dlls/crypt32/tests/ctl.c

   1 /*
   2  * crypt32 CTL functions tests
   3  *
   4  * Copyright 2008 Juan Lang
   5  *
   6  * This library is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU Lesser General Public
   8  * License as published by the Free Software Foundation; either
   9  * version 2.1 of the License, or (at your option) any later version.
  10  *
  11  * This library is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public
  17  * License along with this library; if not, write to the Free Software
  18  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  19  */
  20
  21 #include <stdio.h>
  22 #include <stdarg.h>
  23
  24 #include <windef.h>
  25 #include <winbase.h>
  26 #include <winerror.h>
  27 #include <wincrypt.h>
  28
  29 #include "wine/test.h"
  30
  31 static const BYTE emptyCTL[] = {
  32 0x30,0x17,0x30,0x00,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,
  33 0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x02,0x06,0x00 };
  34 static const BYTE ctlWithOneEntry[] = {
  35 0x30,0x2a,0x30,0x00,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,
  36 0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x02,0x06,0x00,0x30,0x11,0x30,0x0f,0x04,
  37 0x01,0x01,0x31,0x0a,0x30,0x08,0x06,0x02,0x2a,0x03,0x31,0x02,0x30,0x00 };
  38 static const BYTE signedCTL[] = {
  39 0x30,0x81,0xc7,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x02,0xa0,
  40 0x81,0xb9,0x30,0x81,0xb6,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,0x08,0x2a,
  41 0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x28,0x06,0x09,0x2a,0x86,
  42 0x48,0x86,0xf7,0x0d,0x01,0x07,0x01,0xa0,0x1b,0x04,0x19,0x30,0x17,0x30,0x00,
  43 0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,
  44 0x30,0x5a,0x30,0x02,0x06,0x00,0x31,0x77,0x30,0x75,0x02,0x01,0x01,0x30,0x1a,
  45 0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,
  46 0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x02,0x01,0x01,0x30,0x0c,0x06,0x08,
  47 0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x04,0x06,0x00,0x05,
  48 0x00,0x04,0x40,0xca,0xd8,0x32,0xd1,0xbd,0x97,0x61,0x54,0xd6,0x80,0xcf,0x0d,
  49 0xbd,0xa2,0x42,0xc7,0xca,0x37,0x91,0x7d,0x9d,0xac,0x8c,0xdf,0x05,0x8a,0x39,
  50 0xc6,0x07,0xc1,0x37,0xe6,0xb9,0xd1,0x0d,0x26,0xec,0xa5,0xb0,0x8a,0x51,0x26,
  51 0x2b,0x4f,0x73,0x44,0x86,0x83,0x5e,0x2b,0x6e,0xcc,0xf8,0x1b,0x85,0x53,0xe9,
  52 0x7a,0x80,0x8f,0x6b,0x42,0x19,0x93 };
  53 static const BYTE signedCTLWithSubjectAlgorithm[] = {
  54 0x30,0x81,0xd1,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x02,0xa0,
  55 0x81,0xc3,0x30,0x81,0xc0,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,0x08,0x2a,
  56 0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x32,0x06,0x09,0x2a,0x86,
  57 0x48,0x86,0xf7,0x0d,0x01,0x07,0x01,0xa0,0x25,0x04,0x23,0x30,0x21,0x30,0x00,
  58 0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,
  59 0x30,0x5a,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,
  60 0x00,0x31,0x77,0x30,0x75,0x02,0x01,0x01,0x30,0x1a,0x30,0x15,0x31,0x13,0x30,
  61 0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,
  62 0x6e,0x67,0x00,0x02,0x01,0x01,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,
  63 0x0d,0x02,0x05,0x05,0x00,0x30,0x04,0x06,0x00,0x05,0x00,0x04,0x40,0xca,0x7a,
  64 0xfa,0xbf,0x44,0x36,0xfd,0xb2,0x84,0x70,0x0f,0xf5,0x66,0xcb,0x68,0xdb,0x45,
  65 0x74,0xa1,0xed,0xe3,0x30,0x4a,0x11,0xd2,0x7b,0xf5,0xa9,0x68,0x8d,0x36,0xe8,
  66 0x79,0xff,0xa2,0xf2,0x4c,0x8a,0xa9,0x65,0x03,0xf8,0x77,0xa5,0x01,0xd3,0x46,
  67 0x8a,0xcc,0x93,0x36,0x30,0xe1,0xa4,0x47,0x70,0x3d,0xb3,0x97,0xfc,0x6d,0x24,
  68 0xe9,0xf9 };
  69 static const BYTE signedCTLWithCTLInnerContent[] = {
  70 0x30,0x82,0x01,0x0f,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x02,
  71 0xa0,0x82,0x01,0x00,0x30,0x81,0xfd,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,
  72 0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x30,0x06,0x09,
  73 0x2b,0x06,0x01,0x04,0x01,0x82,0x37,0x0a,0x01,0xa0,0x23,0x30,0x21,0x30,0x00,
  74 0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,
  75 0x30,0x5a,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,
  76 0x00,0x31,0x81,0xb5,0x30,0x81,0xb2,0x02,0x01,0x01,0x30,0x1a,0x30,0x15,0x31,
  77 0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,
  78 0x4c,0x61,0x6e,0x67,0x00,0x02,0x01,0x01,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,
  79 0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0xa0,0x3b,0x30,0x18,0x06,0x09,0x2a,0x86,
  80 0x48,0x86,0xf7,0x0d,0x01,0x09,0x03,0x31,0x0b,0x06,0x09,0x2b,0x06,0x01,0x04,
  81 0x01,0x82,0x37,0x0a,0x01,0x30,0x1f,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,
  82 0x01,0x09,0x04,0x31,0x12,0x04,0x10,0x54,0x71,0xbc,0xe1,0x56,0x31,0xa2,0xf9,
  83 0x65,0x70,0x34,0xf8,0xe2,0xe9,0xb4,0xf4,0x30,0x04,0x06,0x00,0x05,0x00,0x04,
  84 0x40,0x2f,0x1b,0x9f,0x5a,0x4a,0x15,0x73,0xfa,0xb1,0x93,0x3d,0x09,0x52,0xdf,
  85 0x6b,0x98,0x4b,0x13,0x5e,0xe7,0xbf,0x65,0xf4,0x9c,0xc2,0xb1,0x77,0x09,0xb1,
  86 0x66,0x4d,0x72,0x0d,0xb1,0x1a,0x50,0x20,0xe0,0x57,0xa2,0x39,0xc7,0xcd,0x7f,
  87 0x8e,0xe7,0x5f,0x76,0x2b,0xd1,0x6a,0x82,0xb3,0x30,0x25,0x61,0xf6,0x25,0x23,
  88 0x57,0x6c,0x0b,0x47,0xb8 };
  89 static const BYTE signedCTLWithCTLInnerContentAndBadSig[] = {
  90 0x30,0x82,0x01,0x0f,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x02,
  91 0xa0,0x82,0x01,0x00,0x30,0x81,0xfd,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,
  92 0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x30,0x06,0x09,
  93 0x2b,0x06,0x01,0x04,0x01,0x82,0x37,0x0a,0x01,0xa0,0x23,0x30,0x21,0x30,0x00,
  94 0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,
  95 0x30,0x5a,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,
  96 0x00,0x31,0x81,0xb5,0x30,0x81,0xb2,0x02,0x01,0x01,0x30,0x1a,0x30,0x15,0x31,
  97 0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,
  98 0x4c,0x61,0x6e,0x67,0x00,0x02,0x01,0x01,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,
  99 0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0xa0,0x3b,0x30,0x18,0x06,0x09,0x2a,0x86,
 100 0x48,0x86,0xf7,0x0d,0x01,0x09,0x03,0x31,0x0b,0x06,0x09,0x2b,0x06,0x01,0x04,
 101 0x01,0x82,0x37,0x0a,0x01,0x30,0x1f,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,
 102 0x01,0x09,0x04,0x31,0x12,0x04,0x10,0x54,0x71,0xbc,0xe1,0x56,0x31,0xa2,0xf9,
 103 0x65,0x70,0x34,0xf8,0xe2,0xe9,0xb4,0xf4,0x30,0x04,0x06,0x00,0x05,0x00,0x04,
 104 0x40,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
 105 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
 106 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
 107 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
 108 0xff,0xff,0xff,0xff,0xff };
 109
 110 static void testCreateCTL(void)
 111 {
 112     PCCTL_CONTEXT ctl;
 113
 114     SetLastError(0xdeadbeef);
 115     ctl = CertCreateCTLContext(0, NULL, 0);
 116     ok(!ctl && GetLastError() == E_INVALIDARG,
 117      "expected E_INVALIDARG, got %08lx\n", GetLastError());
 118     SetLastError(0xdeadbeef);
 119     ctl = CertCreateCTLContext(X509_ASN_ENCODING, NULL, 0);
 120     ok(!ctl && GetLastError() == ERROR_INVALID_DATA,
 121      "expected ERROR_INVALID_DATA, got %ld (0x%08lx)\n", GetLastError(),
 122      GetLastError());
 123     /* An empty CTL can't be created.. */
 124     SetLastError(0xdeadbeef);
 125     ctl = CertCreateCTLContext(X509_ASN_ENCODING, emptyCTL, sizeof(emptyCTL));
 126     ok(!ctl && GetLastError() == ERROR_INVALID_DATA,
 127      "expected ERROR_INVALID_DATA, got %ld (0x%08lx)\n", GetLastError(),
 128      GetLastError());
 129     /* Nor can any of these "signed" CTLs whose inner content OID isn't
 130      * szOID_CTL.
 131      */
 132     SetLastError(0xdeadbeef);
 133     ctl = CertCreateCTLContext(X509_ASN_ENCODING, signedCTL, sizeof(signedCTL));
 134     ok(!ctl && GetLastError() == ERROR_INVALID_DATA,
 135      "expected ERROR_INVALID_DATA, got %ld (0x%08lx)\n",
 136      GetLastError(),
 137      GetLastError());
 138     SetLastError(0xdeadbeef);
 139     ctl = CertCreateCTLContext(X509_ASN_ENCODING, ctlWithOneEntry,
 140      sizeof(ctlWithOneEntry));
 141     ok(!ctl && GetLastError() == ERROR_INVALID_DATA,
 142      "expected ERROR_INVALID_DATA, got %ld (0x%08lx)\n", GetLastError(),
 143      GetLastError());
 144     SetLastError(0xdeadbeef);
 145     ctl = CertCreateCTLContext(X509_ASN_ENCODING,
 146      signedCTLWithSubjectAlgorithm, sizeof(signedCTLWithSubjectAlgorithm));
 147     ok(!ctl && GetLastError() == ERROR_INVALID_DATA,
 148      "expected ERROR_INVALID_DATA, got %ld (0x%08lx)\n", GetLastError(),
 149      GetLastError());
 150     /* This signed CTL with the appropriate inner content type can be decoded.
 151      */
 152     ctl = CertCreateCTLContext(X509_ASN_ENCODING,
 153      signedCTLWithCTLInnerContent, sizeof(signedCTLWithCTLInnerContent));
 154     ok(ctl != NULL, "CertCreateCTLContext failed: %08lx\n", GetLastError());
 155     if (ctl)
 156     {
 157         /* Even though the CTL was decoded with X509_ASN_ENCODING, the
 158          * message encoding type is included in the CTL's encoding type.
 159          */
 160         ok(ctl->dwMsgAndCertEncodingType ==
 161          (X509_ASN_ENCODING | PKCS_7_ASN_ENCODING),
 162          "expected X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, got %08lx\n",
 163          ctl->dwMsgAndCertEncodingType);
 164         CertFreeCTLContext(ctl);
 165     }
 166     /* This CTL with a bad signature can also be decoded, so the sig isn't
 167      * checked when loading the CTL.
 168      */
 169     ctl = CertCreateCTLContext(X509_ASN_ENCODING,
 170      signedCTLWithCTLInnerContentAndBadSig,
 171      sizeof(signedCTLWithCTLInnerContentAndBadSig));
 172     ok(ctl != NULL, "CertCreateCTLContext failed: %08lx\n", GetLastError());
 173     if (ctl)
 174         CertFreeCTLContext(ctl);
 175 }
 176
 177 static void testDupCTL(void)
 178 {
 179     PCCTL_CONTEXT context, dupContext;
 180     BOOL res;
 181
 182     context = CertDuplicateCTLContext(NULL);
 183     ok(context == NULL, "expected NULL\n");
 184     context = CertCreateCTLContext(X509_ASN_ENCODING,
 185      signedCTLWithCTLInnerContent, sizeof(signedCTLWithCTLInnerContent));
 186     dupContext = CertDuplicateCTLContext(context);
 187     ok(dupContext != NULL, "expected a context\n");
 188     ok(dupContext == context, "expected identical context addresses\n");
 189
 190     res = CertFreeCTLContext(dupContext);
 191     ok(res, "CertFreeCTLContext failed\n");
 192
 193     res = CertFreeCTLContext(context);
 194     ok(res, "CertFreeCTLContext failed\n");
 195
 196     res = CertFreeCTLContext(NULL);
 197     ok(res, "CertFreeCTLContext failed\n");
 198 }
 199
 200 static void checkHash(const BYTE *data, DWORD dataLen, ALG_ID algID,
 201  PCCTL_CONTEXT context, DWORD propID)
 202 {
 203     BYTE hash[20] = { 0 }, hashProperty[20];
 204     BOOL ret;
 205     DWORD size;
 206
 207     memset(hash, 0, sizeof(hash));
 208     memset(hashProperty, 0, sizeof(hashProperty));
 209     size = sizeof(hash);
 210     ret = CryptHashCertificate(0, algID, 0, data, dataLen, hash, &size);
 211     ok(ret, "CryptHashCertificate failed: %08lx\n", GetLastError());
 212     ret = CertGetCTLContextProperty(context, propID, hashProperty, &size);
 213     ok(ret, "CertGetCTLContextProperty failed: %08lx\n", GetLastError());
 214     if (ret)
 215         ok(!memcmp(hash, hashProperty, size),
 216          "Unexpected hash for property %ld\n", propID);
 217 }
 218
 219 static void testCTLProperties(void)
 220 {
 221     PCCTL_CONTEXT ctl;
 222     BOOL ret;
 223     DWORD propID, numProps, access, size;
 224
 225     ctl = CertCreateCTLContext(X509_ASN_ENCODING,
 226      signedCTLWithCTLInnerContent, sizeof(signedCTLWithCTLInnerContent));
 227
 228     /* No properties as yet */
 229     propID = 0;
 230     numProps = 0;
 231     do {
 232         propID = CertEnumCTLContextProperties(ctl, propID);
 233         if (propID)
 234             numProps++;
 235     } while (propID != 0);
 236     ok(numProps == 0, "Expected 0 properties, got %ld\n", numProps);
 237
 238     /* An implicit property */
 239     ret = CertGetCTLContextProperty(ctl, CERT_ACCESS_STATE_PROP_ID, NULL,
 240      &size);
 241     ok(ret, "CertGetCTLContextProperty failed: %08lx\n", GetLastError());
 242     ret = CertGetCTLContextProperty(ctl, CERT_ACCESS_STATE_PROP_ID, &access,
 243      &size);
 244     ok(ret, "CertGetCTLContextProperty failed: %08lx\n", GetLastError());
 245     if (ret)
 246         ok(!(access & CERT_ACCESS_STATE_WRITE_PERSIST_FLAG),
 247          "Didn't expect a persisted cert\n");
 248
 249     checkHash(signedCTLWithCTLInnerContent,
 250      sizeof(signedCTLWithCTLInnerContent), CALG_SHA1, ctl, CERT_HASH_PROP_ID);
 251
 252     /* Now that the hash property is set, we should get one property when
 253      * enumerating.
 254      */
 255     propID = 0;
 256     numProps = 0;
 257     do {
 258         propID = CertEnumCTLContextProperties(ctl, propID);
 259         if (propID)
 260             numProps++;
 261     } while (propID != 0);
 262     ok(numProps == 1, "Expected 1 properties, got %ld\n", numProps);
 263
 264     checkHash(signedCTLWithCTLInnerContent,
 265      sizeof(signedCTLWithCTLInnerContent), CALG_MD5, ctl,
 266      CERT_MD5_HASH_PROP_ID);
 267
 268     CertFreeCTLContext(ctl);
 269 }
 270
 271 static const BYTE signedCTLWithUsage[] = {
 272 0x30,0x82,0x01,0x0f,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x02,
 273 0xa0,0x82,0x01,0x00,0x30,0x81,0xfd,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,
 274 0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x30,0x06,0x09,
 275 0x2b,0x06,0x01,0x04,0x01,0x82,0x37,0x0a,0x01,0xa0,0x23,0x30,0x21,0x30,0x0a,
 276 0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x18,0x0f,0x31,0x36,0x30,
 277 0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x02,0x06,
 278 0x00,0x31,0x81,0xb5,0x30,0x81,0xb2,0x02,0x01,0x01,0x30,0x1a,0x30,0x15,0x31,
 279 0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,
 280 0x4c,0x61,0x6e,0x67,0x00,0x02,0x01,0x01,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,
 281 0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0xa0,0x3b,0x30,0x18,0x06,0x09,0x2a,0x86,
 282 0x48,0x86,0xf7,0x0d,0x01,0x09,0x03,0x31,0x0b,0x06,0x09,0x2b,0x06,0x01,0x04,
 283 0x01,0x82,0x37,0x0a,0x01,0x30,0x1f,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,
 284 0x01,0x09,0x04,0x31,0x12,0x04,0x10,0xc4,0x3e,0x7e,0xc8,0xf9,0x85,0xf3,0x27,
 285 0x7d,0xc0,0x38,0xb2,0x7f,0xc7,0x76,0x85,0x30,0x04,0x06,0x00,0x05,0x00,0x04,
 286 0x40,0x90,0x33,0x1b,0xb4,0x88,0x35,0xe6,0xf7,0x7f,0x93,0x05,0xc9,0x1a,0x0e,
 287 0x8f,0x21,0xc0,0xaa,0xb3,0xab,0x3e,0x4a,0xa6,0x63,0x74,0xfd,0xef,0x11,0xbd,
 288 0x67,0x3a,0x1b,0x07,0x4b,0x88,0x59,0x31,0xd5,0x08,0xf9,0x09,0x2f,0x0b,0x85,
 289 0x62,0x5a,0x67,0x3b,0x62,0x7e,0x81,0x31,0xea,0xa4,0x36,0x5f,0x9a,0x92,0xb6,
 290 0x66,0xa5,0x00,0x60,0x96 };
 291 static const BYTE signedCTLWithListID1[] = {
 292 0x30,0x82,0x01,0x07,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x02,
 293 0xa0,0x81,0xf9,0x30,0x81,0xf6,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,0x08,
 294 0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x29,0x06,0x09,0x2b,
 295 0x06,0x01,0x04,0x01,0x82,0x37,0x0a,0x01,0xa0,0x1c,0x30,0x1a,0x30,0x00,0x04,
 296 0x01,0x01,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,
 297 0x30,0x30,0x30,0x5a,0x30,0x02,0x06,0x00,0x31,0x81,0xb5,0x30,0x81,0xb2,0x02,
 298 0x01,0x01,0x30,0x1a,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,
 299 0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x02,0x01,0x01,
 300 0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0xa0,
 301 0x3b,0x30,0x18,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x09,0x03,0x31,
 302 0x0b,0x06,0x09,0x2b,0x06,0x01,0x04,0x01,0x82,0x37,0x0a,0x01,0x30,0x1f,0x06,
 303 0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x09,0x04,0x31,0x12,0x04,0x10,0xbc,
 304 0x13,0xde,0x17,0xc7,0x7c,0x67,0x5b,0xf9,0xa9,0x7c,0xb0,0xd9,0xf2,0x84,0xd5,
 305 0x30,0x04,0x06,0x00,0x05,0x00,0x04,0x40,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
 306 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
 307 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
 308 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
 309 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff };
 310 static const BYTE signedCTLWithListID2[] = {
 311 0x30,0x82,0x01,0x07,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x02,
 312 0xa0,0x81,0xf9,0x30,0x81,0xf6,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,0x08,
 313 0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x29,0x06,0x09,0x2b,
 314 0x06,0x01,0x04,0x01,0x82,0x37,0x0a,0x01,0xa0,0x1c,0x30,0x1a,0x30,0x00,0x04,
 315 0x01,0x02,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,
 316 0x30,0x30,0x30,0x5a,0x30,0x02,0x06,0x00,0x31,0x81,0xb5,0x30,0x81,0xb2,0x02,
 317 0x01,0x01,0x30,0x1a,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,
 318 0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x02,0x01,0x01,
 319 0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0xa0,
 320 0x3b,0x30,0x18,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x09,0x03,0x31,
 321 0x0b,0x06,0x09,0x2b,0x06,0x01,0x04,0x01,0x82,0x37,0x0a,0x01,0x30,0x1f,0x06,
 322 0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x09,0x04,0x31,0x12,0x04,0x10,0x60,
 323 0x6b,0x10,0xb6,0xb8,0x74,0xb8,0xf3,0x79,0xd5,0x42,0x15,0x4a,0x60,0x93,0x1f,
 324 0x30,0x04,0x06,0x00,0x05,0x00,0x04,0x40,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
 325 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
 326 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
 327 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
 328 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff };
 329
 330 static void testAddCTLToStore(void)
 331 {
 332     HCERTSTORE store;
 333     BOOL ret;
 334     DWORD numCTLs, expectedCTLs;
 335     PCCTL_CONTEXT ctl;
 336
 337     store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
 338      CERT_STORE_CREATE_NEW_FLAG, NULL);
 339     /* Add two CTLs */
 340     ret = CertAddEncodedCTLToStore(store, X509_ASN_ENCODING,
 341      signedCTLWithCTLInnerContent, sizeof(signedCTLWithCTLInnerContent),
 342      CERT_STORE_ADD_ALWAYS, NULL);
 343     ok(ret, "CertAddEncodedCTLToStore failed: %08lx\n", GetLastError());
 344     ret = CertAddEncodedCTLToStore(store, X509_ASN_ENCODING,
 345      signedCTLWithCTLInnerContentAndBadSig,
 346      sizeof(signedCTLWithCTLInnerContentAndBadSig), CERT_STORE_ADD_ALWAYS,
 347      NULL);
 348     ok(ret, "CertAddEncodedCTLToStore failed: %08lx\n", GetLastError());
 349     /* Check that two exist */
 350     numCTLs = 0;
 351     ctl = NULL;
 352     do {
 353         ctl = CertEnumCTLsInStore(store, ctl);
 354         if (ctl)
 355             numCTLs++;
 356     } while (ctl);
 357     ok(numCTLs == 2, "expected 2 CTLs, got %ld\n", numCTLs);
 358     CertCloseStore(store, 0);
 359
 360     store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
 361      CERT_STORE_CREATE_NEW_FLAG, NULL);
 362     /* Add the two CTLs again.  They're identical except for the signature.. */
 363     ret = CertAddEncodedCTLToStore(store, X509_ASN_ENCODING,
 364      signedCTLWithCTLInnerContent, sizeof(signedCTLWithCTLInnerContent),
 365      CERT_STORE_ADD_NEW, NULL);
 366     ok(ret, "CertAddEncodedCTLToStore failed: %08lx\n", GetLastError());
 367     /* so adding the second CTL fails. */
 368     SetLastError(0xdeadbeef);
 369     ret = CertAddEncodedCTLToStore(store, X509_ASN_ENCODING,
 370      signedCTLWithCTLInnerContentAndBadSig,
 371      sizeof(signedCTLWithCTLInnerContentAndBadSig), CERT_STORE_ADD_NEW,
 372      NULL);
 373     ok(!ret && GetLastError() == CRYPT_E_EXISTS,
 374      "expected CRYPT_E_EXISTS, got %d %08lx\n", ret, GetLastError());
 375     CertCloseStore(store, 0);
 376
 377     store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
 378      CERT_STORE_CREATE_NEW_FLAG, NULL);
 379     /* Add two CTLs.  These two have different usages, so they're considered
 380      * different.
 381      */
 382     ret = CertAddEncodedCTLToStore(store, X509_ASN_ENCODING,
 383      signedCTLWithCTLInnerContent, sizeof(signedCTLWithCTLInnerContent),
 384      CERT_STORE_ADD_NEW, NULL);
 385     ok(ret, "CertAddEncodedCTLToStore failed: %08lx\n", GetLastError());
 386     expectedCTLs = 1;
 387     ret = CertAddEncodedCTLToStore(store, X509_ASN_ENCODING,
 388      signedCTLWithUsage, sizeof(signedCTLWithUsage), CERT_STORE_ADD_NEW,
 389      NULL);
 390     ok(ret, "CertAddEncodedCTLToStore failed: %08lx\n", GetLastError());
 391     if (ret)
 392         expectedCTLs++;
 393     /* Check that two exist */
 394     numCTLs = 0;
 395     ctl = NULL;
 396     do {
 397         ctl = CertEnumCTLsInStore(store, ctl);
 398         if (ctl)
 399             numCTLs++;
 400     } while (ctl);
 401     ok(numCTLs == expectedCTLs, "expected %ld CTLs, got %ld\n", expectedCTLs,
 402        numCTLs);
 403     CertCloseStore(store, 0);
 404
 405     store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
 406      CERT_STORE_CREATE_NEW_FLAG, NULL);
 407     /* Add two CTLs.  Now they have the same (empty) usages and different list
 408      * IDs, so they're different.
 409      */
 410     ret = CertAddEncodedCTLToStore(store, X509_ASN_ENCODING,
 411      signedCTLWithListID1, sizeof(signedCTLWithListID1), CERT_STORE_ADD_NEW,
 412      NULL);
 413     ok(ret, "CertAddEncodedCTLToStore failed: %08lx\n", GetLastError());
 414     ret = CertAddEncodedCTLToStore(store, X509_ASN_ENCODING,
 415      signedCTLWithListID2, sizeof(signedCTLWithListID2), CERT_STORE_ADD_NEW,
 416      NULL);
 417     ok(ret, "CertAddEncodedCTLToStore failed: %08lx\n", GetLastError());
 418     /* Check that two exist */
 419     numCTLs = 0;
 420     ctl = NULL;
 421     do {
 422         ctl = CertEnumCTLsInStore(store, ctl);
 423         if (ctl)
 424             numCTLs++;
 425     } while (ctl);
 426     ok(numCTLs == 2, "expected 2 CTLs, got %ld\n", numCTLs);
 427     CertCloseStore(store, 0);
 428 }
 429
 430 START_TEST(ctl)
 431 {
 432     testCreateCTL();
 433     testDupCTL();
 434     testCTLProperties();
 435     testAddCTLToStore();
 436 }