); ok(result, "CryptAcquireContext failed: %08x\n", GetLastError()); } dwLen = (DWORD)sizeof(abPlainPrivateKey); result = CryptImportKey(prov1, abPlainPrivateKey, dwLen, 0, 0, &hKeyExchangeKey); ok(result, "CryptImportKey failed: %08x\n", GetLastError()); dwLen = (DWORD)sizeof(abSessionKey); result = CryptImportKey(prov1, abSessionKey, dwLen, hKeyExchangeKey, 0, &hSessionKey); ok(result, "CryptImportKey failed: %08x\n", GetLastError()); /* Once the key has been imported, subsequently acquiring a context with * the same name will allow retrieving the key. */ result = CryptAcquireContext(&prov2, szContainer, szProvider, PROV_RSA_FULL, 0); ok(result, "CryptAcquireContext failed: %08x\n", GetLastError()); result = CryptGetUserKey(prov2, AT_KEYEXCHANGE, &hKey); ok(result, "CryptGetUserKey failed: %08x\n", GetLastError()); if (result) CryptDestroyKey(hKey); CryptReleaseContext(prov2, 0); CryptDestroyKey(hSessionKey); CryptDestroyKey(hKeyExchangeKey); CryptReleaseContext(prov1, 0); CryptAcquireContext(&prov1, szContainer, NULL, PROV_RSA_FULL, CRYPT_DELETEKEYSET); } START_TEST(rsaenh) { if (!init_base_environment(0)) return; test_prov(); test_gen_random(); test_hashes(); test_rc4(); test_rc2(); test_des(); test_3des112(); test_3des(); test_hmac(); test_mac(); test_block_cipher_modes(); test_import_private(); test_verify_signature(); test_rsa_encrypt(); test_import_export(); test_import_hmac(); test_enum_container(); clean_up_base_environment(); test_key_permissions(); test_key_initialization(); test_schannel_provider(); test_null_provider(); test_rsa_round_trip(); if (!init_aes_environment()) return; test_aes(128); test_aes(192); test_aes(256); test_sha2(); clean_up_aes_environment(); }