search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
bcrypt: Allow to call BCryptSetProperty on key objects.
[wine.git] / dlls / bcrypt / tests / bcrypt.c
blob9922e4114fbbbb609258eaabc9a270ceaed1ddca
1 /*
2 * Unit test for bcrypt functions
3 *
4 * Copyright 2014 Bruno Jesus
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
19 */
20
21 #include <stdio.h>
22 #include <ntstatus.h>
23 #define WIN32_NO_STATUS
24 #include <windows.h>
25 #include <bcrypt.h>
26
27 #include "wine/test.h"
28
29 static NTSTATUS (WINAPI *pBCryptOpenAlgorithmProvider)(BCRYPT_ALG_HANDLE *, LPCWSTR, LPCWSTR, ULONG);
30 static NTSTATUS (WINAPI *pBCryptCloseAlgorithmProvider)(BCRYPT_ALG_HANDLE, ULONG);
31 static NTSTATUS (WINAPI *pBCryptGetFipsAlgorithmMode)(BOOLEAN *);
32 static NTSTATUS (WINAPI *pBCryptCreateHash)(BCRYPT_ALG_HANDLE, BCRYPT_HASH_HANDLE *, PUCHAR, ULONG, PUCHAR,
33 ULONG, ULONG);
34 static NTSTATUS (WINAPI *pBCryptHash)(BCRYPT_ALG_HANDLE, UCHAR *, ULONG, UCHAR *, ULONG, UCHAR *, ULONG);
35 static NTSTATUS (WINAPI *pBCryptHashData)(BCRYPT_HASH_HANDLE, PUCHAR, ULONG, ULONG);
36 static NTSTATUS (WINAPI *pBCryptDuplicateHash)(BCRYPT_HASH_HANDLE, BCRYPT_HASH_HANDLE *, UCHAR *, ULONG, ULONG);
37 static NTSTATUS (WINAPI *pBCryptFinishHash)(BCRYPT_HASH_HANDLE, PUCHAR, ULONG, ULONG);
38 static NTSTATUS (WINAPI *pBCryptDestroyHash)(BCRYPT_HASH_HANDLE);
39 static NTSTATUS (WINAPI *pBCryptGenRandom)(BCRYPT_ALG_HANDLE, PUCHAR, ULONG, ULONG);
40 static NTSTATUS (WINAPI *pBCryptGetProperty)(BCRYPT_HANDLE, LPCWSTR, PUCHAR, ULONG, ULONG *, ULONG);
41 static NTSTATUS (WINAPI *pBCryptSetProperty)(BCRYPT_HANDLE, LPCWSTR, PUCHAR, ULONG, ULONG);
42 static NTSTATUS (WINAPI *pBCryptGenerateSymmetricKey)(BCRYPT_ALG_HANDLE, BCRYPT_KEY_HANDLE *, PUCHAR, ULONG,
43 PUCHAR, ULONG, ULONG);
44 static NTSTATUS (WINAPI *pBCryptEncrypt)(BCRYPT_KEY_HANDLE, PUCHAR, ULONG, VOID *, PUCHAR, ULONG, PUCHAR, ULONG,
45 ULONG *, ULONG);
46 static NTSTATUS (WINAPI *pBCryptDecrypt)(BCRYPT_KEY_HANDLE, PUCHAR, ULONG, VOID *, PUCHAR, ULONG, PUCHAR, ULONG,
47 ULONG *, ULONG);
48 static NTSTATUS (WINAPI *pBCryptDestroyKey)(BCRYPT_KEY_HANDLE);
49 static NTSTATUS (WINAPI *pBCryptImportKey)(BCRYPT_ALG_HANDLE, BCRYPT_KEY_HANDLE, LPCWSTR, BCRYPT_KEY_HANDLE *,
50 PUCHAR, ULONG, PUCHAR, ULONG, ULONG);
51 static NTSTATUS (WINAPI *pBCryptExportKey)(BCRYPT_KEY_HANDLE, BCRYPT_KEY_HANDLE, LPCWSTR, PUCHAR, ULONG, ULONG *, ULONG);
52
53 static void test_BCryptGenRandom(void)
54 {
55 NTSTATUS ret;
56 UCHAR buffer[256];
57
58 ret = pBCryptGenRandom(NULL, NULL, 0, 0);
59 ok(ret == STATUS_INVALID_HANDLE, "Expected STATUS_INVALID_HANDLE, got 0x%x\n", ret);
60 ret = pBCryptGenRandom(NULL, buffer, 0, 0);
61 ok(ret == STATUS_INVALID_HANDLE, "Expected STATUS_INVALID_HANDLE, got 0x%x\n", ret);
62 ret = pBCryptGenRandom(NULL, buffer, sizeof(buffer), 0);
63 ok(ret == STATUS_INVALID_HANDLE, "Expected STATUS_INVALID_HANDLE, got 0x%x\n", ret);
64 ret = pBCryptGenRandom(NULL, buffer, sizeof(buffer), BCRYPT_USE_SYSTEM_PREFERRED_RNG);
65 ok(ret == STATUS_SUCCESS, "Expected success, got 0x%x\n", ret);
66 ret = pBCryptGenRandom(NULL, buffer, sizeof(buffer),
67 BCRYPT_USE_SYSTEM_PREFERRED_RNG|BCRYPT_RNG_USE_ENTROPY_IN_BUFFER);
68 ok(ret == STATUS_SUCCESS, "Expected success, got 0x%x\n", ret);
69 ret = pBCryptGenRandom(NULL, NULL, sizeof(buffer), BCRYPT_USE_SYSTEM_PREFERRED_RNG);
70 ok(ret == STATUS_INVALID_PARAMETER, "Expected STATUS_INVALID_PARAMETER, got 0x%x\n", ret);
71
72 /* Zero sized buffer should work too */
73 ret = pBCryptGenRandom(NULL, buffer, 0, BCRYPT_USE_SYSTEM_PREFERRED_RNG);
74 ok(ret == STATUS_SUCCESS, "Expected success, got 0x%x\n", ret);
75
76 /* Test random number generation - It's impossible for a sane RNG to return 8 zeros */
77 memset(buffer, 0, 16);
78 ret = pBCryptGenRandom(NULL, buffer, 8, BCRYPT_USE_SYSTEM_PREFERRED_RNG);
79 ok(ret == STATUS_SUCCESS, "Expected success, got 0x%x\n", ret);
80 ok(memcmp(buffer, buffer + 8, 8), "Expected a random number, got 0\n");
81 }
82
83 static void test_BCryptGetFipsAlgorithmMode(void)
84 {
85 static const WCHAR policyKeyVistaW[] = {
86 'S','y','s','t','e','m','\\',
87 'C','u','r','r','e','n','t','C','o','n','t','r','o','l','S','e','t','\\',
88 'C','o','n','t','r','o','l','\\',
89 'L','s','a','\\',
90 'F','I','P','S','A','l','g','o','r','i','t','h','m','P','o','l','i','c','y',0};
91 static const WCHAR policyValueVistaW[] = {'E','n','a','b','l','e','d',0};
92 static const WCHAR policyKeyXPW[] = {
93 'S','y','s','t','e','m','\\',
94 'C','u','r','r','e','n','t','C','o','n','t','r','o','l','S','e','t','\\',
95 'C','o','n','t','r','o','l','\\',
96 'L','s','a',0};
97 static const WCHAR policyValueXPW[] = {
98 'F','I','P','S','A','l','g','o','r','i','t','h','m','P','o','l','i','c','y',0};
99 HKEY hkey = NULL;
100 BOOLEAN expected;
101 BOOLEAN enabled;
102 DWORD value, count[2] = {sizeof(value), sizeof(value)};
103 NTSTATUS ret;
104
105 if (RegOpenKeyW(HKEY_LOCAL_MACHINE, policyKeyVistaW, &hkey) == ERROR_SUCCESS &&
106 RegQueryValueExW(hkey, policyValueVistaW, NULL, NULL, (void *)&value, &count[0]) == ERROR_SUCCESS)
107 {
108 expected = !!value;
109 }
110 else if (RegOpenKeyW(HKEY_LOCAL_MACHINE, policyKeyXPW, &hkey) == ERROR_SUCCESS &&
111 RegQueryValueExW(hkey, policyValueXPW, NULL, NULL, (void *)&value, &count[0]) == ERROR_SUCCESS)
112 {
113 expected = !!value;
114 }
115 else
116 {
117 expected = FALSE;
118 todo_wine
119 ok(0, "Neither XP or Vista key is present\n");
120 }
121 RegCloseKey(hkey);
122
123 ret = pBCryptGetFipsAlgorithmMode(&enabled);
124 ok(ret == STATUS_SUCCESS, "Expected STATUS_SUCCESS, got 0x%x\n", ret);
125 ok(enabled == expected, "expected result %d, got %d\n", expected, enabled);
126
127 ret = pBCryptGetFipsAlgorithmMode(NULL);
128 ok(ret == STATUS_INVALID_PARAMETER, "Expected STATUS_INVALID_PARAMETER, got 0x%x\n", ret);
129 }
130
131 static void format_hash(const UCHAR *bytes, ULONG size, char *buf)
132 {
133 ULONG i;
134 buf[0] = '\0';
135 for (i = 0; i < size; i++)
136 {
137 sprintf(buf + i * 2, "%02x", bytes[i]);
138 }
139 return;
140 }
141
142 static int strcmp_wa(const WCHAR *strw, const char *stra)
143 {
144 WCHAR buf[512];
145 MultiByteToWideChar(CP_ACP, 0, stra, -1, buf, sizeof(buf)/sizeof(buf[0]));
146 return lstrcmpW(strw, buf);
147 }
148
149 #define test_object_length(a) _test_object_length(__LINE__,a)
150 static void _test_object_length(unsigned line, void *handle)
151 {
152 NTSTATUS status;
153 ULONG len, size;
154
155 len = size = 0xdeadbeef;
156 status = pBCryptGetProperty(NULL, BCRYPT_OBJECT_LENGTH, (UCHAR *)&len, sizeof(len), &size, 0);
157 ok_(__FILE__,line)(status == STATUS_INVALID_HANDLE, "BCryptGetProperty failed: %08x\n", status);
158
159 len = size = 0xdeadbeef;
160 status = pBCryptGetProperty(handle, NULL, (UCHAR *)&len, sizeof(len), &size, 0);
161 ok_(__FILE__,line)(status == STATUS_INVALID_PARAMETER, "BCryptGetProperty failed: %08x\n", status);
162
163 len = size = 0xdeadbeef;
164 status = pBCryptGetProperty(handle, BCRYPT_OBJECT_LENGTH, (UCHAR *)&len, sizeof(len), NULL, 0);
165 ok_(__FILE__,line)(status == STATUS_INVALID_PARAMETER, "BCryptGetProperty failed: %08x\n", status);
166
167 len = size = 0xdeadbeef;
168 status = pBCryptGetProperty(handle, BCRYPT_OBJECT_LENGTH, NULL, sizeof(len), &size, 0);
169 ok_(__FILE__,line)(status == STATUS_SUCCESS, "BCryptGetProperty failed: %08x\n", status);
170 ok_(__FILE__,line)(size == sizeof(len), "got %u\n", size);
171
172 len = size = 0xdeadbeef;
173 status = pBCryptGetProperty(handle, BCRYPT_OBJECT_LENGTH, (UCHAR *)&len, 0, &size, 0);
174 ok_(__FILE__,line)(status == STATUS_BUFFER_TOO_SMALL, "BCryptGetProperty failed: %08x\n", status);
175 ok_(__FILE__,line)(len == 0xdeadbeef, "got %u\n", len);
176 ok_(__FILE__,line)(size == sizeof(len), "got %u\n", size);
177
178 len = size = 0xdeadbeef;
179 status = pBCryptGetProperty(handle, BCRYPT_OBJECT_LENGTH, (UCHAR *)&len, sizeof(len), &size, 0);
180 ok_(__FILE__,line)(status == STATUS_SUCCESS, "BCryptGetProperty failed: %08x\n", status);
181 ok_(__FILE__,line)(len != 0xdeadbeef, "len not set\n");
182 ok_(__FILE__,line)(size == sizeof(len), "got %u\n", size);
183 }
184
185 #define test_hash_length(a,b) _test_hash_length(__LINE__,a,b)
186 static void _test_hash_length(unsigned line, void *handle, ULONG exlen)
187 {
188 ULONG len = 0xdeadbeef, size = 0xdeadbeef;
189 NTSTATUS status;
190
191 status = pBCryptGetProperty(handle, BCRYPT_HASH_LENGTH, (UCHAR *)&len, sizeof(len), &size, 0);
192 ok_(__FILE__,line)(status == STATUS_SUCCESS, "BCryptGetProperty failed: %08x\n", status);
193 ok_(__FILE__,line)(size == sizeof(len), "got %u\n", size);
194 ok_(__FILE__,line)(len == exlen, "len = %u, expected %u\n", len, exlen);
195 }
196
197 #define test_alg_name(a,b) _test_alg_name(__LINE__,a,b)
198 static void _test_alg_name(unsigned line, void *handle, const char *exname)
199 {
200 ULONG size = 0xdeadbeef;
201 UCHAR buf[256];
202 const WCHAR *name = (const WCHAR*)buf;
203 NTSTATUS status;
204
205 status = pBCryptGetProperty(handle, BCRYPT_ALGORITHM_NAME, buf, sizeof(buf), &size, 0);
206 ok_(__FILE__,line)(status == STATUS_SUCCESS, "BCryptGetProperty failed: %08x\n", status);
207 ok_(__FILE__,line)(size == (strlen(exname)+1)*sizeof(WCHAR), "got %u\n", size);
208 ok_(__FILE__,line)(!strcmp_wa(name, exname), "alg name = %s, expected %s\n", wine_dbgstr_w(name), exname);
209 }
210
211 struct hash_test
212 {
213 const char *alg;
214 unsigned hash_size;
215 const char *hash;
216 const char *hmac_hash;
217 };
218
219 static void test_hash(const struct hash_test *test)
220 {
221 BCRYPT_ALG_HANDLE alg;
222 BCRYPT_HASH_HANDLE hash;
223 UCHAR buf[512], buf_hmac[1024], hash_buf[128], hmac_hash[128];
224 WCHAR alg_name[64];
225 char str[512];
226 NTSTATUS ret;
227 ULONG len;
228
229 MultiByteToWideChar(CP_ACP, 0, test->alg, -1, alg_name, sizeof(alg_name)/sizeof(WCHAR));
230
231 alg = NULL;
232 ret = pBCryptOpenAlgorithmProvider(&alg, alg_name, MS_PRIMITIVE_PROVIDER, 0);
233 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
234 ok(alg != NULL, "alg not set\n");
235
236 test_object_length(alg);
237 test_hash_length(alg, test->hash_size);
238 test_alg_name(alg, test->alg);
239
240 hash = NULL;
241 len = sizeof(buf);
242 ret = pBCryptCreateHash(alg, &hash, buf, len, NULL, 0, 0);
243 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
244 ok(hash != NULL, "hash not set\n");
245
246 ret = pBCryptHashData(hash, NULL, 0, 0);
247 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
248
249 ret = pBCryptHashData(hash, (UCHAR *)"test", sizeof("test"), 0);
250 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
251
252 test_hash_length(hash, test->hash_size);
253 test_alg_name(hash, test->alg);
254
255 memset(hash_buf, 0, sizeof(hash_buf));
256 ret = pBCryptFinishHash(hash, hash_buf, test->hash_size, 0);
257 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
258 format_hash( hash_buf, test->hash_size, str );
259 ok(!strcmp(str, test->hash), "got %s\n", str);
260
261 ret = pBCryptDestroyHash(hash);
262 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
263
264 ret = pBCryptCloseAlgorithmProvider(alg, 0);
265 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
266
267 alg = NULL;
268 ret = pBCryptOpenAlgorithmProvider(&alg, alg_name, MS_PRIMITIVE_PROVIDER, BCRYPT_ALG_HANDLE_HMAC_FLAG);
269 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
270 ok(alg != NULL, "alg not set\n");
271
272 hash = NULL;
273 len = sizeof(buf_hmac);
274 ret = pBCryptCreateHash(alg, &hash, buf_hmac, len, (UCHAR *)"key", sizeof("key"), 0);
275 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
276 ok(hash != NULL, "hash not set\n");
277
278 ret = pBCryptHashData(hash, (UCHAR *)"test", sizeof("test"), 0);
279 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
280
281 test_hash_length(hash, test->hash_size);
282 test_alg_name(hash, test->alg);
283
284 memset(hmac_hash, 0, sizeof(hmac_hash));
285 ret = pBCryptFinishHash(hash, hmac_hash, test->hash_size, 0);
286 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
287 format_hash( hmac_hash, test->hash_size, str );
288 ok(!strcmp(str, test->hmac_hash), "got %s\n", str);
289
290 ret = pBCryptDestroyHash(hash);
291 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
292
293 ret = pBCryptCloseAlgorithmProvider(alg, 0);
294 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
295 }
296
297 static void test_hashes(void)
298 {
299 static const struct hash_test tests[] = {
300 {
301 "SHA1",
302 20,
303 "961fa64958818f767707072755d7018dcd278e94",
304 "2472cf65d0e090618d769d3e46f0d9446cf212da"
305 },
306 {
307 "SHA256",
308 32,
309 "ceb73749c899693706ede1e30c9929b3fd5dd926163831c2fb8bd41e6efb1126",
310 "34c1aa473a4468a91d06e7cdbc75bc4f93b830ccfc2a47ffd74e8e6ed29e4c72"
311 },
312 {
313 "SHA384",
314 48,
315 "62b21e90c9022b101671ba1f808f8631a8149f0f12904055839a35c1ca78ae53"
316 "63eed1e743a692d70e0504b0cfd12ef9",
317 "4b3e6d6ff2da121790ab7e7b9247583e3a7eed2db5bd4dabc680303b1608f37d"
318 "fdc836d96a704c03283bc05b4f6c5eb8"
319 },
320 {
321 "SHA512",
322 64,
323 "d55ced17163bf5386f2cd9ff21d6fd7fe576a915065c24744d09cfae4ec84ee1"
324 "ef6ef11bfbc5acce3639bab725b50a1fe2c204f8c820d6d7db0df0ecbc49c5ca",
325 "415fb6b10018ca03b38a1b1399c42ac0be5e8aceddb9a73103f5e543bf2d888f"
326 "2eecf91373941f9315dd730a77937fa92444450fbece86f409d9cb5ec48c6513"
327 },
328 {
329 "MD2",
330 16,
331 "1bb33606ba908912a84221109d29cd7e",
332 "7f05b0638d77f4a27f3a9c4d353cd648"
333 },
334 {
335 "MD4",
336 16,
337 "74b5db93c0b41e36ca7074338fc0b637",
338 "bc2e8ac4d8248ed21b8d26227a30ea3a"
339 },
340 {
341 "MD5",
342 16,
343 "e2a3e68d23ce348b8f68b3079de3d4c9",
344 "7bda029b93fa8d817fcc9e13d6bdf092"
345 }
346 };
347 unsigned i;
348
349 for(i = 0; i < sizeof(tests)/sizeof(*tests); i++)
350 test_hash(tests+i);
351 }
352
353 static void test_BcryptHash(void)
354 {
355 static const char expected[] =
356 "e2a3e68d23ce348b8f68b3079de3d4c9";
357 static const char expected_hmac[] =
358 "7bda029b93fa8d817fcc9e13d6bdf092";
359 BCRYPT_ALG_HANDLE alg;
360 UCHAR md5[16], md5_hmac[16];
361 char str[65];
362 NTSTATUS ret;
363
364 alg = NULL;
365 ret = pBCryptOpenAlgorithmProvider(&alg, BCRYPT_MD5_ALGORITHM, MS_PRIMITIVE_PROVIDER, 0);
366 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
367 ok(alg != NULL, "alg not set\n");
368
369 test_hash_length(alg, 16);
370 test_alg_name(alg, "MD5");
371
372 memset(md5, 0, sizeof(md5));
373 ret = pBCryptHash(alg, NULL, 0, (UCHAR *)"test", sizeof("test"), md5, sizeof(md5));
374 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
375 format_hash( md5, sizeof(md5), str );
376 ok(!strcmp(str, expected), "got %s\n", str);
377
378 ret = pBCryptCloseAlgorithmProvider(alg, 0);
379 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
380
381 alg = NULL;
382 memset(md5_hmac, 0, sizeof(md5_hmac));
383 ret = pBCryptOpenAlgorithmProvider(&alg, BCRYPT_MD5_ALGORITHM, MS_PRIMITIVE_PROVIDER, BCRYPT_ALG_HANDLE_HMAC_FLAG);
384 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
385 ok(alg != NULL, "alg not set\n");
386
387 ret = pBCryptHash(alg, (UCHAR *)"key", sizeof("key"), (UCHAR *)"test", sizeof("test"), md5_hmac, sizeof(md5_hmac));
388 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
389 format_hash( md5_hmac, sizeof(md5_hmac), str );
390 ok(!strcmp(str, expected_hmac), "got %s\n", str);
391
392 ret = pBCryptCloseAlgorithmProvider(alg, 0);
393 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
394 }
395
396 static void test_rng(void)
397 {
398 BCRYPT_ALG_HANDLE alg;
399 ULONG size, len;
400 UCHAR buf[16];
401 NTSTATUS ret;
402
403 alg = NULL;
404 ret = pBCryptOpenAlgorithmProvider(&alg, BCRYPT_RNG_ALGORITHM, MS_PRIMITIVE_PROVIDER, 0);
405 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
406 ok(alg != NULL, "alg not set\n");
407
408 len = size = 0xdeadbeef;
409 ret = pBCryptGetProperty(alg, BCRYPT_OBJECT_LENGTH, (UCHAR *)&len, sizeof(len), &size, 0);
410 ok(ret == STATUS_NOT_SUPPORTED, "got %08x\n", ret);
411
412 len = size = 0xdeadbeef;
413 ret = pBCryptGetProperty(alg, BCRYPT_HASH_LENGTH, (UCHAR *)&len, sizeof(len), &size, 0);
414 ok(ret == STATUS_NOT_SUPPORTED, "got %08x\n", ret);
415
416 test_alg_name(alg, "RNG");
417
418 memset(buf, 0, 16);
419 ret = pBCryptGenRandom(alg, buf, 8, 0);
420 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
421 ok(memcmp(buf, buf + 8, 8), "got zeroes\n");
422
423 ret = pBCryptCloseAlgorithmProvider(alg, 0);
424 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
425 }
426
427 static void test_aes(void)
428 {
429 BCRYPT_KEY_LENGTHS_STRUCT key_lengths;
430 BCRYPT_ALG_HANDLE alg;
431 ULONG size, len;
432 UCHAR mode[64];
433 NTSTATUS ret;
434
435 alg = NULL;
436 ret = pBCryptOpenAlgorithmProvider(&alg, BCRYPT_AES_ALGORITHM, MS_PRIMITIVE_PROVIDER, 0);
437 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
438 ok(alg != NULL, "alg not set\n");
439
440 len = size = 0;
441 ret = pBCryptGetProperty(alg, BCRYPT_OBJECT_LENGTH, (UCHAR *)&len, sizeof(len), &size, 0);
442 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
443 ok(len, "expected non-zero len\n");
444 ok(size == sizeof(len), "got %u\n", size);
445
446 len = size = 0;
447 ret = pBCryptGetProperty(alg, BCRYPT_BLOCK_LENGTH, (UCHAR *)&len, sizeof(len), &size, 0);
448 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
449 ok(len == 16, "got %u\n", len);
450 ok(size == sizeof(len), "got %u\n", size);
451
452 size = 0;
453 ret = pBCryptGetProperty(alg, BCRYPT_CHAINING_MODE, mode, 0, &size, 0);
454 ok(ret == STATUS_BUFFER_TOO_SMALL, "got %08x\n", ret);
455 ok(size == 64, "got %u\n", size);
456
457 size = 0;
458 ret = pBCryptGetProperty(alg, BCRYPT_CHAINING_MODE, mode, sizeof(mode) - 1, &size, 0);
459 ok(ret == STATUS_BUFFER_TOO_SMALL, "got %08x\n", ret);
460 ok(size == 64, "got %u\n", size);
461
462 size = 0;
463 memset(mode, 0, sizeof(mode));
464 ret = pBCryptGetProperty(alg, BCRYPT_CHAINING_MODE, mode, sizeof(mode), &size, 0);
465 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
466 ok(!lstrcmpW((const WCHAR *)mode, BCRYPT_CHAIN_MODE_CBC), "got %s\n", wine_dbgstr_w((const WCHAR *)mode));
467 ok(size == 64, "got %u\n", size);
468
469 size = 0;
470 memset(&key_lengths, 0, sizeof(key_lengths));
471 ret = BCryptGetProperty(alg, BCRYPT_KEY_LENGTHS, (UCHAR*)&key_lengths, sizeof(key_lengths), &size, 0);
472 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
473 ok(size == sizeof(key_lengths), "got %u\n", size);
474 ok(key_lengths.dwMinLength == 128, "Expected 128, got %d\n", key_lengths.dwMinLength);
475 ok(key_lengths.dwMaxLength == 256, "Expected 256, got %d\n", key_lengths.dwMaxLength);
476 ok(key_lengths.dwIncrement == 64, "Expected 64, got %d\n", key_lengths.dwIncrement);
477
478 memcpy(mode, BCRYPT_CHAIN_MODE_GCM, sizeof(BCRYPT_CHAIN_MODE_GCM));
479 ret = pBCryptSetProperty(alg, BCRYPT_CHAINING_MODE, mode, sizeof(mode), 0);
480 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
481
482 size = 0;
483 memset(mode, 0, sizeof(mode));
484 ret = pBCryptGetProperty(alg, BCRYPT_CHAINING_MODE, mode, sizeof(mode), &size, 0);
485 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
486 ok(!lstrcmpW((const WCHAR *)mode, BCRYPT_CHAIN_MODE_GCM), "got %s\n", wine_dbgstr_w((const WCHAR *)mode));
487 ok(size == 64, "got %u\n", size);
488
489 test_alg_name(alg, "AES");
490
491 ret = pBCryptCloseAlgorithmProvider(alg, 0);
492 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
493 }
494
495 static void test_BCryptGenerateSymmetricKey(void)
496 {
497 static UCHAR secret[] =
498 {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f};
499 static UCHAR iv[] =
500 {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f};
501 static UCHAR data[] =
502 {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f};
503 static UCHAR expected[] =
504 {0xc6,0xa1,0x3b,0x37,0x87,0x8f,0x5b,0x82,0x6f,0x4f,0x81,0x62,0xa1,0xc8,0xd8,0x79};
505 BCRYPT_ALG_HANDLE aes;
506 BCRYPT_KEY_HANDLE key;
507 UCHAR *buf, ciphertext[16], plaintext[16], ivbuf[16];
508 ULONG size, len, i;
509 NTSTATUS ret;
510
511 ret = pBCryptOpenAlgorithmProvider(&aes, BCRYPT_AES_ALGORITHM, NULL, 0);
512 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
513
514 len = size = 0xdeadbeef;
515 ret = pBCryptGetProperty(aes, BCRYPT_OBJECT_LENGTH, (UCHAR *)&len, sizeof(len), &size, 0);
516 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
517
518 key = NULL;
519 buf = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, len);
520 ret = pBCryptGenerateSymmetricKey(aes, &key, buf, len, secret, sizeof(secret), 0);
521 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
522 ok(key != NULL, "key not set\n");
523
524 ret = pBCryptSetProperty(aes, BCRYPT_CHAINING_MODE, (UCHAR *)BCRYPT_CHAIN_MODE_CBC,
525 sizeof(BCRYPT_CHAIN_MODE_CBC), 0);
526 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
527
528 ret = pBCryptSetProperty(key, BCRYPT_CHAINING_MODE, (UCHAR *)BCRYPT_CHAIN_MODE_CBC,
529 sizeof(BCRYPT_CHAIN_MODE_CBC), 0);
530 ok(ret == STATUS_SUCCESS || broken(ret == STATUS_NOT_SUPPORTED) /* < Win 8 */, "got %08x\n", ret);
531
532 size = 0xdeadbeef;
533 ret = pBCryptEncrypt(key, NULL, 0, NULL, NULL, 0, NULL, 0, &size, 0);
534 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
535 ok(!size, "got %u\n", size);
536
537 size = 0;
538 memcpy(ivbuf, iv, sizeof(iv));
539 ret = pBCryptEncrypt(key, data, 16, NULL, ivbuf, 16, NULL, 0, &size, 0);
540 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
541 ok(size == 16, "got %u\n", size);
542
543 size = 0;
544 memcpy(ivbuf, iv, sizeof(iv));
545 memset(ciphertext, 0, sizeof(ciphertext));
546 ret = pBCryptEncrypt(key, data, 16, NULL, ivbuf, 16, ciphertext, 16, &size, 0);
547 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
548 ok(size == 16, "got %u\n", size);
549 ok(!memcmp(ciphertext, expected, sizeof(expected)), "wrong data\n");
550 for (i = 0; i < 16; i++)
551 ok(ciphertext[i] == expected[i], "%u: %02x != %02x\n", i, ciphertext[i], expected[i]);
552
553 size = 0xdeadbeef;
554 ret = pBCryptDecrypt(key, NULL, 0, NULL, NULL, 0, NULL, 0, &size, 0);
555 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
556 ok(!size, "got %u\n", size);
557
558 size = 0;
559 memcpy(ivbuf, iv, sizeof(iv));
560 ret = pBCryptDecrypt(key, ciphertext, 16, NULL, ivbuf, 16, NULL, 0, &size, 0);
561 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
562 ok(size == 16, "got %u\n", size);
563
564 size = 0;
565 memcpy(ivbuf, iv, sizeof(iv));
566 memset(plaintext, 0, sizeof(plaintext));
567 ret = pBCryptDecrypt(key, ciphertext, 16, NULL, ivbuf, 16, plaintext, 16, &size, 0);
568 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
569 ok(size == 16, "got %u\n", size);
570 ok(!memcmp(plaintext, data, sizeof(data)), "wrong data\n");
571
572 ret = pBCryptDestroyKey(key);
573 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
574 HeapFree(GetProcessHeap(), 0, buf);
575
576 ret = pBCryptCloseAlgorithmProvider(aes, 0);
577 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
578 }
579
580 static void test_BCryptEncrypt(void)
581 {
582 static UCHAR nonce[] =
583 {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x10, 0x20, 0x30, 0x40, 0x50, 0x60};
584 static UCHAR secret[] =
585 {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f};
586 static UCHAR iv[] =
587 {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f};
588 static UCHAR data[] =
589 {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,0x10};
590 static UCHAR data2[] =
591 {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,
592 0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10};
593 static UCHAR expected[] =
594 {0xc6,0xa1,0x3b,0x37,0x87,0x8f,0x5b,0x82,0x6f,0x4f,0x81,0x62,0xa1,0xc8,0xd8,0x79};
595 static UCHAR expected2[] =
596 {0xc6,0xa1,0x3b,0x37,0x87,0x8f,0x5b,0x82,0x6f,0x4f,0x81,0x62,0xa1,0xc8,0xd8,0x79,
597 0x28,0x73,0x3d,0xef,0x84,0x8f,0xb0,0xa6,0x5d,0x1a,0x51,0xb7,0xec,0x8f,0xea,0xe9};
598 static UCHAR expected3[] =
599 {0xc6,0xa1,0x3b,0x37,0x87,0x8f,0x5b,0x82,0x6f,0x4f,0x81,0x62,0xa1,0xc8,0xd8,0x79,
600 0xb1,0xa2,0x92,0x73,0xbe,0x2c,0x42,0x07,0xa5,0xac,0xe3,0x93,0x39,0x8c,0xb6,0xfb,
601 0x87,0x5d,0xea,0xa3,0x7e,0x0f,0xde,0xfa,0xd9,0xec,0x6c,0x4e,0x3c,0x76,0x86,0xe4};
602 static UCHAR expected4[] =
603 {0xe1,0x82,0xc3,0xc0,0x24,0xfb,0x86,0x85,0xf3,0xf1,0x2b,0x7d,0x09,0xb4,0x73,0x67,
604 0x86,0x64,0xc3,0xfe,0xa3,0x07,0x61,0xf8,0x16,0xc9,0x78,0x7f,0xe7,0xb1,0xc4,0x94};
605 static UCHAR expected_tag[] =
606 {0x89,0xb3,0x92,0x00,0x39,0x20,0x09,0xb4,0x6a,0xd6,0xaf,0xca,0x4b,0x5b,0xfd,0xd0};
607 static UCHAR expected_tag2[] =
608 {0x9a,0x92,0x32,0x2c,0x61,0x2a,0xae,0xef,0x66,0x2a,0xfb,0x55,0xe9,0x48,0xdf,0xbd};
609 BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO auth_info;
610 UCHAR *buf, ciphertext[48], ivbuf[16], tag[16];
611 BCRYPT_AUTH_TAG_LENGTHS_STRUCT tag_length;
612 BCRYPT_ALG_HANDLE aes;
613 BCRYPT_KEY_HANDLE key;
614 ULONG size, len, i;
615 NTSTATUS ret;
616
617 ret = pBCryptOpenAlgorithmProvider(&aes, BCRYPT_AES_ALGORITHM, NULL, 0);
618 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
619
620 /******************
621 * AES - CBC mode *
622 ******************/
623
624 len = 0xdeadbeef;
625 size = sizeof(len);
626 ret = pBCryptGetProperty(aes, BCRYPT_OBJECT_LENGTH, (UCHAR *)&len, sizeof(len), &size, 0);
627 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
628
629 buf = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, len);
630 ret = pBCryptGenerateSymmetricKey(aes, &key, buf, len, secret, sizeof(secret), 0);
631 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
632
633 /* input size is a multiple of block size */
634 size = 0;
635 memcpy(ivbuf, iv, sizeof(iv));
636 ret = pBCryptEncrypt(key, data, 16, NULL, ivbuf, 16, NULL, 0, &size, 0);
637 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
638 ok(size == 16, "got %u\n", size);
639
640 size = 0;
641 memcpy(ivbuf, iv, sizeof(iv));
642 memset(ciphertext, 0, sizeof(ciphertext));
643 ret = pBCryptEncrypt(key, data, 16, NULL, ivbuf, 16, ciphertext, 16, &size, 0);
644 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
645 ok(size == 16, "got %u\n", size);
646 ok(!memcmp(ciphertext, expected, sizeof(expected)), "wrong data\n");
647 for (i = 0; i < 16; i++)
648 ok(ciphertext[i] == expected[i], "%u: %02x != %02x\n", i, ciphertext[i], expected[i]);
649
650 /* input size is not a multiple of block size */
651 size = 0;
652 memcpy(ivbuf, iv, sizeof(iv));
653 ret = pBCryptEncrypt(key, data, 17, NULL, ivbuf, 16, NULL, 0, &size, 0);
654 ok(ret == STATUS_INVALID_BUFFER_SIZE, "got %08x\n", ret);
655 ok(size == 17, "got %u\n", size);
656
657 /* input size is not a multiple of block size, block padding set */
658 size = 0;
659 memcpy(ivbuf, iv, sizeof(iv));
660 ret = pBCryptEncrypt(key, data, 17, NULL, ivbuf, 16, NULL, 0, &size, BCRYPT_BLOCK_PADDING);
661 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
662 ok(size == 32, "got %u\n", size);
663
664 size = 0;
665 memcpy(ivbuf, iv, sizeof(iv));
666 memset(ciphertext, 0, sizeof(ciphertext));
667 ret = pBCryptEncrypt(key, data, 17, NULL, ivbuf, 16, ciphertext, 32, &size, BCRYPT_BLOCK_PADDING);
668 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
669 ok(size == 32, "got %u\n", size);
670 ok(!memcmp(ciphertext, expected2, sizeof(expected2)), "wrong data\n");
671 for (i = 0; i < 32; i++)
672 ok(ciphertext[i] == expected2[i], "%u: %02x != %02x\n", i, ciphertext[i], expected2[i]);
673
674 /* input size is a multiple of block size, block padding set */
675 size = 0;
676 memcpy(ivbuf, iv, sizeof(iv));
677 ret = pBCryptEncrypt(key, data2, 32, NULL, ivbuf, 16, NULL, 0, &size, BCRYPT_BLOCK_PADDING);
678 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
679 ok(size == 48, "got %u\n", size);
680
681 size = 0;
682 memcpy(ivbuf, iv, sizeof(iv));
683 memset(ciphertext, 0, sizeof(ciphertext));
684 ret = pBCryptEncrypt(key, data2, 32, NULL, ivbuf, 16, ciphertext, 48, &size, BCRYPT_BLOCK_PADDING);
685 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
686 ok(size == 48, "got %u\n", size);
687 ok(!memcmp(ciphertext, expected3, sizeof(expected3)), "wrong data\n");
688 for (i = 0; i < 48; i++)
689 ok(ciphertext[i] == expected3[i], "%u: %02x != %02x\n", i, ciphertext[i], expected3[i]);
690
691 /* output size too small */
692 size = 0;
693 memcpy(ivbuf, iv, sizeof(iv));
694 memset(ciphertext, 0, sizeof(ciphertext));
695 ret = pBCryptEncrypt(key, data, 17, NULL, ivbuf, 16, ciphertext, 31, &size, BCRYPT_BLOCK_PADDING);
696 ok(ret == STATUS_BUFFER_TOO_SMALL, "got %08x\n", ret);
697 ok(size == 32, "got %u\n", size);
698
699 size = 0;
700 memcpy(ivbuf, iv, sizeof(iv));
701 memset(ciphertext, 0, sizeof(ciphertext));
702 ret = pBCryptEncrypt(key, data2, 32, NULL, ivbuf, 16, ciphertext, 32, &size, BCRYPT_BLOCK_PADDING);
703 ok(ret == STATUS_BUFFER_TOO_SMALL, "got %08x\n", ret);
704 ok(size == 48, "got %u\n", size);
705
706 ret = pBCryptDestroyKey(key);
707 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
708 HeapFree(GetProcessHeap(), 0, buf);
709
710 /******************
711 * AES - GCM mode *
712 ******************/
713
714 size = 0;
715 ret = BCryptGetProperty(aes, BCRYPT_AUTH_TAG_LENGTH, NULL, 0, &size, 0);
716 ok(ret == STATUS_NOT_SUPPORTED, "got %08x\n", ret);
717
718 ret = BCryptSetProperty(aes, BCRYPT_CHAINING_MODE, (UCHAR*)BCRYPT_CHAIN_MODE_GCM, sizeof(BCRYPT_CHAIN_MODE_GCM), 0);
719 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
720
721 size = 0;
722 ret = BCryptGetProperty(aes, BCRYPT_AUTH_TAG_LENGTH, NULL, 0, &size, 0);
723 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
724 ok(size == sizeof(tag_length), "got %u\n", size);
725
726 size = 0;
727 memset(&tag_length, 0, sizeof(tag_length));
728 ret = BCryptGetProperty(aes, BCRYPT_AUTH_TAG_LENGTH, (UCHAR*)&tag_length, sizeof(tag_length), &size, 0);
729 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
730 ok(size == sizeof(tag_length), "got %u\n", size);
731 ok(tag_length.dwMinLength == 12, "Expected 12, got %d\n", tag_length.dwMinLength);
732 ok(tag_length.dwMaxLength == 16, "Expected 16, got %d\n", tag_length.dwMaxLength);
733 ok(tag_length.dwIncrement == 1, "Expected 1, got %d\n", tag_length.dwIncrement);
734
735 len = 0xdeadbeef;
736 size = sizeof(len);
737 ret = pBCryptGetProperty(aes, BCRYPT_OBJECT_LENGTH, (UCHAR *)&len, sizeof(len), &size, 0);
738 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
739
740 buf = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, len);
741 ret = pBCryptGenerateSymmetricKey(aes, &key, buf, len, secret, sizeof(secret), 0);
742 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
743
744 memset(&auth_info, 0, sizeof(auth_info));
745 auth_info.cbSize = sizeof(auth_info);
746 auth_info.dwInfoVersion = 1;
747 auth_info.pbNonce = nonce;
748 auth_info.cbNonce = sizeof(nonce);
749 auth_info.pbTag = tag;
750 auth_info.cbTag = sizeof(tag);
751
752 /* input size is a multiple of block size */
753 size = 0;
754 memcpy(ivbuf, iv, sizeof(iv));
755 memset(ciphertext, 0xff, sizeof(ciphertext));
756 memset(tag, 0xff, sizeof(tag));
757 ret = pBCryptEncrypt(key, data2, 32, &auth_info, ivbuf, 16, ciphertext, 32, &size, 0);
758 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
759 ok(size == 32, "got %u\n", size);
760 ok(!memcmp(ciphertext, expected4, sizeof(expected4)), "wrong data\n");
761 ok(!memcmp(tag, expected_tag, sizeof(expected_tag)), "wrong tag\n");
762 for (i = 0; i < 32; i++)
763 ok(ciphertext[i] == expected4[i], "%u: %02x != %02x\n", i, ciphertext[i], expected4[i]);
764 for (i = 0; i < 16; i++)
765 ok(tag[i] == expected_tag[i], "%u: %02x != %02x\n", i, tag[i], expected_tag[i]);
766
767 /* input size is not multiple of block size */
768 size = 0;
769 memcpy(ivbuf, iv, sizeof(iv));
770 memset(ciphertext, 0xff, sizeof(ciphertext));
771 memset(tag, 0xff, sizeof(tag));
772 ret = pBCryptEncrypt(key, data2, 24, &auth_info, ivbuf, 16, ciphertext, 24, &size, 0);
773 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
774 ok(size == 24, "got %u\n", size);
775 ok(!memcmp(ciphertext, expected4, 24), "wrong data\n");
776 ok(!memcmp(tag, expected_tag2, sizeof(expected_tag2)), "wrong tag\n");
777 for (i = 0; i < 24; i++)
778 ok(ciphertext[i] == expected4[i], "%u: %02x != %02x\n", i, ciphertext[i], expected4[i]);
779 for (i = 0; i < 16; i++)
780 ok(tag[i] == expected_tag2[i], "%u: %02x != %02x\n", i, tag[i], expected_tag2[i]);
781
782 /* test with padding */
783 memcpy(ivbuf, iv, sizeof(iv));
784 memset(ciphertext, 0, sizeof(ciphertext));
785 ret = pBCryptEncrypt(key, data2, 32, &auth_info, ivbuf, 16, ciphertext, 32, &size, BCRYPT_BLOCK_PADDING);
786 todo_wine ok(ret == STATUS_BUFFER_TOO_SMALL, "got %08x\n", ret);
787
788 memcpy(ivbuf, iv, sizeof(iv));
789 memset(ciphertext, 0, sizeof(ciphertext));
790 ret = pBCryptEncrypt(key, data2, 32, &auth_info, ivbuf, 16, ciphertext, 48, &size, BCRYPT_BLOCK_PADDING);
791 ok(ret == STATUS_INVALID_PARAMETER, "got %08x\n", ret);
792
793 ret = pBCryptDestroyKey(key);
794 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
795 HeapFree(GetProcessHeap(), 0, buf);
796
797 ret = pBCryptCloseAlgorithmProvider(aes, 0);
798 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
799 }
800
801 static void test_BCryptDecrypt(void)
802 {
803 static UCHAR nonce[] =
804 {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x10, 0x20, 0x30, 0x40, 0x50, 0x60};
805 static UCHAR secret[] =
806 {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f};
807 static UCHAR iv[] =
808 {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f};
809 static UCHAR expected[] =
810 {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f};
811 static UCHAR expected2[] =
812 {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,0x10};
813 static UCHAR expected3[] =
814 {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,
815 0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10,0x10};
816 static UCHAR ciphertext[32] =
817 {0xc6,0xa1,0x3b,0x37,0x87,0x8f,0x5b,0x82,0x6f,0x4f,0x81,0x62,0xa1,0xc8,0xd8,0x79,
818 0x28,0x73,0x3d,0xef,0x84,0x8f,0xb0,0xa6,0x5d,0x1a,0x51,0xb7,0xec,0x8f,0xea,0xe9};
819 static UCHAR ciphertext2[] =
820 {0xc6,0xa1,0x3b,0x37,0x87,0x8f,0x5b,0x82,0x6f,0x4f,0x81,0x62,0xa1,0xc8,0xd8,0x79,
821 0x28,0x73,0x3d,0xef,0x84,0x8f,0xb0,0xa6,0x5d,0x1a,0x51,0xb7,0xec,0x8f,0xea,0xe9};
822 static UCHAR ciphertext3[] =
823 {0xc6,0xa1,0x3b,0x37,0x87,0x8f,0x5b,0x82,0x6f,0x4f,0x81,0x62,0xa1,0xc8,0xd8,0x79,
824 0xb1,0xa2,0x92,0x73,0xbe,0x2c,0x42,0x07,0xa5,0xac,0xe3,0x93,0x39,0x8c,0xb6,0xfb,
825 0x87,0x5d,0xea,0xa3,0x7e,0x0f,0xde,0xfa,0xd9,0xec,0x6c,0x4e,0x3c,0x76,0x86,0xe4};
826 static UCHAR ciphertext4[] =
827 {0xe1,0x82,0xc3,0xc0,0x24,0xfb,0x86,0x85,0xf3,0xf1,0x2b,0x7d,0x09,0xb4,0x73,0x67,
828 0x86,0x64,0xc3,0xfe,0xa3,0x07,0x61,0xf8,0x16,0xc9,0x78,0x7f,0xe7,0xb1,0xc4,0x94};
829 static UCHAR tag[] =
830 {0x89,0xb3,0x92,0x00,0x39,0x20,0x09,0xb4,0x6a,0xd6,0xaf,0xca,0x4b,0x5b,0xfd,0xd0};
831 BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO auth_info;
832 BCRYPT_KEY_LENGTHS_STRUCT key_lengths;
833 BCRYPT_ALG_HANDLE aes;
834 BCRYPT_KEY_HANDLE key;
835 UCHAR *buf, plaintext[48], ivbuf[16];
836 ULONG size, len;
837 NTSTATUS ret;
838
839 ret = pBCryptOpenAlgorithmProvider(&aes, BCRYPT_AES_ALGORITHM, NULL, 0);
840 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
841
842 size = 0;
843 memset(&key_lengths, 0, sizeof(key_lengths));
844 ret = BCryptGetProperty(aes, BCRYPT_KEY_LENGTHS, (UCHAR*)&key_lengths, sizeof(key_lengths), &size, 0);
845 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
846 ok(size == sizeof(key_lengths), "got %u\n", size);
847 ok(key_lengths.dwMinLength == 128, "Expected 128, got %d\n", key_lengths.dwMinLength);
848 ok(key_lengths.dwMaxLength == 256, "Expected 256, got %d\n", key_lengths.dwMaxLength);
849 ok(key_lengths.dwIncrement == 64, "Expected 64, got %d\n", key_lengths.dwIncrement);
850
851 /******************
852 * AES - CBC mode *
853 ******************/
854
855 len = 0xdeadbeef;
856 size = sizeof(len);
857 ret = pBCryptGetProperty(aes, BCRYPT_OBJECT_LENGTH, (UCHAR *)&len, sizeof(len), &size, 0);
858 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
859
860 buf = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, len);
861 ret = pBCryptGenerateSymmetricKey(aes, &key, buf, len, secret, sizeof(secret), 0);
862 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
863
864 /* input size is a multiple of block size */
865 size = 0;
866 memcpy(ivbuf, iv, sizeof(iv));
867 ret = pBCryptDecrypt(key, ciphertext, 32, NULL, ivbuf, 16, NULL, 0, &size, 0);
868 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
869 ok(size == 32, "got %u\n", size);
870
871 size = 0;
872 memcpy(ivbuf, iv, sizeof(iv));
873 memset(plaintext, 0, sizeof(plaintext));
874 ret = pBCryptDecrypt(key, ciphertext, 32, NULL, ivbuf, 16, plaintext, 32, &size, 0);
875 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
876 ok(size == 32, "got %u\n", size);
877 ok(!memcmp(plaintext, expected, sizeof(expected)), "wrong data\n");
878
879 /* test with padding smaller than block size */
880 size = 0;
881 memcpy(ivbuf, iv, sizeof(iv));
882 ret = pBCryptDecrypt(key, ciphertext2, 32, NULL, ivbuf, 16, NULL, 0, &size, 0);
883 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
884 ok(size == 32, "got %u\n", size);
885
886 size = 0;
887 memcpy(ivbuf, iv, sizeof(iv));
888 memset(plaintext, 0, sizeof(plaintext));
889 ret = pBCryptDecrypt(key, ciphertext2, 32, NULL, ivbuf, 16, plaintext, 17, &size, BCRYPT_BLOCK_PADDING);
890 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
891 ok(size == 17, "got %u\n", size);
892 ok(!memcmp(plaintext, expected2, sizeof(expected2)), "wrong data\n");
893
894 /* test with padding of block size */
895 size = 0;
896 memcpy(ivbuf, iv, sizeof(iv));
897 ret = pBCryptDecrypt(key, ciphertext3, 48, NULL, ivbuf, 16, NULL, 0, &size, 0);
898 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
899 ok(size == 48, "got %u\n", size);
900
901 size = 0;
902 memcpy(ivbuf, iv, sizeof(iv));
903 memset(plaintext, 0, sizeof(plaintext));
904 ret = pBCryptDecrypt(key, ciphertext3, 48, NULL, ivbuf, 16, plaintext, 32, &size, BCRYPT_BLOCK_PADDING);
905 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
906 ok(size == 32, "got %u\n", size);
907 ok(!memcmp(plaintext, expected3, sizeof(expected3)), "wrong data\n");
908
909 /* output size too small */
910 size = 0;
911 memcpy(ivbuf, iv, sizeof(iv));
912 ret = pBCryptDecrypt(key, ciphertext, 32, NULL, ivbuf, 16, plaintext, 31, &size, 0);
913 ok(ret == STATUS_BUFFER_TOO_SMALL, "got %08x\n", ret);
914 ok(size == 32, "got %u\n", size);
915
916 size = 0;
917 memcpy(ivbuf, iv, sizeof(iv));
918 ret = pBCryptDecrypt(key, ciphertext2, 32, NULL, ivbuf, 16, plaintext, 15, &size, BCRYPT_BLOCK_PADDING);
919 ok(ret == STATUS_BUFFER_TOO_SMALL, "got %08x\n", ret);
920 ok(size == 32, "got %u\n", size);
921
922 size = 0;
923 memcpy(ivbuf, iv, sizeof(iv));
924 ret = pBCryptDecrypt(key, ciphertext2, 32, NULL, ivbuf, 16, plaintext, 16, &size, BCRYPT_BLOCK_PADDING);
925 ok(ret == STATUS_BUFFER_TOO_SMALL, "got %08x\n", ret);
926 ok(size == 17, "got %u\n", size);
927
928 size = 0;
929 memcpy(ivbuf, iv, sizeof(iv));
930 ret = pBCryptDecrypt(key, ciphertext3, 48, NULL, ivbuf, 16, plaintext, 31, &size, BCRYPT_BLOCK_PADDING);
931 ok(ret == STATUS_BUFFER_TOO_SMALL, "got %08x\n", ret);
932 ok(size == 48, "got %u\n", size);
933
934 /* input size is not a multiple of block size */
935 size = 0;
936 memcpy(ivbuf, iv, sizeof(iv));
937 ret = pBCryptDecrypt(key, ciphertext, 17, NULL, ivbuf, 16, NULL, 0, &size, 0);
938 ok(ret == STATUS_INVALID_BUFFER_SIZE, "got %08x\n", ret);
939 ok(size == 17 || broken(size == 0 /* Win < 7 */), "got %u\n", size);
940
941 /* input size is not a multiple of block size, block padding set */
942 size = 0;
943 memcpy(ivbuf, iv, sizeof(iv));
944 ret = pBCryptDecrypt(key, ciphertext, 17, NULL, ivbuf, 16, NULL, 0, &size, BCRYPT_BLOCK_PADDING);
945 ok(ret == STATUS_INVALID_BUFFER_SIZE, "got %08x\n", ret);
946 ok(size == 17 || broken(size == 0 /* Win < 7 */), "got %u\n", size);
947
948 ret = pBCryptDestroyKey(key);
949 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
950 HeapFree(GetProcessHeap(), 0, buf);
951
952 /******************
953 * AES - GCM mode *
954 ******************/
955
956 ret = BCryptSetProperty(aes, BCRYPT_CHAINING_MODE, (UCHAR*)BCRYPT_CHAIN_MODE_GCM, sizeof(BCRYPT_CHAIN_MODE_GCM), 0);
957 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
958
959 buf = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, len);
960 ret = pBCryptGenerateSymmetricKey(aes, &key, buf, len, secret, sizeof(secret), 0);
961 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
962
963 memset(&auth_info, 0, sizeof(auth_info));
964 auth_info.cbSize = sizeof(auth_info);
965 auth_info.dwInfoVersion = 1;
966 auth_info.pbNonce = nonce;
967 auth_info.cbNonce = sizeof(nonce);
968 auth_info.pbTag = tag;
969 auth_info.cbTag = sizeof(tag);
970
971 /* input size is a multiple of block size */
972 size = 0;
973 memcpy(ivbuf, iv, sizeof(iv));
974 memset(plaintext, 0, sizeof(plaintext));
975 ret = pBCryptDecrypt(key, ciphertext4, 32, &auth_info, ivbuf, 16, plaintext, 32, &size, 0);
976 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
977 ok(size == 32, "got %u\n", size);
978 ok(!memcmp(plaintext, expected3, sizeof(expected3)), "wrong data\n");
979
980 /* test with wrong tag */
981 memcpy(ivbuf, iv, sizeof(iv));
982 auth_info.pbTag = iv; /* wrong tag */
983 ret = pBCryptDecrypt(key, ciphertext4, 32, &auth_info, ivbuf, 16, plaintext, 32, &size, 0);
984 ok(ret == STATUS_AUTH_TAG_MISMATCH, "got %08x\n", ret);
985 ok(size == 32, "got %u\n", size);
986
987 ret = pBCryptDestroyKey(key);
988 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
989 HeapFree(GetProcessHeap(), 0, buf);
990
991 ret = pBCryptCloseAlgorithmProvider(aes, 0);
992 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
993 }
994
995 static void test_key_import_export(void)
996 {
997 UCHAR buffer1[sizeof(BCRYPT_KEY_DATA_BLOB_HEADER) + 16];
998 UCHAR buffer2[sizeof(BCRYPT_KEY_DATA_BLOB_HEADER) + 16];
999 BCRYPT_KEY_DATA_BLOB_HEADER *key_data1 = (void*)buffer1;
1000 BCRYPT_ALG_HANDLE aes;
1001 BCRYPT_KEY_HANDLE key;
1002 NTSTATUS ret;
1003 ULONG size;
1004
1005 ret = pBCryptOpenAlgorithmProvider(&aes, BCRYPT_AES_ALGORITHM, NULL, 0);
1006 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
1007
1008 key_data1->dwMagic = BCRYPT_KEY_DATA_BLOB_MAGIC;
1009 key_data1->dwVersion = BCRYPT_KEY_DATA_BLOB_VERSION1;
1010 key_data1->cbKeyData = 16;
1011 memset(&key_data1[1], 0x11, 16);
1012
1013 ret = pBCryptImportKey(aes, NULL, BCRYPT_KEY_DATA_BLOB, &key, NULL, 0, buffer1, sizeof(buffer1), 0);
1014 ok(ret == STATUS_SUCCESS || broken(ret == STATUS_INVALID_PARAMETER) /* vista */, "got %08x\n", ret);
1015 if (ret == STATUS_INVALID_PARAMETER)
1016 {
1017 win_skip("broken BCryptImportKey\n");
1018 return;
1019 }
1020
1021 size = 0;
1022 ret = pBCryptExportKey(key, NULL, BCRYPT_KEY_DATA_BLOB, buffer2, 1, &size, 0);
1023 ok(ret == STATUS_BUFFER_TOO_SMALL, "got %08x\n", ret);
1024 ok(size == sizeof(buffer2), "Got %u\n", size);
1025
1026 size = 0;
1027 memset(buffer2, 0xff, sizeof(buffer2));
1028 ret = pBCryptExportKey(key, NULL, BCRYPT_KEY_DATA_BLOB, buffer2, sizeof(buffer2), &size, 0);
1029 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
1030 ok(size == sizeof(buffer2), "Got %u\n", size);
1031 ok(!memcmp(buffer1, buffer2, sizeof(buffer1)), "Expected exported key to match imported key\n");
1032
1033 ret = pBCryptDestroyKey(key);
1034 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
1035
1036 ret = pBCryptCloseAlgorithmProvider(aes, 0);
1037 ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
1038 }
1039
1040 START_TEST(bcrypt)
1041 {
1042 HMODULE module;
1043
1044 module = LoadLibraryA("bcrypt.dll");
1045 if (!module)
1046 {
1047 win_skip("bcrypt.dll not found\n");
1048 return;
1049 }
1050
1051 pBCryptOpenAlgorithmProvider = (void *)GetProcAddress(module, "BCryptOpenAlgorithmProvider");
1052 pBCryptCloseAlgorithmProvider = (void *)GetProcAddress(module, "BCryptCloseAlgorithmProvider");
1053 pBCryptGetFipsAlgorithmMode = (void *)GetProcAddress(module, "BCryptGetFipsAlgorithmMode");
1054 pBCryptCreateHash = (void *)GetProcAddress(module, "BCryptCreateHash");
1055 pBCryptHash = (void *)GetProcAddress(module, "BCryptHash");
1056 pBCryptHashData = (void *)GetProcAddress(module, "BCryptHashData");
1057 pBCryptDuplicateHash = (void *)GetProcAddress(module, "BCryptDuplicateHash");
1058 pBCryptFinishHash = (void *)GetProcAddress(module, "BCryptFinishHash");
1059 pBCryptDestroyHash = (void *)GetProcAddress(module, "BCryptDestroyHash");
1060 pBCryptGenRandom = (void *)GetProcAddress(module, "BCryptGenRandom");
1061 pBCryptGetProperty = (void *)GetProcAddress(module, "BCryptGetProperty");
1062 pBCryptSetProperty = (void *)GetProcAddress(module, "BCryptSetProperty");
1063 pBCryptGenerateSymmetricKey = (void *)GetProcAddress(module, "BCryptGenerateSymmetricKey");
1064 pBCryptEncrypt = (void *)GetProcAddress(module, "BCryptEncrypt");
1065 pBCryptDecrypt = (void *)GetProcAddress(module, "BCryptDecrypt");
1066 pBCryptDestroyKey = (void *)GetProcAddress(module, "BCryptDestroyKey");
1067 pBCryptImportKey = (void *)GetProcAddress(module, "BCryptImportKey");
1068 pBCryptExportKey = (void *)GetProcAddress(module, "BCryptExportKey");
1069
1070 test_BCryptGenRandom();
1071 test_BCryptGetFipsAlgorithmMode();
1072 test_hashes();
1073 test_rng();
1074 test_aes();
1075 test_BCryptGenerateSymmetricKey();
1076 test_BCryptEncrypt();
1077 test_BCryptDecrypt();
1078 test_key_import_export();
1079
1080 if (pBCryptHash) /* >= Win 10 */
1081 test_BcryptHash();
1082 else
1083 win_skip("BCryptHash is not available\n");
1084
1085 FreeLibrary(module);
1086 }
Windows API implementation