search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
push d2761731c253bfe9a5961252b22d8cea093833f5
[wine/hacks.git] / dlls / crypt32 / tests / msg.c
blob00b4bac5a7b7564df0e33d5b58a984cc132ae39c
1 /*
2 * Unit test suite for crypt32.dll's CryptMsg functions
3 *
4 * Copyright 2007 Juan Lang
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
19 */
20
21 #include <stdio.h>
22 #include <stdarg.h>
23 #include <windef.h>
24 #include <winbase.h>
25 #include <winerror.h>
26 #define CMSG_SIGNER_ENCODE_INFO_HAS_CMS_FIELDS
27 #define CMSG_SIGNED_ENCODE_INFO_HAS_CMS_FIELDS
28 #include <wincrypt.h>
29
30 #include "wine/test.h"
31
32 static BOOL have_nt;
33 static char oid_rsa_md5[] = szOID_RSA_MD5;
34
35 static BOOL (WINAPI * pCryptAcquireContextA)
36 (HCRYPTPROV *, LPCSTR, LPCSTR, DWORD, DWORD);
37 static BOOL (WINAPI * pCryptAcquireContextW)
38 (HCRYPTPROV *, LPCWSTR, LPCWSTR, DWORD, DWORD);
39
40 static void init_function_pointers(void)
41 {
42 HMODULE hAdvapi32 = GetModuleHandleA("advapi32.dll");
43
44 #define GET_PROC(dll, func) \
45 p ## func = (void *)GetProcAddress(dll, #func); \
46 if(!p ## func) \
47 trace("GetProcAddress(%s) failed\n", #func);
48
49 GET_PROC(hAdvapi32, CryptAcquireContextA)
50 GET_PROC(hAdvapi32, CryptAcquireContextW)
51
52 #undef GET_PROC
53 }
54
55 static void test_msg_open_to_encode(void)
56 {
57 HCRYPTMSG msg;
58
59 /* Crash
60 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_ENVELOPED, NULL,
61 NULL, NULL);
62 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_HASHED, NULL, NULL,
63 NULL);
64 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED, NULL, NULL,
65 NULL);
66 */
67
68 /* Bad encodings */
69 SetLastError(0xdeadbeef);
70 msg = CryptMsgOpenToEncode(0, 0, 0, NULL, NULL, NULL);
71 ok(!msg && GetLastError() == E_INVALIDARG,
72 "Expected E_INVALIDARG, got %x\n", GetLastError());
73 SetLastError(0xdeadbeef);
74 msg = CryptMsgOpenToEncode(X509_ASN_ENCODING, 0, 0, NULL, NULL, NULL);
75 ok(!msg && GetLastError() == E_INVALIDARG,
76 "Expected E_INVALIDARG, got %x\n", GetLastError());
77
78 /* Bad message types */
79 SetLastError(0xdeadbeef);
80 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, 0, NULL, NULL, NULL);
81 ok(!msg && GetLastError() == CRYPT_E_INVALID_MSG_TYPE,
82 "Expected CRYPT_E_INVALID_MSG_TYPE, got %x\n", GetLastError());
83 SetLastError(0xdeadbeef);
84 msg = CryptMsgOpenToEncode(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, 0, 0,
85 NULL, NULL, NULL);
86 ok(!msg && GetLastError() == CRYPT_E_INVALID_MSG_TYPE,
87 "Expected CRYPT_E_INVALID_MSG_TYPE, got %x\n", GetLastError());
88 SetLastError(0xdeadbeef);
89 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0,
90 CMSG_SIGNED_AND_ENVELOPED, NULL, NULL, NULL);
91 ok(!msg && GetLastError() == CRYPT_E_INVALID_MSG_TYPE,
92 "Expected CRYPT_E_INVALID_MSG_TYPE, got %x\n", GetLastError());
93 SetLastError(0xdeadbeef);
94 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_ENCRYPTED, NULL,
95 NULL, NULL);
96 ok(!msg && GetLastError() == CRYPT_E_INVALID_MSG_TYPE,
97 "Expected CRYPT_E_INVALID_MSG_TYPE, got %x\n", GetLastError());
98 }
99
100 static void test_msg_open_to_decode(void)
101 {
102 HCRYPTMSG msg;
103 CMSG_STREAM_INFO streamInfo = { 0 };
104
105 SetLastError(0xdeadbeef);
106 msg = CryptMsgOpenToDecode(0, 0, 0, 0, NULL, NULL);
107 ok(!msg && GetLastError() == E_INVALIDARG,
108 "Expected E_INVALIDARG, got %x\n", GetLastError());
109
110 /* Bad encodings */
111 SetLastError(0xdeadbeef);
112 msg = CryptMsgOpenToDecode(X509_ASN_ENCODING, 0, 0, 0, NULL, NULL);
113 ok(!msg && GetLastError() == E_INVALIDARG,
114 "Expected E_INVALIDARG, got %x\n", GetLastError());
115 SetLastError(0xdeadbeef);
116 msg = CryptMsgOpenToDecode(X509_ASN_ENCODING, 0, CMSG_DATA, 0, NULL, NULL);
117 ok(!msg && GetLastError() == E_INVALIDARG,
118 "Expected E_INVALIDARG, got %x\n", GetLastError());
119
120 /* The message type can be explicit... */
121 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, CMSG_DATA, 0, NULL,
122 NULL);
123 ok(msg != NULL, "CryptMsgOpenToDecode failed: %x\n", GetLastError());
124 CryptMsgClose(msg);
125 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, CMSG_ENVELOPED, 0, NULL,
126 NULL);
127 ok(msg != NULL, "CryptMsgOpenToDecode failed: %x\n", GetLastError());
128 CryptMsgClose(msg);
129 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, CMSG_HASHED, 0, NULL,
130 NULL);
131 ok(msg != NULL, "CryptMsgOpenToDecode failed: %x\n", GetLastError());
132 CryptMsgClose(msg);
133 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED, 0, NULL,
134 NULL);
135 ok(msg != NULL, "CryptMsgOpenToDecode failed: %x\n", GetLastError());
136 CryptMsgClose(msg);
137 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0,
138 CMSG_SIGNED_AND_ENVELOPED, 0, NULL, NULL);
139 ok(msg != NULL, "CryptMsgOpenToDecode failed: %x\n", GetLastError());
140 CryptMsgClose(msg);
141 /* or implicit.. */
142 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL);
143 ok(msg != NULL, "CryptMsgOpenToDecode failed: %x\n", GetLastError());
144 CryptMsgClose(msg);
145 /* or even invalid. */
146 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, CMSG_ENCRYPTED, 0, NULL,
147 NULL);
148 ok(msg != NULL, "CryptMsgOpenToDecode failed: %x\n", GetLastError());
149 CryptMsgClose(msg);
150 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 1000, 0, NULL, NULL);
151 ok(msg != NULL, "CryptMsgOpenToDecode failed: %x\n", GetLastError());
152 CryptMsgClose(msg);
153
154 /* And even though the stream info parameter "must be set to NULL" for
155 * CMSG_HASHED, it's still accepted.
156 */
157 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, CMSG_HASHED, 0, NULL,
158 &streamInfo);
159 ok(msg != NULL, "CryptMsgOpenToDecode failed: %x\n", GetLastError());
160 CryptMsgClose(msg);
161 }
162
163 static void test_msg_get_param(void)
164 {
165 BOOL ret;
166 HCRYPTMSG msg;
167 DWORD size, i, value;
168 CMSG_SIGNED_ENCODE_INFO signInfo = { sizeof(signInfo), 0 };
169 CMSG_SIGNER_ENCODE_INFO signer = { sizeof(signer), 0 };
170
171 /* Crash
172 ret = CryptMsgGetParam(NULL, 0, 0, NULL, NULL);
173 ret = CryptMsgGetParam(NULL, 0, 0, NULL, &size);
174 ret = CryptMsgGetParam(msg, 0, 0, NULL, NULL);
175 */
176
177 /* Decoded messages */
178 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL);
179 ok(msg != NULL, "CryptMsgOpenToDecode failed: %x\n", GetLastError());
180 /* For decoded messages, the type is always available */
181 size = 0;
182 ret = CryptMsgGetParam(msg, CMSG_TYPE_PARAM, 0, NULL, &size);
183 ok(ret, "CryptMsgGetParam failed: %x\n", GetLastError());
184 size = sizeof(value);
185 ret = CryptMsgGetParam(msg, CMSG_TYPE_PARAM, 0, (LPBYTE)&value, &size);
186 ok(ret, "CryptMsgGetParam failed: %x\n", GetLastError());
187 /* For this (empty) message, the type isn't set */
188 ok(value == 0, "Expected type 0, got %d\n", value);
189 CryptMsgClose(msg);
190
191 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, CMSG_DATA, 0, NULL,
192 NULL);
193 ok(msg != NULL, "CryptMsgOpenToDecode failed: %x\n", GetLastError());
194 /* For explicitly typed messages, the type is known. */
195 size = sizeof(value);
196 ret = CryptMsgGetParam(msg, CMSG_TYPE_PARAM, 0, (LPBYTE)&value, &size);
197 ok(ret, "CryptMsgGetParam failed: %x\n", GetLastError());
198 ok(value == CMSG_DATA, "Expected CMSG_DATA, got %d\n", value);
199 for (i = CMSG_CONTENT_PARAM; i <= CMSG_CMS_SIGNER_INFO_PARAM; i++)
200 {
201 size = 0;
202 ret = CryptMsgGetParam(msg, i, 0, NULL, &size);
203 ok(!ret, "Parameter %d: expected failure\n", i);
204 }
205 CryptMsgClose(msg);
206
207 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, CMSG_ENVELOPED, 0, NULL,
208 NULL);
209 ok(msg != NULL, "CryptMsgOpenToDecode failed: %x\n", GetLastError());
210 size = sizeof(value);
211 ret = CryptMsgGetParam(msg, CMSG_TYPE_PARAM, 0, (LPBYTE)&value, &size);
212 ok(ret, "CryptMsgGetParam failed: %x\n", GetLastError());
213 ok(value == CMSG_ENVELOPED, "Expected CMSG_ENVELOPED, got %d\n", value);
214 for (i = CMSG_CONTENT_PARAM; i <= CMSG_CMS_SIGNER_INFO_PARAM; i++)
215 {
216 size = 0;
217 ret = CryptMsgGetParam(msg, i, 0, NULL, &size);
218 ok(!ret, "Parameter %d: expected failure\n", i);
219 }
220 CryptMsgClose(msg);
221
222 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, CMSG_HASHED, 0, NULL,
223 NULL);
224 ok(msg != NULL, "CryptMsgOpenToDecode failed: %x\n", GetLastError());
225 size = sizeof(value);
226 ret = CryptMsgGetParam(msg, CMSG_TYPE_PARAM, 0, (LPBYTE)&value, &size);
227 ok(ret, "CryptMsgGetParam failed: %x\n", GetLastError());
228 ok(value == CMSG_HASHED, "Expected CMSG_HASHED, got %d\n", value);
229 for (i = CMSG_CONTENT_PARAM; i <= CMSG_CMS_SIGNER_INFO_PARAM; i++)
230 {
231 size = 0;
232 ret = CryptMsgGetParam(msg, i, 0, NULL, &size);
233 ok(!ret, "Parameter %d: expected failure\n", i);
234 }
235 CryptMsgClose(msg);
236
237 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED, 0, NULL,
238 NULL);
239 ok(msg != NULL, "CryptMsgOpenToDecode failed: %x\n", GetLastError());
240 size = sizeof(value);
241 ret = CryptMsgGetParam(msg, CMSG_TYPE_PARAM, 0, (LPBYTE)&value, &size);
242 ok(ret, "CryptMsgGetParam failed: %x\n", GetLastError());
243 ok(value == CMSG_SIGNED, "Expected CMSG_SIGNED, got %d\n", value);
244 for (i = CMSG_CONTENT_PARAM; i <= CMSG_CMS_SIGNER_INFO_PARAM; i++)
245 {
246 size = 0;
247 ret = CryptMsgGetParam(msg, i, 0, NULL, &size);
248 ok(!ret, "Parameter %d: expected failure\n", i);
249 }
250 CryptMsgClose(msg);
251
252 /* Explicitly typed messages get their types set, even if they're invalid */
253 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, CMSG_ENCRYPTED, 0, NULL,
254 NULL);
255 ok(msg != NULL, "CryptMsgOpenToDecode failed: %x\n", GetLastError());
256 size = sizeof(value);
257 ret = CryptMsgGetParam(msg, CMSG_TYPE_PARAM, 0, (LPBYTE)&value, &size);
258 ok(ret, "CryptMsgGetParam failed: %x\n", GetLastError());
259 ok(value == CMSG_ENCRYPTED, "Expected CMSG_ENCRYPTED, got %d\n", value);
260 CryptMsgClose(msg);
261
262 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 1000, 0, NULL, NULL);
263 ok(msg != NULL, "CryptMsgOpenToDecode failed: %x\n", GetLastError());
264 size = sizeof(value);
265 ret = CryptMsgGetParam(msg, CMSG_TYPE_PARAM, 0, (LPBYTE)&value, &size);
266 ok(ret, "CryptMsgGetParam failed: %x\n", GetLastError());
267 ok(value == 1000, "Expected 1000, got %d\n", value);
268 CryptMsgClose(msg);
269 }
270
271 static void test_msg_close(void)
272 {
273 BOOL ret;
274 HCRYPTMSG msg;
275
276 /* NULL succeeds.. */
277 ret = CryptMsgClose(NULL);
278 ok(ret, "CryptMsgClose failed: %x\n", GetLastError());
279 /* but an arbitrary pointer crashes. */
280 if (0)
281 ret = CryptMsgClose((HCRYPTMSG)1);
282 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_DATA, NULL, NULL,
283 NULL);
284 ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError());
285 ret = CryptMsgClose(msg);
286 ok(ret, "CryptMsgClose failed: %x\n", GetLastError());
287 }
288
289 static void check_param(LPCSTR test, HCRYPTMSG msg, DWORD param,
290 const BYTE *expected, DWORD expectedSize)
291 {
292 DWORD size;
293 LPBYTE buf;
294 BOOL ret;
295
296 size = 0xdeadbeef;
297 ret = CryptMsgGetParam(msg, param, 0, NULL, &size);
298 ok(ret, "%s: CryptMsgGetParam failed: %08x\n", test, GetLastError());
299 buf = HeapAlloc(GetProcessHeap(), 0, size);
300 ret = CryptMsgGetParam(msg, param, 0, buf, &size);
301 ok(ret, "%s: CryptMsgGetParam failed: %08x\n", test, GetLastError());
302 ok(size == expectedSize, "%s: expected size %d, got %d\n", test,
303 expectedSize, size);
304 if (size == expectedSize && size)
305 ok(!memcmp(buf, expected, size), "%s: unexpected data\n", test);
306 HeapFree(GetProcessHeap(), 0, buf);
307 }
308
309 static void test_data_msg_open(void)
310 {
311 HCRYPTMSG msg;
312 CMSG_HASHED_ENCODE_INFO hashInfo = { 0 };
313 CMSG_STREAM_INFO streamInfo = { 0 };
314 char oid[] = "1.2.3";
315
316 /* The data message type takes no additional info */
317 SetLastError(0xdeadbeef);
318 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_DATA, &hashInfo,
319 NULL, NULL);
320 ok(!msg && GetLastError() == E_INVALIDARG,
321 "Expected E_INVALIDARG, got %x\n", GetLastError());
322 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_DATA, NULL, NULL,
323 NULL);
324 ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError());
325 CryptMsgClose(msg);
326
327 /* An empty stream info is allowed. */
328 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_DATA, NULL, NULL,
329 &streamInfo);
330 ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError());
331 CryptMsgClose(msg);
332
333 /* Passing a bogus inner OID succeeds for a non-streamed message.. */
334 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_DATA, NULL, oid,
335 NULL);
336 ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError());
337 CryptMsgClose(msg);
338 /* and still succeeds when CMSG_DETACHED_FLAG is passed.. */
339 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, CMSG_DETACHED_FLAG,
340 CMSG_DATA, NULL, oid, NULL);
341 ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError());
342 CryptMsgClose(msg);
343 /* and when a stream info is given, even though you're not supposed to be
344 * able to use anything but szOID_RSA_data when streaming is being used.
345 */
346 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, CMSG_DETACHED_FLAG,
347 CMSG_DATA, NULL, oid, &streamInfo);
348 ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError());
349 CryptMsgClose(msg);
350 }
351
352 static const BYTE msgData[] = { 1, 2, 3, 4 };
353
354 static BOOL WINAPI nop_stream_output(const void *pvArg, BYTE *pb, DWORD cb,
355 BOOL final)
356 {
357 return TRUE;
358 }
359
360 static void test_data_msg_update(void)
361 {
362 HCRYPTMSG msg;
363 BOOL ret;
364 CMSG_STREAM_INFO streamInfo = { 0 };
365
366 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_DATA, NULL, NULL,
367 NULL);
368 /* Can't update a message that wasn't opened detached with final = FALSE */
369 SetLastError(0xdeadbeef);
370 ret = CryptMsgUpdate(msg, NULL, 0, FALSE);
371 ok(!ret && GetLastError() == CRYPT_E_MSG_ERROR,
372 "Expected CRYPT_E_MSG_ERROR, got %x\n", GetLastError());
373 /* Updating it with final = TRUE succeeds */
374 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
375 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
376 /* Any subsequent update will fail, as the last was final */
377 SetLastError(0xdeadbeef);
378 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
379 ok(!ret && GetLastError() == CRYPT_E_MSG_ERROR,
380 "Expected CRYPT_E_MSG_ERROR, got %x\n", GetLastError());
381 CryptMsgClose(msg);
382
383 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_DATA, NULL, NULL,
384 NULL);
385 /* Can't update a message with no data */
386 SetLastError(0xdeadbeef);
387 ret = CryptMsgUpdate(msg, NULL, 0, TRUE);
388 /* This test returns FALSE on XP and earlier but TRUE on Vista, so can't be tested.
389 * GetLastError is either E_INVALIDARG (NT) or unset (9x/Vista), so it doesn't
390 * make sense to test this.
391 */
392
393 /* Curiously, a valid update will now fail as well, presumably because of
394 * the last (invalid, but final) update.
395 */
396 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
397 ok(!ret && GetLastError() == CRYPT_E_MSG_ERROR,
398 "Expected CRYPT_E_MSG_ERROR, got %x\n", GetLastError());
399 CryptMsgClose(msg);
400
401 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, CMSG_DETACHED_FLAG,
402 CMSG_DATA, NULL, NULL, NULL);
403 /* Doesn't appear to be able to update CMSG-DATA with non-final updates */
404 SetLastError(0xdeadbeef);
405 ret = CryptMsgUpdate(msg, NULL, 0, FALSE);
406 ok(!ret && GetLastError() == E_INVALIDARG,
407 "Expected E_INVALIDARG, got %x\n", GetLastError());
408 SetLastError(0xdeadbeef);
409 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), FALSE);
410 ok(!ret && GetLastError() == E_INVALIDARG,
411 "Expected E_INVALIDARG, got %x\n", GetLastError());
412 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
413 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
414 CryptMsgClose(msg);
415
416 /* Calling update after opening with an empty stream info (with a bogus
417 * output function) yields an error:
418 */
419 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_DATA, NULL, NULL,
420 &streamInfo);
421 SetLastError(0xdeadbeef);
422 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), FALSE);
423 ok(!ret && GetLastError() == STATUS_ACCESS_VIOLATION,
424 "Expected STATUS_ACCESS_VIOLATION, got %x\n", GetLastError());
425 CryptMsgClose(msg);
426 /* Calling update with a valid output function succeeds, even if the data
427 * exceeds the size specified in the stream info.
428 */
429 streamInfo.pfnStreamOutput = nop_stream_output;
430 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_DATA, NULL, NULL,
431 &streamInfo);
432 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), FALSE);
433 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
434 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
435 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
436 CryptMsgClose(msg);
437 }
438
439 static void test_data_msg_get_param(void)
440 {
441 HCRYPTMSG msg;
442 DWORD size;
443 BOOL ret;
444 CMSG_STREAM_INFO streamInfo = { 0, nop_stream_output, NULL };
445
446 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_DATA, NULL, NULL,
447 NULL);
448
449 /* Content and bare content are always gettable when not streaming */
450 size = 0;
451 ret = CryptMsgGetParam(msg, CMSG_CONTENT_PARAM, 0, NULL, &size);
452 ok(ret, "CryptMsgGetParam failed: %08x\n", GetLastError());
453 size = 0;
454 ret = CryptMsgGetParam(msg, CMSG_BARE_CONTENT_PARAM, 0, NULL, &size);
455 ok(ret, "CryptMsgGetParam failed: %08x\n", GetLastError());
456 /* But for this type of message, the signer and hash aren't applicable,
457 * and the type isn't available.
458 */
459 size = 0;
460 SetLastError(0xdeadbeef);
461 ret = CryptMsgGetParam(msg, CMSG_ENCODED_SIGNER, 0, NULL, &size);
462 ok(!ret && GetLastError() == CRYPT_E_INVALID_MSG_TYPE,
463 "Expected CRYPT_E_INVALID_MSG_TYPE, got %x\n", GetLastError());
464 SetLastError(0xdeadbeef);
465 ret = CryptMsgGetParam(msg, CMSG_COMPUTED_HASH_PARAM, 0, NULL, &size);
466 ok(!ret && GetLastError() == CRYPT_E_INVALID_MSG_TYPE,
467 "Expected CRYPT_E_INVALID_MSG_TYPE, got %x\n", GetLastError());
468 ret = CryptMsgGetParam(msg, CMSG_TYPE_PARAM, 0, NULL, &size);
469 ok(!ret && GetLastError() == CRYPT_E_INVALID_MSG_TYPE,
470 "Expected CRYPT_E_INVALID_MSG_TYPE, got %x\n", GetLastError());
471 CryptMsgClose(msg);
472
473 /* Can't get content or bare content when streaming */
474 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_DATA, NULL,
475 NULL, &streamInfo);
476 SetLastError(0xdeadbeef);
477 ret = CryptMsgGetParam(msg, CMSG_BARE_CONTENT_PARAM, 0, NULL, &size);
478 ok(!ret && GetLastError() == E_INVALIDARG,
479 "Expected E_INVALIDARG, got %x\n", GetLastError());
480 SetLastError(0xdeadbeef);
481 ret = CryptMsgGetParam(msg, CMSG_CONTENT_PARAM, 0, NULL, &size);
482 ok(!ret && GetLastError() == E_INVALIDARG,
483 "Expected E_INVALIDARG, got %x\n", GetLastError());
484 CryptMsgClose(msg);
485 }
486
487 static const BYTE dataEmptyBareContent[] = { 0x04,0x00 };
488 static const BYTE dataEmptyContent[] = {
489 0x30,0x0f,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x01,0xa0,0x02,
490 0x04,0x00 };
491 static const BYTE dataBareContent[] = { 0x04,0x04,0x01,0x02,0x03,0x04 };
492 static const BYTE dataContent[] = {
493 0x30,0x13,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x01,0xa0,0x06,
494 0x04,0x04,0x01,0x02,0x03,0x04 };
495
496 struct update_accum
497 {
498 DWORD cUpdates;
499 CRYPT_DATA_BLOB *updates;
500 };
501
502 static BOOL WINAPI accumulating_stream_output(const void *pvArg, BYTE *pb,
503 DWORD cb, BOOL final)
504 {
505 struct update_accum *accum = (struct update_accum *)pvArg;
506 BOOL ret = FALSE;
507
508 if (accum->cUpdates)
509 accum->updates = CryptMemRealloc(accum->updates,
510 (accum->cUpdates + 1) * sizeof(CRYPT_DATA_BLOB));
511 else
512 accum->updates = CryptMemAlloc(sizeof(CRYPT_DATA_BLOB));
513 if (accum->updates)
514 {
515 CRYPT_DATA_BLOB *blob = &accum->updates[accum->cUpdates];
516
517 blob->pbData = CryptMemAlloc(cb);
518 if (blob->pbData)
519 {
520 memcpy(blob->pbData, pb, cb);
521 blob->cbData = cb;
522 ret = TRUE;
523 }
524 accum->cUpdates++;
525 }
526 return ret;
527 }
528
529 /* The updates of a (bogus) definite-length encoded message */
530 static BYTE u1[] = { 0x30,0x0f,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,
531 0x07,0x01,0xa0,0x02,0x04,0x00 };
532 static BYTE u2[] = { 0x01,0x02,0x03,0x04 };
533 static CRYPT_DATA_BLOB b1[] = {
534 { sizeof(u1), u1 },
535 { sizeof(u2), u2 },
536 { sizeof(u2), u2 },
537 };
538 static const struct update_accum a1 = { sizeof(b1) / sizeof(b1[0]), b1 };
539 /* The updates of a definite-length encoded message */
540 static BYTE u3[] = { 0x30,0x13,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,
541 0x07,0x01,0xa0,0x06,0x04,0x04 };
542 static CRYPT_DATA_BLOB b2[] = {
543 { sizeof(u3), u3 },
544 { sizeof(u2), u2 },
545 };
546 static const struct update_accum a2 = { sizeof(b2) / sizeof(b2[0]), b2 };
547 /* The updates of an indefinite-length encoded message */
548 static BYTE u4[] = { 0x30,0x80,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,
549 0x07,0x01,0xa0,0x80,0x24,0x80 };
550 static BYTE u5[] = { 0x04,0x04 };
551 static BYTE u6[] = { 0x00,0x00,0x00,0x00,0x00,0x00 };
552 static CRYPT_DATA_BLOB b3[] = {
553 { sizeof(u4), u4 },
554 { sizeof(u5), u5 },
555 { sizeof(u2), u2 },
556 { sizeof(u5), u5 },
557 { sizeof(u2), u2 },
558 { sizeof(u6), u6 },
559 };
560 static const struct update_accum a3 = { sizeof(b3) / sizeof(b3[0]), b3 };
561
562 static void check_updates(LPCSTR header, const struct update_accum *expected,
563 const struct update_accum *got)
564 {
565 DWORD i;
566
567 ok(expected->cUpdates == got->cUpdates,
568 "%s: expected %d updates, got %d\n", header, expected->cUpdates,
569 got->cUpdates);
570 if (expected->cUpdates == got->cUpdates)
571 for (i = 0; i < min(expected->cUpdates, got->cUpdates); i++)
572 {
573 ok(expected->updates[i].cbData == got->updates[i].cbData,
574 "%s, update %d: expected %d bytes, got %d\n", header, i,
575 expected->updates[i].cbData, got->updates[i].cbData);
576 if (expected->updates[i].cbData && expected->updates[i].cbData ==
577 got->updates[i].cbData)
578 ok(!memcmp(expected->updates[i].pbData, got->updates[i].pbData,
579 got->updates[i].cbData), "%s, update %d: unexpected value\n",
580 header, i);
581 }
582 }
583
584 /* Frees the updates stored in accum */
585 static void free_updates(struct update_accum *accum)
586 {
587 DWORD i;
588
589 for (i = 0; i < accum->cUpdates; i++)
590 CryptMemFree(accum->updates[i].pbData);
591 CryptMemFree(accum->updates);
592 accum->updates = NULL;
593 accum->cUpdates = 0;
594 }
595
596 static void test_data_msg_encoding(void)
597 {
598 HCRYPTMSG msg;
599 BOOL ret;
600 static char oid[] = "1.2.3";
601 struct update_accum accum = { 0, NULL };
602 CMSG_STREAM_INFO streamInfo = { 0, accumulating_stream_output, &accum };
603
604 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_DATA, NULL, NULL,
605 NULL);
606 check_param("data empty bare content", msg, CMSG_BARE_CONTENT_PARAM,
607 dataEmptyBareContent, sizeof(dataEmptyBareContent));
608 check_param("data empty content", msg, CMSG_CONTENT_PARAM, dataEmptyContent,
609 sizeof(dataEmptyContent));
610 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
611 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
612 check_param("data bare content", msg, CMSG_BARE_CONTENT_PARAM,
613 dataBareContent, sizeof(dataBareContent));
614 check_param("data content", msg, CMSG_CONTENT_PARAM, dataContent,
615 sizeof(dataContent));
616 CryptMsgClose(msg);
617 /* Same test, but with CMSG_BARE_CONTENT_FLAG set */
618 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, CMSG_BARE_CONTENT_FLAG,
619 CMSG_DATA, NULL, NULL, NULL);
620 check_param("data empty bare content", msg, CMSG_BARE_CONTENT_PARAM,
621 dataEmptyBareContent, sizeof(dataEmptyBareContent));
622 check_param("data empty content", msg, CMSG_CONTENT_PARAM, dataEmptyContent,
623 sizeof(dataEmptyContent));
624 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
625 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
626 check_param("data bare content", msg, CMSG_BARE_CONTENT_PARAM,
627 dataBareContent, sizeof(dataBareContent));
628 check_param("data content", msg, CMSG_CONTENT_PARAM, dataContent,
629 sizeof(dataContent));
630 CryptMsgClose(msg);
631 /* The inner OID is apparently ignored */
632 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_DATA, NULL, oid,
633 NULL);
634 check_param("data bogus oid bare content", msg, CMSG_BARE_CONTENT_PARAM,
635 dataEmptyBareContent, sizeof(dataEmptyBareContent));
636 check_param("data bogus oid content", msg, CMSG_CONTENT_PARAM,
637 dataEmptyContent, sizeof(dataEmptyContent));
638 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
639 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
640 check_param("data bare content", msg, CMSG_BARE_CONTENT_PARAM,
641 dataBareContent, sizeof(dataBareContent));
642 check_param("data content", msg, CMSG_CONTENT_PARAM, dataContent,
643 sizeof(dataContent));
644 CryptMsgClose(msg);
645 /* A streaming message is DER encoded if the length is not 0xffffffff, but
646 * curiously, updates aren't validated to make sure they don't exceed the
647 * stated length. (The resulting output will of course fail to decode.)
648 */
649 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_DATA, NULL,
650 NULL, &streamInfo);
651 CryptMsgUpdate(msg, msgData, sizeof(msgData), FALSE);
652 CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
653 CryptMsgClose(msg);
654 check_updates("bogus data message with definite length", &a1, &accum);
655 free_updates(&accum);
656 /* A valid definite-length encoding: */
657 streamInfo.cbContent = sizeof(msgData);
658 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_DATA, NULL,
659 NULL, &streamInfo);
660 CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
661 CryptMsgClose(msg);
662 check_updates("data message with definite length", &a2, &accum);
663 free_updates(&accum);
664 /* An indefinite-length encoding: */
665 streamInfo.cbContent = 0xffffffff;
666 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_DATA, NULL,
667 NULL, &streamInfo);
668 CryptMsgUpdate(msg, msgData, sizeof(msgData), FALSE);
669 CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
670 CryptMsgClose(msg);
671 check_updates("data message with indefinite length", &a3, &accum);
672 free_updates(&accum);
673 }
674
675 static void test_data_msg(void)
676 {
677 test_data_msg_open();
678 test_data_msg_update();
679 test_data_msg_get_param();
680 test_data_msg_encoding();
681 }
682
683 static void test_hash_msg_open(void)
684 {
685 HCRYPTMSG msg;
686 CMSG_HASHED_ENCODE_INFO hashInfo = { 0 };
687 CMSG_STREAM_INFO streamInfo = { 0, nop_stream_output, NULL };
688
689 SetLastError(0xdeadbeef);
690 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_HASHED, &hashInfo,
691 NULL, NULL);
692 ok(!msg && GetLastError() == E_INVALIDARG,
693 "Expected E_INVALIDARG, got %x\n", GetLastError());
694 hashInfo.cbSize = sizeof(hashInfo);
695 SetLastError(0xdeadbeef);
696 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_HASHED, &hashInfo,
697 NULL, NULL);
698 ok(!msg && GetLastError() == CRYPT_E_UNKNOWN_ALGO,
699 "Expected CRYPT_E_UNKNOWN_ALGO, got %x\n", GetLastError());
700 hashInfo.HashAlgorithm.pszObjId = oid_rsa_md5;
701 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_HASHED, &hashInfo,
702 NULL, NULL);
703 ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError());
704 CryptMsgClose(msg);
705 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, CMSG_DETACHED_FLAG,
706 CMSG_HASHED, &hashInfo, NULL, NULL);
707 ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError());
708 CryptMsgClose(msg);
709 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, CMSG_DETACHED_FLAG,
710 CMSG_HASHED, &hashInfo, NULL, &streamInfo);
711 ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError());
712 CryptMsgClose(msg);
713 }
714
715 static void test_hash_msg_update(void)
716 {
717 HCRYPTMSG msg;
718 BOOL ret;
719 CMSG_HASHED_ENCODE_INFO hashInfo = { sizeof(hashInfo), 0,
720 { oid_rsa_md5, { 0, NULL } }, NULL };
721 CMSG_STREAM_INFO streamInfo = { 0, nop_stream_output, NULL };
722
723 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, CMSG_DETACHED_FLAG,
724 CMSG_HASHED, &hashInfo, NULL, NULL);
725 /* Detached hashed messages opened in non-streaming mode allow non-final
726 * updates..
727 */
728 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), FALSE);
729 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
730 /* including non-final updates with no data.. */
731 ret = CryptMsgUpdate(msg, NULL, 0, FALSE);
732 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
733 /* and final updates with no data. */
734 ret = CryptMsgUpdate(msg, NULL, 0, TRUE);
735 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
736 /* But no updates are allowed after the final update. */
737 SetLastError(0xdeadbeef);
738 ret = CryptMsgUpdate(msg, NULL, 0, FALSE);
739 ok(!ret && GetLastError() == CRYPT_E_MSG_ERROR,
740 "Expected CRYPT_E_MSG_ERROR, got %x\n", GetLastError());
741 SetLastError(0xdeadbeef);
742 ret = CryptMsgUpdate(msg, NULL, 0, TRUE);
743 ok(!ret && GetLastError() == CRYPT_E_MSG_ERROR,
744 "Expected CRYPT_E_MSG_ERROR, got %x\n", GetLastError());
745 CryptMsgClose(msg);
746 /* Non-detached messages, in contrast, don't allow non-final updates in
747 * non-streaming mode.
748 */
749 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_HASHED, &hashInfo,
750 NULL, NULL);
751 SetLastError(0xdeadbeef);
752 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), FALSE);
753 ok(!ret && GetLastError() == CRYPT_E_MSG_ERROR,
754 "Expected CRYPT_E_MSG_ERROR, got %x\n", GetLastError());
755 /* Final updates (including empty ones) are allowed. */
756 ret = CryptMsgUpdate(msg, NULL, 0, TRUE);
757 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
758 CryptMsgClose(msg);
759 /* And, of course, streaming mode allows non-final updates */
760 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_HASHED, &hashInfo,
761 NULL, &streamInfo);
762 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), FALSE);
763 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
764 CryptMsgClose(msg);
765 /* Setting pfnStreamOutput to NULL results in no error. (In what appears
766 * to be a bug, it isn't actually used - see encoding tests.)
767 */
768 streamInfo.pfnStreamOutput = NULL;
769 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_HASHED, &hashInfo,
770 NULL, &streamInfo);
771 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), FALSE);
772 ok(ret, "CryptMsgUpdate failed: %08x\n", GetLastError());
773 CryptMsgClose(msg);
774 }
775
776 static const BYTE emptyHashParam[] = {
777 0xd4,0x1d,0x8c,0xd9,0x8f,0x00,0xb2,0x04,0xe9,0x80,0x09,0x98,0xec,0xf8,0x42,
778 0x7e };
779
780 static void test_hash_msg_get_param(void)
781 {
782 HCRYPTMSG msg;
783 BOOL ret;
784 CMSG_HASHED_ENCODE_INFO hashInfo = { sizeof(hashInfo), 0,
785 { oid_rsa_md5, { 0, NULL } }, NULL };
786 DWORD size, value;
787 CMSG_STREAM_INFO streamInfo = { 0, nop_stream_output, NULL };
788 BYTE buf[16];
789
790 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_HASHED, &hashInfo,
791 NULL, NULL);
792 /* Content and bare content are always gettable for non-streamed messages */
793 size = 0;
794 ret = CryptMsgGetParam(msg, CMSG_CONTENT_PARAM, 0, NULL, &size);
795 ok(ret, "CryptMsgGetParam failed: %08x\n", GetLastError());
796 size = 0;
797 ret = CryptMsgGetParam(msg, CMSG_BARE_CONTENT_PARAM, 0, NULL, &size);
798 ok(ret, "CryptMsgGetParam failed: %08x\n", GetLastError());
799 /* For an encoded hash message, the hash data aren't available */
800 SetLastError(0xdeadbeef);
801 ret = CryptMsgGetParam(msg, CMSG_HASH_DATA_PARAM, 0, NULL, &size);
802 ok(!ret && GetLastError() == CRYPT_E_INVALID_MSG_TYPE,
803 "Expected CRYPT_E_INVALID_MSG_TYPE, got %08x\n", GetLastError());
804 /* The hash is also available. */
805 size = 0;
806 ret = CryptMsgGetParam(msg, CMSG_COMPUTED_HASH_PARAM, 0, NULL, &size);
807 ok(ret, "CryptMsgGetParam failed: %08x\n", GetLastError());
808 ok(size == sizeof(buf), "Unexpected size %d\n", size);
809 ret = CryptMsgGetParam(msg, CMSG_COMPUTED_HASH_PARAM, 0, buf, &size);
810 if (size == sizeof(buf))
811 ok(!memcmp(buf, emptyHashParam, size), "Unexpected value\n");
812 /* By getting the hash, further updates are not allowed */
813 SetLastError(0xdeadbeef);
814 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
815 ok(!ret &&
816 (GetLastError() == NTE_BAD_HASH_STATE /* NT */ ||
817 GetLastError() == NTE_BAD_ALGID /* 9x */ ||
818 GetLastError() == CRYPT_E_MSG_ERROR /* Vista */),
819 "Expected NTE_BAD_HASH_STATE or NTE_BAD_ALGID or CRYPT_E_MSG_ERROR, got 0x%x\n", GetLastError());
820
821 /* Even after a final update, the hash data aren't available */
822 SetLastError(0xdeadbeef);
823 ret = CryptMsgGetParam(msg, CMSG_HASH_DATA_PARAM, 0, NULL, &size);
824 ok(!ret && GetLastError() == CRYPT_E_INVALID_MSG_TYPE,
825 "Expected CRYPT_E_INVALID_MSG_TYPE, got %08x\n", GetLastError());
826 /* The version is also available, and should be zero for this message. */
827 size = 0;
828 ret = CryptMsgGetParam(msg, CMSG_VERSION_PARAM, 0, NULL, &size);
829 ok(ret, "CryptMsgGetParam failed: %08x\n", GetLastError());
830 size = sizeof(value);
831 ret = CryptMsgGetParam(msg, CMSG_VERSION_PARAM, 0, (LPBYTE)&value, &size);
832 ok(ret, "CryptMsgGetParam failed: %08x\n", GetLastError());
833 ok(value == 0, "Expected version 0, got %d\n", value);
834 /* As usual, the type isn't available. */
835 ret = CryptMsgGetParam(msg, CMSG_TYPE_PARAM, 0, NULL, &size);
836 ok(!ret, "Expected failure\n");
837 CryptMsgClose(msg);
838
839 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_HASHED, &hashInfo,
840 NULL, &streamInfo);
841 /* Streamed messages don't allow you to get the content or bare content. */
842 SetLastError(0xdeadbeef);
843 ret = CryptMsgGetParam(msg, CMSG_CONTENT_PARAM, 0, NULL, &size);
844 ok(!ret && GetLastError() == E_INVALIDARG,
845 "Expected E_INVALIDARG, got %x\n", GetLastError());
846 SetLastError(0xdeadbeef);
847 ret = CryptMsgGetParam(msg, CMSG_BARE_CONTENT_PARAM, 0, NULL, &size);
848 ok(!ret && GetLastError() == E_INVALIDARG,
849 "Expected E_INVALIDARG, got %x\n", GetLastError());
850 /* The hash is still available. */
851 size = 0;
852 ret = CryptMsgGetParam(msg, CMSG_COMPUTED_HASH_PARAM, 0, NULL, &size);
853 ok(ret, "CryptMsgGetParam failed: %08x\n", GetLastError());
854 ok(size == sizeof(buf), "Unexpected size %d\n", size);
855 ret = CryptMsgGetParam(msg, CMSG_COMPUTED_HASH_PARAM, 0, buf, &size);
856 ok(ret, "CryptMsgGetParam failed: %08x\n", GetLastError());
857 if (size == sizeof(buf))
858 ok(!memcmp(buf, emptyHashParam, size), "Unexpected value\n");
859 /* After updating the hash, further updates aren't allowed on streamed
860 * messages either.
861 */
862 SetLastError(0xdeadbeef);
863 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
864 ok(!ret &&
865 (GetLastError() == NTE_BAD_HASH_STATE /* NT */ ||
866 GetLastError() == NTE_BAD_ALGID /* 9x */ ||
867 GetLastError() == CRYPT_E_MSG_ERROR /* Vista */),
868 "Expected NTE_BAD_HASH_STATE or NTE_BAD_ALGID or CRYPT_E_MSG_ERROR, got 0x%x\n", GetLastError());
869
870 CryptMsgClose(msg);
871 }
872
873 static const BYTE hashEmptyBareContent[] = {
874 0x30,0x17,0x02,0x01,0x00,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,
875 0x02,0x05,0x05,0x00,0x30,0x02,0x06,0x00,0x04,0x00 };
876 static const BYTE hashEmptyContent[] = {
877 0x30,0x26,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x05,0xa0,0x19,
878 0x30,0x17,0x02,0x01,0x00,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,
879 0x02,0x05,0x05,0x00,0x30,0x02,0x06,0x00,0x04,0x00 };
880 static const BYTE hashBareContent[] = {
881 0x30,0x38,0x02,0x01,0x00,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,
882 0x02,0x05,0x05,0x00,0x30,0x13,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,
883 0x07,0x01,0xa0,0x06,0x04,0x04,0x01,0x02,0x03,0x04,0x04,0x10,0x08,0xd6,0xc0,
884 0x5a,0x21,0x51,0x2a,0x79,0xa1,0xdf,0xeb,0x9d,0x2a,0x8f,0x26,0x2f };
885 static const BYTE hashContent[] = {
886 0x30,0x47,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x05,0xa0,0x3a,
887 0x30,0x38,0x02,0x01,0x00,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,
888 0x02,0x05,0x05,0x00,0x30,0x13,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,
889 0x07,0x01,0xa0,0x06,0x04,0x04,0x01,0x02,0x03,0x04,0x04,0x10,0x08,0xd6,0xc0,
890 0x5a,0x21,0x51,0x2a,0x79,0xa1,0xdf,0xeb,0x9d,0x2a,0x8f,0x26,0x2f };
891
892 static const BYTE detachedHashNonFinalBareContent[] = {
893 0x30,0x20,0x02,0x01,0x00,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,
894 0x02,0x05,0x05,0x00,0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,
895 0x07,0x01,0x04,0x00 };
896 static const BYTE detachedHashNonFinalContent[] = {
897 0x30,0x2f,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x05,0xa0,0x22,
898 0x30,0x20,0x02,0x01,0x00,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,
899 0x02,0x05,0x05,0x00,0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,
900 0x07,0x01,0x04,0x00 };
901 static const BYTE detachedHashBareContent[] = {
902 0x30,0x30,0x02,0x01,0x00,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,
903 0x02,0x05,0x05,0x00,0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,
904 0x07,0x01,0x04,0x10,0x08,0xd6,0xc0,0x5a,0x21,0x51,0x2a,0x79,0xa1,0xdf,0xeb,
905 0x9d,0x2a,0x8f,0x26,0x2f };
906 static const BYTE detachedHashContent[] = {
907 0x30,0x3f,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x05,0xa0,0x32,
908 0x30,0x30,0x02,0x01,0x00,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,
909 0x02,0x05,0x05,0x00,0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,
910 0x07,0x01,0x04,0x10,0x08,0xd6,0xc0,0x5a,0x21,0x51,0x2a,0x79,0xa1,0xdf,0xeb,
911 0x9d,0x2a,0x8f,0x26,0x2f };
912
913 static void test_hash_msg_encoding(void)
914 {
915 HCRYPTMSG msg;
916 CMSG_HASHED_ENCODE_INFO hashInfo = { sizeof(hashInfo), 0 };
917 BOOL ret;
918 struct update_accum accum = { 0, NULL }, empty_accum = { 0, NULL };
919 CMSG_STREAM_INFO streamInfo = { 0, accumulating_stream_output, &accum };
920
921 hashInfo.HashAlgorithm.pszObjId = oid_rsa_md5;
922 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_HASHED, &hashInfo,
923 NULL, NULL);
924 check_param("hash empty bare content", msg, CMSG_BARE_CONTENT_PARAM,
925 hashEmptyBareContent, sizeof(hashEmptyBareContent));
926 check_param("hash empty content", msg, CMSG_CONTENT_PARAM,
927 hashEmptyContent, sizeof(hashEmptyContent));
928 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
929 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
930 check_param("hash bare content", msg, CMSG_BARE_CONTENT_PARAM,
931 hashBareContent, sizeof(hashBareContent));
932 check_param("hash content", msg, CMSG_CONTENT_PARAM,
933 hashContent, sizeof(hashContent));
934 CryptMsgClose(msg);
935 /* Same test, but with CMSG_BARE_CONTENT_FLAG set */
936 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, CMSG_BARE_CONTENT_FLAG,
937 CMSG_HASHED, &hashInfo, NULL, NULL);
938 check_param("hash empty bare content", msg, CMSG_BARE_CONTENT_PARAM,
939 hashEmptyBareContent, sizeof(hashEmptyBareContent));
940 check_param("hash empty content", msg, CMSG_CONTENT_PARAM,
941 hashEmptyContent, sizeof(hashEmptyContent));
942 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
943 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
944 check_param("hash bare content", msg, CMSG_BARE_CONTENT_PARAM,
945 hashBareContent, sizeof(hashBareContent));
946 check_param("hash content", msg, CMSG_CONTENT_PARAM,
947 hashContent, sizeof(hashContent));
948 CryptMsgClose(msg);
949 /* Same test, but with CMSG_DETACHED_FLAG set */
950 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, CMSG_DETACHED_FLAG,
951 CMSG_HASHED, &hashInfo, NULL, NULL);
952 check_param("detached hash empty bare content", msg,
953 CMSG_BARE_CONTENT_PARAM, hashEmptyBareContent,
954 sizeof(hashEmptyBareContent));
955 check_param("detached hash empty content", msg, CMSG_CONTENT_PARAM,
956 hashEmptyContent, sizeof(hashEmptyContent));
957 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), FALSE);
958 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
959 check_param("detached hash not final bare content", msg,
960 CMSG_BARE_CONTENT_PARAM, detachedHashNonFinalBareContent,
961 sizeof(detachedHashNonFinalBareContent));
962 check_param("detached hash not final content", msg, CMSG_CONTENT_PARAM,
963 detachedHashNonFinalContent, sizeof(detachedHashNonFinalContent));
964 ret = CryptMsgUpdate(msg, NULL, 0, TRUE);
965 ok(ret, "CryptMsgUpdate failed: %08x\n", GetLastError());
966 check_param("detached hash bare content", msg, CMSG_BARE_CONTENT_PARAM,
967 detachedHashBareContent, sizeof(detachedHashBareContent));
968 check_param("detached hash content", msg, CMSG_CONTENT_PARAM,
969 detachedHashContent, sizeof(detachedHashContent));
970 check_param("detached hash bare content", msg, CMSG_BARE_CONTENT_PARAM,
971 detachedHashBareContent, sizeof(detachedHashBareContent));
972 check_param("detached hash content", msg, CMSG_CONTENT_PARAM,
973 detachedHashContent, sizeof(detachedHashContent));
974 CryptMsgClose(msg);
975 /* In what appears to be a bug, streamed updates to hash messages don't
976 * call the output function.
977 */
978 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_HASHED, &hashInfo,
979 NULL, &streamInfo);
980 ret = CryptMsgUpdate(msg, NULL, 0, FALSE);
981 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
982 ret = CryptMsgUpdate(msg, NULL, 0, TRUE);
983 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
984 CryptMsgClose(msg);
985 check_updates("empty hash message", &empty_accum, &accum);
986 free_updates(&accum);
987
988 streamInfo.cbContent = sizeof(msgData);
989 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_HASHED, &hashInfo,
990 NULL, &streamInfo);
991 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
992 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
993 CryptMsgClose(msg);
994 check_updates("hash message", &empty_accum, &accum);
995 free_updates(&accum);
996
997 streamInfo.cbContent = sizeof(msgData);
998 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, CMSG_DETACHED_FLAG,
999 CMSG_HASHED, &hashInfo, NULL, &streamInfo);
1000 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
1001 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
1002 CryptMsgClose(msg);
1003 check_updates("detached hash message", &empty_accum, &accum);
1004 free_updates(&accum);
1005 }
1006
1007 static void test_hash_msg(void)
1008 {
1009 test_hash_msg_open();
1010 test_hash_msg_update();
1011 test_hash_msg_get_param();
1012 test_hash_msg_encoding();
1013 }
1014
1015 static const CHAR cspNameA[] = { 'W','i','n','e','C','r','y','p','t','T','e',
1016 'm','p',0 };
1017 static const WCHAR cspNameW[] = { 'W','i','n','e','C','r','y','p','t','T','e',
1018 'm','p',0 };
1019 static BYTE serialNum[] = { 1 };
1020 static BYTE encodedCommonName[] = { 0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,
1021 0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00 };
1022
1023 static void test_signed_msg_open(void)
1024 {
1025 HCRYPTMSG msg;
1026 BOOL ret;
1027 CMSG_SIGNED_ENCODE_INFO signInfo = { 0 };
1028 CMSG_SIGNER_ENCODE_INFO signer = { sizeof(signer), 0 };
1029 CERT_INFO certInfo = { 0 };
1030
1031 SetLastError(0xdeadbeef);
1032 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED, &signInfo,
1033 NULL, NULL);
1034 ok(!msg && GetLastError() == E_INVALIDARG,
1035 "Expected E_INVALIDARG, got %x\n", GetLastError());
1036 signInfo.cbSize = sizeof(signInfo);
1037 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED, &signInfo,
1038 NULL, NULL);
1039 ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError());
1040 CryptMsgClose(msg);
1041
1042 signInfo.cSigners = 1;
1043 signInfo.rgSigners = &signer;
1044 /* With signer.pCertInfo unset, attempting to open this message this
1045 * crashes.
1046 */
1047 signer.pCertInfo = &certInfo;
1048 /* The cert info must contain a serial number and an issuer. */
1049 SetLastError(0xdeadbeef);
1050 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED, &signInfo,
1051 NULL, NULL);
1052 /* NT: E_INVALIDARG, 9x: unchanged */
1053 ok(!msg && (GetLastError() == E_INVALIDARG || GetLastError() == 0xdeadbeef),
1054 "Expected E_INVALIDARG or 0xdeadbeef, got 0x%x\n", GetLastError());
1055
1056 certInfo.SerialNumber.cbData = sizeof(serialNum);
1057 certInfo.SerialNumber.pbData = serialNum;
1058 SetLastError(0xdeadbeef);
1059 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED, &signInfo,
1060 NULL, NULL);
1061 /* NT: E_INVALIDARG, 9x: unchanged */
1062 ok(!msg && (GetLastError() == E_INVALIDARG || GetLastError() == 0xdeadbeef),
1063 "Expected E_INVALIDARG or 0xdeadbeef, got 0x%x\n", GetLastError());
1064
1065 certInfo.Issuer.cbData = sizeof(encodedCommonName);
1066 certInfo.Issuer.pbData = encodedCommonName;
1067 SetLastError(0xdeadbeef);
1068 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED, &signInfo,
1069 NULL, NULL);
1070 ok(!msg && GetLastError() == E_INVALIDARG,
1071 "Expected E_INVALIDARG, got %x\n", GetLastError());
1072
1073 /* The signer's hCryptProv must be set to something. Whether it's usable
1074 * or not will be checked after the hash algorithm is checked (see next
1075 * test.)
1076 */
1077 signer.hCryptProv = 1;
1078 SetLastError(0xdeadbeef);
1079 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED, &signInfo,
1080 NULL, NULL);
1081 ok(!msg && GetLastError() == CRYPT_E_UNKNOWN_ALGO,
1082 "Expected CRYPT_E_UNKNOWN_ALGO, got %x\n", GetLastError());
1083 /* The signer's hash algorithm must also be set. */
1084 signer.HashAlgorithm.pszObjId = oid_rsa_md5;
1085 SetLastError(0xdeadbeef);
1086 /* Crashes in advapi32 in wine, don't do it */
1087 if (0) {
1088 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED,
1089 &signInfo, NULL, NULL);
1090 ok(!msg && GetLastError() == ERROR_INVALID_PARAMETER,
1091 "Expected ERROR_INVALID_PARAMETER, got %x\n", GetLastError());
1092 }
1093 /* The signer's hCryptProv must also be valid. */
1094 ret = pCryptAcquireContextA(&signer.hCryptProv, cspNameA, NULL,
1095 PROV_RSA_FULL, CRYPT_NEWKEYSET);
1096 if (!ret && GetLastError() == NTE_EXISTS) {
1097 ret = pCryptAcquireContextA(&signer.hCryptProv, cspNameA, NULL,
1098 PROV_RSA_FULL, 0);
1099 }
1100 ok(ret, "CryptAcquireContext failed: 0x%x\n", GetLastError());
1101
1102 if (ret) {
1103 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED, &signInfo,
1104 NULL, NULL);
1105 ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError());
1106 CryptMsgClose(msg);
1107 }
1108
1109 /* pCertInfo must still be set, but can be empty if the SignerId's issuer
1110 * and serial number are set.
1111 */
1112 certInfo.Issuer.cbData = 0;
1113 certInfo.SerialNumber.cbData = 0;
1114 signer.SignerId.dwIdChoice = CERT_ID_ISSUER_SERIAL_NUMBER;
1115 signer.SignerId.IssuerSerialNumber.Issuer.cbData =
1116 sizeof(encodedCommonName);
1117 signer.SignerId.IssuerSerialNumber.Issuer.pbData =
1118 (BYTE *)encodedCommonName;
1119 signer.SignerId.IssuerSerialNumber.SerialNumber.cbData =
1120 sizeof(serialNum);
1121 signer.SignerId.IssuerSerialNumber.SerialNumber.pbData = (BYTE *)serialNum;
1122 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED, &signInfo,
1123 NULL, NULL);
1124 ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError());
1125 CryptMsgClose(msg);
1126
1127 CryptReleaseContext(signer.hCryptProv, 0);
1128 pCryptAcquireContextA(&signer.hCryptProv, cspNameA, MS_DEF_PROV_A,
1129 PROV_RSA_FULL, CRYPT_DELETEKEYSET);
1130 }
1131
1132 static const BYTE privKey[] = {
1133 0x07, 0x02, 0x00, 0x00, 0x00, 0x24, 0x00, 0x00, 0x52, 0x53, 0x41, 0x32, 0x00,
1134 0x02, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x79, 0x10, 0x1c, 0xd0, 0x6b, 0x10,
1135 0x18, 0x30, 0x94, 0x61, 0xdc, 0x0e, 0xcb, 0x96, 0x4e, 0x21, 0x3f, 0x79, 0xcd,
1136 0xa9, 0x17, 0x62, 0xbc, 0xbb, 0x61, 0x4c, 0xe0, 0x75, 0x38, 0x6c, 0xf3, 0xde,
1137 0x60, 0x86, 0x03, 0x97, 0x65, 0xeb, 0x1e, 0x6b, 0xdb, 0x53, 0x85, 0xad, 0x68,
1138 0x21, 0xf1, 0x5d, 0xe7, 0x1f, 0xe6, 0x53, 0xb4, 0xbb, 0x59, 0x3e, 0x14, 0x27,
1139 0xb1, 0x83, 0xa7, 0x3a, 0x54, 0xe2, 0x8f, 0x65, 0x8e, 0x6a, 0x4a, 0xcf, 0x3b,
1140 0x1f, 0x65, 0xff, 0xfe, 0xf1, 0x31, 0x3a, 0x37, 0x7a, 0x8b, 0xcb, 0xc6, 0xd4,
1141 0x98, 0x50, 0x36, 0x67, 0xe4, 0xa1, 0xe8, 0x7e, 0x8a, 0xc5, 0x23, 0xf2, 0x77,
1142 0xf5, 0x37, 0x61, 0x49, 0x72, 0x59, 0xe8, 0x3d, 0xf7, 0x60, 0xb2, 0x77, 0xca,
1143 0x78, 0x54, 0x6d, 0x65, 0x9e, 0x03, 0x97, 0x1b, 0x61, 0xbd, 0x0c, 0xd8, 0x06,
1144 0x63, 0xe2, 0xc5, 0x48, 0xef, 0xb3, 0xe2, 0x6e, 0x98, 0x7d, 0xbd, 0x4e, 0x72,
1145 0x91, 0xdb, 0x31, 0x57, 0xe3, 0x65, 0x3a, 0x49, 0xca, 0xec, 0xd2, 0x02, 0x4e,
1146 0x22, 0x7e, 0x72, 0x8e, 0xf9, 0x79, 0x84, 0x82, 0xdf, 0x7b, 0x92, 0x2d, 0xaf,
1147 0xc9, 0xe4, 0x33, 0xef, 0x89, 0x5c, 0x66, 0x99, 0xd8, 0x80, 0x81, 0x47, 0x2b,
1148 0xb1, 0x66, 0x02, 0x84, 0x59, 0x7b, 0xc3, 0xbe, 0x98, 0x45, 0x4a, 0x3d, 0xdd,
1149 0xea, 0x2b, 0xdf, 0x4e, 0xb4, 0x24, 0x6b, 0xec, 0xe7, 0xd9, 0x0c, 0x45, 0xb8,
1150 0xbe, 0xca, 0x69, 0x37, 0x92, 0x4c, 0x38, 0x6b, 0x96, 0x6d, 0xcd, 0x86, 0x67,
1151 0x5c, 0xea, 0x54, 0x94, 0xa4, 0xca, 0xa4, 0x02, 0xa5, 0x21, 0x4d, 0xae, 0x40,
1152 0x8f, 0x9d, 0x51, 0x83, 0xf2, 0x3f, 0x33, 0xc1, 0x72, 0xb4, 0x1d, 0x94, 0x6e,
1153 0x7d, 0xe4, 0x27, 0x3f, 0xea, 0xff, 0xe5, 0x9b, 0xa7, 0x5e, 0x55, 0x8e, 0x0d,
1154 0x69, 0x1c, 0x7a, 0xff, 0x81, 0x9d, 0x53, 0x52, 0x97, 0x9a, 0x76, 0x79, 0xda,
1155 0x93, 0x32, 0x16, 0xec, 0x69, 0x51, 0x1a, 0x4e, 0xc3, 0xf1, 0x72, 0x80, 0x78,
1156 0x5e, 0x66, 0x4a, 0x8d, 0x85, 0x2f, 0x3f, 0xb2, 0xa7 };
1157 static BYTE pubKey[] = {
1158 0x30,0x48,0x02,0x41,0x00,0xe2,0x54,0x3a,0xa7,0x83,0xb1,0x27,0x14,0x3e,0x59,
1159 0xbb,0xb4,0x53,0xe6,0x1f,0xe7,0x5d,0xf1,0x21,0x68,0xad,0x85,0x53,0xdb,0x6b,
1160 0x1e,0xeb,0x65,0x97,0x03,0x86,0x60,0xde,0xf3,0x6c,0x38,0x75,0xe0,0x4c,0x61,
1161 0xbb,0xbc,0x62,0x17,0xa9,0xcd,0x79,0x3f,0x21,0x4e,0x96,0xcb,0x0e,0xdc,0x61,
1162 0x94,0x30,0x18,0x10,0x6b,0xd0,0x1c,0x10,0x79,0x02,0x03,0x01,0x00,0x01 };
1163
1164 static void test_signed_msg_update(void)
1165 {
1166 HCRYPTMSG msg;
1167 BOOL ret;
1168 CMSG_SIGNED_ENCODE_INFO signInfo = { sizeof(signInfo), 0 };
1169 CMSG_SIGNER_ENCODE_INFO signer = { sizeof(signer), 0 };
1170 CERT_INFO certInfo = { 0 };
1171 HCRYPTKEY key;
1172
1173 certInfo.SerialNumber.cbData = sizeof(serialNum);
1174 certInfo.SerialNumber.pbData = serialNum;
1175 certInfo.Issuer.cbData = sizeof(encodedCommonName);
1176 certInfo.Issuer.pbData = encodedCommonName;
1177 signer.pCertInfo = &certInfo;
1178 signer.HashAlgorithm.pszObjId = oid_rsa_md5;
1179 signInfo.cSigners = 1;
1180 signInfo.rgSigners = &signer;
1181
1182 ret = pCryptAcquireContextA(&signer.hCryptProv, cspNameA, NULL,
1183 PROV_RSA_FULL, CRYPT_NEWKEYSET);
1184 if (!ret && GetLastError() == NTE_EXISTS) {
1185 ret = pCryptAcquireContextA(&signer.hCryptProv, cspNameA, NULL,
1186 PROV_RSA_FULL, 0);
1187 }
1188 ok(ret, "CryptAcquireContext failed: 0x%x\n", GetLastError());
1189
1190 if (!ret) {
1191 skip("No context for tests\n");
1192 return;
1193 }
1194
1195 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING,
1196 CMSG_DETACHED_FLAG, CMSG_SIGNED, &signInfo, NULL, NULL);
1197 ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError());
1198 /* Detached CMSG_SIGNED allows non-final updates. */
1199 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), FALSE);
1200 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
1201 /* Detached CMSG_SIGNED also allows non-final updates with no data. */
1202 ret = CryptMsgUpdate(msg, NULL, 0, FALSE);
1203 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
1204 /* The final update requires a private key in the hCryptProv, in order to
1205 * generate the signature.
1206 */
1207 SetLastError(0xdeadbeef);
1208 ret = CryptMsgUpdate(msg, NULL, 0, TRUE);
1209 ok(!ret && (GetLastError() == NTE_BAD_KEYSET ||
1210 GetLastError() == NTE_NO_KEY),
1211 "Expected NTE_BAD_KEYSET or NTE_NO_KEY, got %x\n", GetLastError());
1212 ret = CryptImportKey(signer.hCryptProv, (LPBYTE)privKey, sizeof(privKey),
1213 0, 0, &key);
1214 ok(ret, "CryptImportKey failed: %08x\n", GetLastError());
1215 /* The final update should be able to succeed now that a key exists, but
1216 * the previous (invalid) final update prevents it.
1217 */
1218 SetLastError(0xdeadbeef);
1219 ret = CryptMsgUpdate(msg, NULL, 0, TRUE);
1220 ok(!ret && GetLastError() == CRYPT_E_MSG_ERROR,
1221 "Expected CRYPT_E_MSG_ERROR, got %x\n", GetLastError());
1222 CryptMsgClose(msg);
1223
1224 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING,
1225 CMSG_DETACHED_FLAG, CMSG_SIGNED, &signInfo, NULL, NULL);
1226 ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError());
1227 /* Detached CMSG_SIGNED allows non-final updates. */
1228 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), FALSE);
1229 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
1230 /* Detached CMSG_SIGNED also allows non-final updates with no data. */
1231 ret = CryptMsgUpdate(msg, NULL, 0, FALSE);
1232 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
1233 /* Now that the private key exists, the final update can succeed (even
1234 * with no data.)
1235 */
1236 ret = CryptMsgUpdate(msg, NULL, 0, TRUE);
1237 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
1238 /* But no updates are allowed after the final update. */
1239 SetLastError(0xdeadbeef);
1240 ret = CryptMsgUpdate(msg, NULL, 0, FALSE);
1241 ok(!ret && GetLastError() == CRYPT_E_MSG_ERROR,
1242 "Expected CRYPT_E_MSG_ERROR, got %x\n", GetLastError());
1243 SetLastError(0xdeadbeef);
1244 ret = CryptMsgUpdate(msg, NULL, 0, TRUE);
1245 ok(!ret && GetLastError() == CRYPT_E_MSG_ERROR,
1246 "Expected CRYPT_E_MSG_ERROR, got %x\n", GetLastError());
1247 CryptMsgClose(msg);
1248
1249 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED, &signInfo,
1250 NULL, NULL);
1251 ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError());
1252 /* Non-detached messages don't allow non-final updates.. */
1253 SetLastError(0xdeadbeef);
1254 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), FALSE);
1255 ok(!ret && GetLastError() == CRYPT_E_MSG_ERROR,
1256 "Expected CRYPT_E_MSG_ERROR, got %x\n", GetLastError());
1257 /* but they do allow final ones. */
1258 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
1259 ok(ret, "CryptMsgUpdate failed: %08x\n", GetLastError());
1260 CryptMsgClose(msg);
1261 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED, &signInfo,
1262 NULL, NULL);
1263 ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError());
1264 /* They also allow final updates with no data. */
1265 ret = CryptMsgUpdate(msg, NULL, 0, TRUE);
1266 ok(ret, "CryptMsgUpdate failed: %08x\n", GetLastError());
1267 CryptMsgClose(msg);
1268
1269 CryptDestroyKey(key);
1270 CryptReleaseContext(signer.hCryptProv, 0);
1271 pCryptAcquireContextA(&signer.hCryptProv, cspNameA, NULL, PROV_RSA_FULL,
1272 CRYPT_DELETEKEYSET);
1273 }
1274
1275 static const BYTE signedEmptyBareContent[] = {
1276 0x30,0x50,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,
1277 0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x02,0x06,0x00,0x31,0x37,0x30,0x35,0x02,
1278 0x01,0x01,0x30,0x1a,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,
1279 0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x02,0x01,0x01,
1280 0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,
1281 0x04,0x06,0x00,0x05,0x00,0x04,0x00 };
1282 static const BYTE signedEmptyContent[] = {
1283 0x30,0x5f,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x02,0xa0,0x52,
1284 0x30,0x50,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,
1285 0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x02,0x06,0x00,0x31,0x37,0x30,0x35,0x02,
1286 0x01,0x01,0x30,0x1a,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,
1287 0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x02,0x01,0x01,
1288 0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,
1289 0x04,0x06,0x00,0x05,0x00,0x04,0x00 };
1290 static const BYTE detachedSignedBareContent[] = {
1291 0x30,0x81,0x99,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,
1292 0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,
1293 0xf7,0x0d,0x01,0x07,0x01,0x31,0x77,0x30,0x75,0x02,0x01,0x01,0x30,0x1a,0x30,
1294 0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,
1295 0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x02,0x01,0x01,0x30,0x0c,0x06,0x08,0x2a,
1296 0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x04,0x06,0x00,0x05,0x00,
1297 0x04,0x40,0x81,0xa6,0x70,0xb3,0xef,0x59,0xd1,0x66,0xd1,0x9b,0xc0,0x9a,0xb6,
1298 0x9a,0x5e,0x6d,0x6f,0x6d,0x0d,0x59,0xa9,0xaa,0x6e,0xe9,0x2c,0xa0,0x1e,0xee,
1299 0xc2,0x60,0xbc,0x59,0xbe,0x3f,0x63,0x06,0x8d,0xc9,0x11,0x1d,0x23,0x64,0x92,
1300 0xef,0x2e,0xfc,0x57,0x29,0xa4,0xaf,0xe0,0xee,0x93,0x19,0x39,0x51,0xe4,0x44,
1301 0xb8,0x0b,0x28,0xf4,0xa8,0x0d };
1302 static const BYTE detachedSignedContent[] = {
1303 0x30,0x81,0xaa,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x02,0xa0,
1304 0x81,0x9c,0x30,0x81,0x99,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,0x08,0x2a,
1305 0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x0b,0x06,0x09,0x2a,0x86,
1306 0x48,0x86,0xf7,0x0d,0x01,0x07,0x01,0x31,0x77,0x30,0x75,0x02,0x01,0x01,0x30,
1307 0x1a,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,
1308 0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x02,0x01,0x01,0x30,0x0c,0x06,
1309 0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x04,0x06,0x00,
1310 0x05,0x00,0x04,0x40,0x81,0xa6,0x70,0xb3,0xef,0x59,0xd1,0x66,0xd1,0x9b,0xc0,
1311 0x9a,0xb6,0x9a,0x5e,0x6d,0x6f,0x6d,0x0d,0x59,0xa9,0xaa,0x6e,0xe9,0x2c,0xa0,
1312 0x1e,0xee,0xc2,0x60,0xbc,0x59,0xbe,0x3f,0x63,0x06,0x8d,0xc9,0x11,0x1d,0x23,
1313 0x64,0x92,0xef,0x2e,0xfc,0x57,0x29,0xa4,0xaf,0xe0,0xee,0x93,0x19,0x39,0x51,
1314 0xe4,0x44,0xb8,0x0b,0x28,0xf4,0xa8,0x0d };
1315 static const BYTE signedBareContent[] = {
1316 0x30,0x81,0xa1,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,
1317 0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x13,0x06,0x09,0x2a,0x86,0x48,0x86,
1318 0xf7,0x0d,0x01,0x07,0x01,0xa0,0x06,0x04,0x04,0x01,0x02,0x03,0x04,0x31,0x77,
1319 0x30,0x75,0x02,0x01,0x01,0x30,0x1a,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,
1320 0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,
1321 0x02,0x01,0x01,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,
1322 0x05,0x00,0x30,0x04,0x06,0x00,0x05,0x00,0x04,0x40,0x81,0xa6,0x70,0xb3,0xef,
1323 0x59,0xd1,0x66,0xd1,0x9b,0xc0,0x9a,0xb6,0x9a,0x5e,0x6d,0x6f,0x6d,0x0d,0x59,
1324 0xa9,0xaa,0x6e,0xe9,0x2c,0xa0,0x1e,0xee,0xc2,0x60,0xbc,0x59,0xbe,0x3f,0x63,
1325 0x06,0x8d,0xc9,0x11,0x1d,0x23,0x64,0x92,0xef,0x2e,0xfc,0x57,0x29,0xa4,0xaf,
1326 0xe0,0xee,0x93,0x19,0x39,0x51,0xe4,0x44,0xb8,0x0b,0x28,0xf4,0xa8,0x0d };
1327 static const BYTE signedContent[] = {
1328 0x30,0x81,0xb2,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x02,0xa0,
1329 0x81,0xa4,0x30,0x81,0xa1,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,0x08,0x2a,
1330 0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x13,0x06,0x09,0x2a,0x86,
1331 0x48,0x86,0xf7,0x0d,0x01,0x07,0x01,0xa0,0x06,0x04,0x04,0x01,0x02,0x03,0x04,
1332 0x31,0x77,0x30,0x75,0x02,0x01,0x01,0x30,0x1a,0x30,0x15,0x31,0x13,0x30,0x11,
1333 0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,
1334 0x67,0x00,0x02,0x01,0x01,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,
1335 0x02,0x05,0x05,0x00,0x30,0x04,0x06,0x00,0x05,0x00,0x04,0x40,0x81,0xa6,0x70,
1336 0xb3,0xef,0x59,0xd1,0x66,0xd1,0x9b,0xc0,0x9a,0xb6,0x9a,0x5e,0x6d,0x6f,0x6d,
1337 0x0d,0x59,0xa9,0xaa,0x6e,0xe9,0x2c,0xa0,0x1e,0xee,0xc2,0x60,0xbc,0x59,0xbe,
1338 0x3f,0x63,0x06,0x8d,0xc9,0x11,0x1d,0x23,0x64,0x92,0xef,0x2e,0xfc,0x57,0x29,
1339 0xa4,0xaf,0xe0,0xee,0x93,0x19,0x39,0x51,0xe4,0x44,0xb8,0x0b,0x28,0xf4,0xa8,
1340 0x0d };
1341 static const BYTE signedHash[] = {
1342 0x08,0xd6,0xc0,0x5a,0x21,0x51,0x2a,0x79,0xa1,0xdf,0xeb,0x9d,0x2a,0x8f,0x26,
1343 0x2f };
1344 static const BYTE signedEncodedSigner[] = {
1345 0x30,0x75,0x02,0x01,0x01,0x30,0x1a,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,
1346 0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,
1347 0x02,0x01,0x01,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,
1348 0x05,0x00,0x30,0x04,0x06,0x00,0x05,0x00,0x04,0x40,0x81,0xa6,0x70,0xb3,0xef,
1349 0x59,0xd1,0x66,0xd1,0x9b,0xc0,0x9a,0xb6,0x9a,0x5e,0x6d,0x6f,0x6d,0x0d,0x59,
1350 0xa9,0xaa,0x6e,0xe9,0x2c,0xa0,0x1e,0xee,0xc2,0x60,0xbc,0x59,0xbe,0x3f,0x63,
1351 0x06,0x8d,0xc9,0x11,0x1d,0x23,0x64,0x92,0xef,0x2e,0xfc,0x57,0x29,0xa4,0xaf,
1352 0xe0,0xee,0x93,0x19,0x39,0x51,0xe4,0x44,0xb8,0x0b,0x28,0xf4,0xa8,0x0d };
1353 static const BYTE signedWithAuthAttrsBareContent[] = {
1354 0x30,0x82,0x01,0x00,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,0x08,0x2a,0x86,
1355 0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x13,0x06,0x09,0x2a,0x86,0x48,
1356 0x86,0xf7,0x0d,0x01,0x07,0x01,0xa0,0x06,0x04,0x04,0x01,0x02,0x03,0x04,0x31,
1357 0x81,0xd5,0x30,0x81,0xd2,0x02,0x01,0x01,0x30,0x1a,0x30,0x15,0x31,0x13,0x30,
1358 0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,
1359 0x6e,0x67,0x00,0x02,0x01,0x01,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,
1360 0x0d,0x02,0x05,0x05,0x00,0xa0,0x5b,0x30,0x18,0x06,0x09,0x2a,0x86,0x48,0x86,
1361 0xf7,0x0d,0x01,0x09,0x03,0x31,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,
1362 0x01,0x07,0x01,0x30,0x1e,0x06,0x03,0x55,0x04,0x03,0x31,0x17,0x30,0x15,0x31,
1363 0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,
1364 0x4c,0x61,0x6e,0x67,0x00,0x30,0x1f,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,
1365 0x01,0x09,0x04,0x31,0x12,0x04,0x10,0x08,0xd6,0xc0,0x5a,0x21,0x51,0x2a,0x79,
1366 0xa1,0xdf,0xeb,0x9d,0x2a,0x8f,0x26,0x2f,0x30,0x04,0x06,0x00,0x05,0x00,0x04,
1367 0x40,0xbf,0x65,0xde,0x7a,0x3e,0xa2,0x19,0x59,0xc3,0xc7,0x02,0x53,0xc9,0x72,
1368 0xcd,0x74,0x96,0x70,0x0b,0x3b,0xcf,0x8b,0xd9,0x17,0x5c,0xc5,0xd1,0x83,0x41,
1369 0x32,0x93,0xa6,0xf3,0x52,0x83,0x94,0xa9,0x6b,0x0a,0x92,0xcf,0xaf,0x12,0xfa,
1370 0x40,0x53,0x12,0x84,0x03,0xab,0x10,0xa2,0x3d,0xe6,0x9f,0x5a,0xbf,0xc5,0xb8,
1371 0xff,0xc6,0x33,0x63,0x34 };
1372 static BYTE cert[] = {
1373 0x30,0x7a,0x02,0x01,0x01,0x30,0x02,0x06,0x00,0x30,0x15,0x31,0x13,0x30,0x11,
1374 0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,
1375 0x67,0x00,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,
1376 0x30,0x30,0x30,0x30,0x30,0x5a,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,
1377 0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x15,0x31,0x13,0x30,0x11,0x06,
1378 0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,
1379 0x00,0x30,0x07,0x30,0x02,0x06,0x00,0x03,0x01,0x00,0xa3,0x16,0x30,0x14,0x30,
1380 0x12,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,0x08,0x30,0x06,0x01,0x01,
1381 0xff,0x02,0x01,0x01 };
1382 static BYTE v1CertWithPubKey[] = {
1383 0x30,0x81,0x95,0x02,0x01,0x01,0x30,0x02,0x06,0x00,0x30,0x15,0x31,0x13,0x30,
1384 0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,
1385 0x6e,0x67,0x00,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,
1386 0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,
1387 0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x15,0x31,0x13,0x30,0x11,
1388 0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,
1389 0x67,0x00,0x30,0x22,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,
1390 0x01,0x01,0x05,0x00,0x03,0x11,0x00,0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
1391 0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,0xa3,0x16,0x30,0x14,0x30,0x12,0x06,
1392 0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,0x08,0x30,0x06,0x01,0x01,0xff,0x02,
1393 0x01,0x01 };
1394 static const BYTE signedWithCertEmptyBareContent[] = {
1395 0x30,0x81,0xce,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,
1396 0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x02,0x06,0x00,0xa0,0x7c,0x30,0x7a,
1397 0x02,0x01,0x01,0x30,0x02,0x06,0x00,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,
1398 0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,
1399 0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,
1400 0x30,0x30,0x30,0x5a,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,
1401 0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,
1402 0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,
1403 0x07,0x30,0x02,0x06,0x00,0x03,0x01,0x00,0xa3,0x16,0x30,0x14,0x30,0x12,0x06,
1404 0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,0x08,0x30,0x06,0x01,0x01,0xff,0x02,
1405 0x01,0x01,0x31,0x37,0x30,0x35,0x02,0x01,0x01,0x30,0x1a,0x30,0x15,0x31,0x13,
1406 0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,
1407 0x61,0x6e,0x67,0x00,0x02,0x01,0x01,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,
1408 0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x04,0x06,0x00,0x05,0x00,0x04,0x00 };
1409 static const BYTE signedWithCertBareContent[] = {
1410 0x30,0x82,0x01,0x1f,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,0x08,0x2a,0x86,
1411 0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x13,0x06,0x09,0x2a,0x86,0x48,
1412 0x86,0xf7,0x0d,0x01,0x07,0x01,0xa0,0x06,0x04,0x04,0x01,0x02,0x03,0x04,0xa0,
1413 0x7c,0x30,0x7a,0x02,0x01,0x01,0x30,0x02,0x06,0x00,0x30,0x15,0x31,0x13,0x30,
1414 0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,
1415 0x6e,0x67,0x00,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,
1416 0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,
1417 0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x15,0x31,0x13,0x30,0x11,
1418 0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,
1419 0x67,0x00,0x30,0x07,0x30,0x02,0x06,0x00,0x03,0x01,0x00,0xa3,0x16,0x30,0x14,
1420 0x30,0x12,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,0x08,0x30,0x06,0x01,
1421 0x01,0xff,0x02,0x01,0x01,0x31,0x77,0x30,0x75,0x02,0x01,0x01,0x30,0x1a,0x30,
1422 0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,
1423 0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x02,0x01,0x01,0x30,0x0c,0x06,0x08,0x2a,
1424 0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x04,0x06,0x00,0x05,0x00,
1425 0x04,0x40,0x81,0xa6,0x70,0xb3,0xef,0x59,0xd1,0x66,0xd1,0x9b,0xc0,0x9a,0xb6,
1426 0x9a,0x5e,0x6d,0x6f,0x6d,0x0d,0x59,0xa9,0xaa,0x6e,0xe9,0x2c,0xa0,0x1e,0xee,
1427 0xc2,0x60,0xbc,0x59,0xbe,0x3f,0x63,0x06,0x8d,0xc9,0x11,0x1d,0x23,0x64,0x92,
1428 0xef,0x2e,0xfc,0x57,0x29,0xa4,0xaf,0xe0,0xee,0x93,0x19,0x39,0x51,0xe4,0x44,
1429 0xb8,0x0b,0x28,0xf4,0xa8,0x0d };
1430 static BYTE crl[] = { 0x30,0x2c,0x30,0x02,0x06,0x00,0x30,0x15,0x31,0x13,0x30,
1431 0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,
1432 0x6e,0x67,0x00,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,
1433 0x30,0x30,0x30,0x30,0x5a };
1434 static const BYTE signedWithCrlEmptyBareContent[] = {
1435 0x30,0x81,0x80,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,
1436 0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x02,0x06,0x00,0xa1,0x2e,0x30,0x2c,
1437 0x30,0x02,0x06,0x00,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,
1438 0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x18,0x0f,0x31,
1439 0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x31,
1440 0x37,0x30,0x35,0x02,0x01,0x01,0x30,0x1a,0x30,0x15,0x31,0x13,0x30,0x11,0x06,
1441 0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,
1442 0x00,0x02,0x01,0x01,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,
1443 0x05,0x05,0x00,0x30,0x04,0x06,0x00,0x05,0x00,0x04,0x00 };
1444 static const BYTE signedWithCrlBareContent[] = {
1445 0x30,0x81,0xd1,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,
1446 0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x13,0x06,0x09,0x2a,0x86,0x48,0x86,
1447 0xf7,0x0d,0x01,0x07,0x01,0xa0,0x06,0x04,0x04,0x01,0x02,0x03,0x04,0xa1,0x2e,
1448 0x30,0x2c,0x30,0x02,0x06,0x00,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,
1449 0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x18,
1450 0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,
1451 0x5a,0x31,0x77,0x30,0x75,0x02,0x01,0x01,0x30,0x1a,0x30,0x15,0x31,0x13,0x30,
1452 0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,
1453 0x6e,0x67,0x00,0x02,0x01,0x01,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,
1454 0x0d,0x02,0x05,0x05,0x00,0x30,0x04,0x06,0x00,0x05,0x00,0x04,0x40,0x81,0xa6,
1455 0x70,0xb3,0xef,0x59,0xd1,0x66,0xd1,0x9b,0xc0,0x9a,0xb6,0x9a,0x5e,0x6d,0x6f,
1456 0x6d,0x0d,0x59,0xa9,0xaa,0x6e,0xe9,0x2c,0xa0,0x1e,0xee,0xc2,0x60,0xbc,0x59,
1457 0xbe,0x3f,0x63,0x06,0x8d,0xc9,0x11,0x1d,0x23,0x64,0x92,0xef,0x2e,0xfc,0x57,
1458 0x29,0xa4,0xaf,0xe0,0xee,0x93,0x19,0x39,0x51,0xe4,0x44,0xb8,0x0b,0x28,0xf4,
1459 0xa8,0x0d };
1460 static const BYTE signedWithCertAndCrlEmptyBareContent[] = {
1461 0x30,0x81,0xfe,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,
1462 0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x02,0x06,0x00,0xa0,0x7c,0x30,0x7a,
1463 0x02,0x01,0x01,0x30,0x02,0x06,0x00,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,
1464 0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,
1465 0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,
1466 0x30,0x30,0x30,0x5a,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,
1467 0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,
1468 0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,
1469 0x07,0x30,0x02,0x06,0x00,0x03,0x01,0x00,0xa3,0x16,0x30,0x14,0x30,0x12,0x06,
1470 0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,0x08,0x30,0x06,0x01,0x01,0xff,0x02,
1471 0x01,0x01,0xa1,0x2e,0x30,0x2c,0x30,0x02,0x06,0x00,0x30,0x15,0x31,0x13,0x30,
1472 0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,
1473 0x6e,0x67,0x00,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,
1474 0x30,0x30,0x30,0x30,0x5a,0x31,0x37,0x30,0x35,0x02,0x01,0x01,0x30,0x1a,0x30,
1475 0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,
1476 0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x02,0x01,0x01,0x30,0x0c,0x06,0x08,0x2a,
1477 0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x04,0x06,0x00,0x05,0x00,
1478 0x04,0x00 };
1479 static const BYTE signedWithCertAndCrlBareContent[] = {
1480 0x30,0x82,0x01,0x4f,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,0x08,0x2a,0x86,
1481 0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x13,0x06,0x09,0x2a,0x86,0x48,
1482 0x86,0xf7,0x0d,0x01,0x07,0x01,0xa0,0x06,0x04,0x04,0x01,0x02,0x03,0x04,0xa0,
1483 0x7c,0x30,0x7a,0x02,0x01,0x01,0x30,0x02,0x06,0x00,0x30,0x15,0x31,0x13,0x30,
1484 0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,
1485 0x6e,0x67,0x00,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,
1486 0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,
1487 0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x15,0x31,0x13,0x30,0x11,
1488 0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,
1489 0x67,0x00,0x30,0x07,0x30,0x02,0x06,0x00,0x03,0x01,0x00,0xa3,0x16,0x30,0x14,
1490 0x30,0x12,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,0x08,0x30,0x06,0x01,
1491 0x01,0xff,0x02,0x01,0x01,0xa1,0x2e,0x30,0x2c,0x30,0x02,0x06,0x00,0x30,0x15,
1492 0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,
1493 0x20,0x4c,0x61,0x6e,0x67,0x00,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,
1494 0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x31,0x77,0x30,0x75,0x02,0x01,0x01,
1495 0x30,0x1a,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,
1496 0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x02,0x01,0x01,0x30,0x0c,
1497 0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x04,0x06,
1498 0x00,0x05,0x00,0x04,0x40,0x81,0xa6,0x70,0xb3,0xef,0x59,0xd1,0x66,0xd1,0x9b,
1499 0xc0,0x9a,0xb6,0x9a,0x5e,0x6d,0x6f,0x6d,0x0d,0x59,0xa9,0xaa,0x6e,0xe9,0x2c,
1500 0xa0,0x1e,0xee,0xc2,0x60,0xbc,0x59,0xbe,0x3f,0x63,0x06,0x8d,0xc9,0x11,0x1d,
1501 0x23,0x64,0x92,0xef,0x2e,0xfc,0x57,0x29,0xa4,0xaf,0xe0,0xee,0x93,0x19,0x39,
1502 0x51,0xe4,0x44,0xb8,0x0b,0x28,0xf4,0xa8,0x0d };
1503 static const BYTE signedWithCertWithPubKeyBareContent[] = {
1504 0x30,0x81,0xeb,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,
1505 0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x02,0x06,0x00,0xa0,0x81,0x98,0x30,
1506 0x81,0x95,0x02,0x01,0x01,0x30,0x02,0x06,0x00,0x30,0x15,0x31,0x13,0x30,0x11,
1507 0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,
1508 0x67,0x00,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,
1509 0x30,0x30,0x30,0x30,0x30,0x5a,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,
1510 0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x15,0x31,0x13,0x30,0x11,0x06,
1511 0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,
1512 0x00,0x30,0x22,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,
1513 0x01,0x05,0x00,0x03,0x11,0x00,0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
1514 0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,0xa3,0x16,0x30,0x14,0x30,0x12,0x06,0x03,
1515 0x55,0x1d,0x13,0x01,0x01,0xff,0x04,0x08,0x30,0x06,0x01,0x01,0xff,0x02,0x01,
1516 0x01,0x31,0x37,0x30,0x35,0x02,0x01,0x01,0x30,0x1a,0x30,0x15,0x31,0x13,0x30,
1517 0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,
1518 0x6e,0x67,0x00,0x02,0x01,0x01,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,
1519 0x0d,0x02,0x05,0x05,0x00,0x30,0x04,0x06,0x00,0x05,0x00,0x04,0x00 };
1520 static BYTE v1CertWithValidPubKey[] = {
1521 0x30,0x81,0xcf,0x02,0x01,0x01,0x30,0x02,0x06,0x00,0x30,0x15,0x31,0x13,0x30,
1522 0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,
1523 0x6e,0x67,0x00,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,
1524 0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,
1525 0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x15,0x31,0x13,0x30,0x11,
1526 0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,
1527 0x67,0x00,0x30,0x5c,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,
1528 0x01,0x01,0x05,0x00,0x03,0x4b,0x00,0x30,0x48,0x02,0x41,0x00,0xe2,0x54,0x3a,
1529 0xa7,0x83,0xb1,0x27,0x14,0x3e,0x59,0xbb,0xb4,0x53,0xe6,0x1f,0xe7,0x5d,0xf1,
1530 0x21,0x68,0xad,0x85,0x53,0xdb,0x6b,0x1e,0xeb,0x65,0x97,0x03,0x86,0x60,0xde,
1531 0xf3,0x6c,0x38,0x75,0xe0,0x4c,0x61,0xbb,0xbc,0x62,0x17,0xa9,0xcd,0x79,0x3f,
1532 0x21,0x4e,0x96,0xcb,0x0e,0xdc,0x61,0x94,0x30,0x18,0x10,0x6b,0xd0,0x1c,0x10,
1533 0x79,0x02,0x03,0x01,0x00,0x01,0xa3,0x16,0x30,0x14,0x30,0x12,0x06,0x03,0x55,
1534 0x1d,0x13,0x01,0x01,0xff,0x04,0x08,0x30,0x06,0x01,0x01,0xff,0x02,0x01,0x01 };
1535 static const BYTE signedWithCertWithValidPubKeyEmptyContent[] = {
1536 0x30,0x82,0x01,0x38,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x02,
1537 0xa0,0x82,0x01,0x29,0x30,0x82,0x01,0x25,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,
1538 0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x02,0x06,
1539 0x00,0xa0,0x81,0xd2,0x30,0x81,0xcf,0x02,0x01,0x01,0x30,0x02,0x06,0x00,0x30,
1540 0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,
1541 0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,
1542 0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x18,0x0f,0x31,0x36,
1543 0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x15,
1544 0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,
1545 0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,0x5c,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,
1546 0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x4b,0x00,0x30,0x48,0x02,0x41,
1547 0x00,0xe2,0x54,0x3a,0xa7,0x83,0xb1,0x27,0x14,0x3e,0x59,0xbb,0xb4,0x53,0xe6,
1548 0x1f,0xe7,0x5d,0xf1,0x21,0x68,0xad,0x85,0x53,0xdb,0x6b,0x1e,0xeb,0x65,0x97,
1549 0x03,0x86,0x60,0xde,0xf3,0x6c,0x38,0x75,0xe0,0x4c,0x61,0xbb,0xbc,0x62,0x17,
1550 0xa9,0xcd,0x79,0x3f,0x21,0x4e,0x96,0xcb,0x0e,0xdc,0x61,0x94,0x30,0x18,0x10,
1551 0x6b,0xd0,0x1c,0x10,0x79,0x02,0x03,0x01,0x00,0x01,0xa3,0x16,0x30,0x14,0x30,
1552 0x12,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,0x08,0x30,0x06,0x01,0x01,
1553 0xff,0x02,0x01,0x01,0x31,0x37,0x30,0x35,0x02,0x01,0x01,0x30,0x1a,0x30,0x15,
1554 0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,
1555 0x20,0x4c,0x61,0x6e,0x67,0x00,0x02,0x01,0x01,0x30,0x0c,0x06,0x08,0x2a,0x86,
1556 0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x04,0x06,0x00,0x05,0x00,0x04,
1557 0x00 };
1558 static const BYTE signedWithCertWithValidPubKeyContent[] = {
1559 0x30,0x82,0x01,0x89,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x02,
1560 0xa0,0x82,0x01,0x7a,0x30,0x82,0x01,0x76,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,
1561 0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x13,0x06,
1562 0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x01,0xa0,0x06,0x04,0x04,0x01,
1563 0x02,0x03,0x04,0xa0,0x81,0xd2,0x30,0x81,0xcf,0x02,0x01,0x01,0x30,0x02,0x06,
1564 0x00,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,
1565 0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,0x22,0x18,0x0f,0x31,0x36,
1566 0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x18,0x0f,
1567 0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,
1568 0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,
1569 0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x30,0x5c,0x30,0x0d,0x06,0x09,0x2a,
1570 0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x4b,0x00,0x30,0x48,
1571 0x02,0x41,0x00,0xe2,0x54,0x3a,0xa7,0x83,0xb1,0x27,0x14,0x3e,0x59,0xbb,0xb4,
1572 0x53,0xe6,0x1f,0xe7,0x5d,0xf1,0x21,0x68,0xad,0x85,0x53,0xdb,0x6b,0x1e,0xeb,
1573 0x65,0x97,0x03,0x86,0x60,0xde,0xf3,0x6c,0x38,0x75,0xe0,0x4c,0x61,0xbb,0xbc,
1574 0x62,0x17,0xa9,0xcd,0x79,0x3f,0x21,0x4e,0x96,0xcb,0x0e,0xdc,0x61,0x94,0x30,
1575 0x18,0x10,0x6b,0xd0,0x1c,0x10,0x79,0x02,0x03,0x01,0x00,0x01,0xa3,0x16,0x30,
1576 0x14,0x30,0x12,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,0x08,0x30,0x06,
1577 0x01,0x01,0xff,0x02,0x01,0x01,0x31,0x77,0x30,0x75,0x02,0x01,0x01,0x30,0x1a,
1578 0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,
1579 0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x02,0x01,0x01,0x30,0x0c,0x06,0x08,
1580 0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x04,0x06,0x00,0x05,
1581 0x00,0x04,0x40,0x81,0xa6,0x70,0xb3,0xef,0x59,0xd1,0x66,0xd1,0x9b,0xc0,0x9a,
1582 0xb6,0x9a,0x5e,0x6d,0x6f,0x6d,0x0d,0x59,0xa9,0xaa,0x6e,0xe9,0x2c,0xa0,0x1e,
1583 0xee,0xc2,0x60,0xbc,0x59,0xbe,0x3f,0x63,0x06,0x8d,0xc9,0x11,0x1d,0x23,0x64,
1584 0x92,0xef,0x2e,0xfc,0x57,0x29,0xa4,0xaf,0xe0,0xee,0x93,0x19,0x39,0x51,0xe4,
1585 0x44,0xb8,0x0b,0x28,0xf4,0xa8,0x0d };
1586
1587 static void test_signed_msg_encoding(void)
1588 {
1589 HCRYPTMSG msg;
1590 CMSG_SIGNED_ENCODE_INFO signInfo = { sizeof(signInfo), 0 };
1591 CMSG_SIGNER_ENCODE_INFO signer = { sizeof(signer), 0 };
1592 CERT_INFO certInfo = { 0 };
1593 CERT_BLOB encodedCert = { sizeof(cert), cert };
1594 CRL_BLOB encodedCrl = { sizeof(crl), crl };
1595 char oid_common_name[] = szOID_COMMON_NAME;
1596 CRYPT_ATTR_BLOB commonName = { sizeof(encodedCommonName),
1597 encodedCommonName };
1598 CRYPT_ATTRIBUTE attr = { oid_common_name, 1, &commonName };
1599 BOOL ret;
1600 HCRYPTKEY key;
1601 DWORD size;
1602
1603 certInfo.SerialNumber.cbData = sizeof(serialNum);
1604 certInfo.SerialNumber.pbData = serialNum;
1605 certInfo.Issuer.cbData = sizeof(encodedCommonName);
1606 certInfo.Issuer.pbData = encodedCommonName;
1607 signer.pCertInfo = &certInfo;
1608 signer.HashAlgorithm.pszObjId = oid_rsa_md5;
1609 signInfo.cSigners = 1;
1610 signInfo.rgSigners = &signer;
1611
1612 ret = pCryptAcquireContextA(&signer.hCryptProv, cspNameA, NULL,
1613 PROV_RSA_FULL, CRYPT_NEWKEYSET);
1614 if (!ret && GetLastError() == NTE_EXISTS) {
1615 ret = pCryptAcquireContextA(&signer.hCryptProv, cspNameA, NULL,
1616 PROV_RSA_FULL, 0);
1617 }
1618 ok(ret, "CryptAcquireContext failed: 0x%x\n", GetLastError());
1619
1620 if (!ret) {
1621 skip("No context for tests\n");
1622 return;
1623 }
1624
1625 ret = CryptImportKey(signer.hCryptProv, (LPBYTE)privKey, sizeof(privKey),
1626 0, 0, &key);
1627 ok(ret, "CryptImportKey failed: %08x\n", GetLastError());
1628
1629 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING,
1630 CMSG_DETACHED_FLAG, CMSG_SIGNED, &signInfo, NULL, NULL);
1631 ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError());
1632
1633 check_param("detached signed empty bare content", msg,
1634 CMSG_BARE_CONTENT_PARAM, signedEmptyBareContent,
1635 sizeof(signedEmptyBareContent));
1636 check_param("detached signed empty content", msg, CMSG_CONTENT_PARAM,
1637 signedEmptyContent, sizeof(signedEmptyContent));
1638 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
1639 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
1640 check_param("detached signed hash", msg, CMSG_COMPUTED_HASH_PARAM,
1641 signedHash, sizeof(signedHash));
1642 check_param("detached signed bare content", msg, CMSG_BARE_CONTENT_PARAM,
1643 detachedSignedBareContent, sizeof(detachedSignedBareContent));
1644 check_param("detached signed content", msg, CMSG_CONTENT_PARAM,
1645 detachedSignedContent, sizeof(detachedSignedContent));
1646 SetLastError(0xdeadbeef);
1647 ret = CryptMsgGetParam(msg, CMSG_COMPUTED_HASH_PARAM, 1, NULL, &size);
1648 ok(!ret && GetLastError() == CRYPT_E_INVALID_INDEX,
1649 "Expected CRYPT_E_INVALID_INDEX, got %x\n", GetLastError());
1650 check_param("detached signed encoded signer", msg, CMSG_ENCODED_SIGNER,
1651 signedEncodedSigner, sizeof(signedEncodedSigner));
1652
1653 CryptMsgClose(msg);
1654
1655 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED, &signInfo,
1656 NULL, NULL);
1657 ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError());
1658
1659 check_param("signed empty bare content", msg, CMSG_BARE_CONTENT_PARAM,
1660 signedEmptyBareContent, sizeof(signedEmptyBareContent));
1661 check_param("signed empty content", msg, CMSG_CONTENT_PARAM,
1662 signedEmptyContent, sizeof(signedEmptyContent));
1663 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
1664 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
1665 check_param("signed bare content", msg, CMSG_BARE_CONTENT_PARAM,
1666 signedBareContent, sizeof(signedBareContent));
1667 check_param("signed content", msg, CMSG_CONTENT_PARAM,
1668 signedContent, sizeof(signedContent));
1669
1670 CryptMsgClose(msg);
1671
1672 signer.cAuthAttr = 1;
1673 signer.rgAuthAttr = &attr;
1674 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED, &signInfo,
1675 NULL, NULL);
1676 ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError());
1677
1678 CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
1679 check_param("signed with auth attrs bare content", msg,
1680 CMSG_BARE_CONTENT_PARAM, signedWithAuthAttrsBareContent,
1681 sizeof(signedWithAuthAttrsBareContent));
1682
1683 CryptMsgClose(msg);
1684
1685 signer.cAuthAttr = 0;
1686 signInfo.rgCertEncoded = &encodedCert;
1687 signInfo.cCertEncoded = 1;
1688 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED, &signInfo,
1689 NULL, NULL);
1690 ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError());
1691
1692 check_param("signed with cert empty bare content", msg,
1693 CMSG_BARE_CONTENT_PARAM, signedWithCertEmptyBareContent,
1694 sizeof(signedWithCertEmptyBareContent));
1695 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
1696 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
1697 check_param("signed with cert bare content", msg, CMSG_BARE_CONTENT_PARAM,
1698 signedWithCertBareContent, sizeof(signedWithCertBareContent));
1699
1700 CryptMsgClose(msg);
1701
1702 signInfo.cCertEncoded = 0;
1703 signInfo.rgCrlEncoded = &encodedCrl;
1704 signInfo.cCrlEncoded = 1;
1705 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED, &signInfo,
1706 NULL, NULL);
1707 ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError());
1708
1709 check_param("signed with crl empty bare content", msg,
1710 CMSG_BARE_CONTENT_PARAM, signedWithCrlEmptyBareContent,
1711 sizeof(signedWithCrlEmptyBareContent));
1712 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
1713 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
1714 check_param("signed with crl bare content", msg, CMSG_BARE_CONTENT_PARAM,
1715 signedWithCrlBareContent, sizeof(signedWithCrlBareContent));
1716
1717 CryptMsgClose(msg);
1718
1719 signInfo.cCertEncoded = 1;
1720 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED, &signInfo,
1721 NULL, NULL);
1722 ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError());
1723
1724 check_param("signed with cert and crl empty bare content", msg,
1725 CMSG_BARE_CONTENT_PARAM, signedWithCertAndCrlEmptyBareContent,
1726 sizeof(signedWithCertAndCrlEmptyBareContent));
1727 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
1728 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
1729 check_param("signed with cert and crl bare content", msg,
1730 CMSG_BARE_CONTENT_PARAM, signedWithCertAndCrlBareContent,
1731 sizeof(signedWithCertAndCrlBareContent));
1732
1733 CryptMsgClose(msg);
1734
1735 /* Test with a cert with a (bogus) public key */
1736 signInfo.cCrlEncoded = 0;
1737 encodedCert.cbData = sizeof(v1CertWithPubKey);
1738 encodedCert.pbData = v1CertWithPubKey;
1739 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED, &signInfo,
1740 NULL, NULL);
1741 ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError());
1742 check_param("signedWithCertWithPubKeyBareContent", msg,
1743 CMSG_BARE_CONTENT_PARAM, signedWithCertWithPubKeyBareContent,
1744 sizeof(signedWithCertWithPubKeyBareContent));
1745 CryptMsgClose(msg);
1746
1747 encodedCert.cbData = sizeof(v1CertWithValidPubKey);
1748 encodedCert.pbData = v1CertWithValidPubKey;
1749 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED, &signInfo,
1750 NULL, NULL);
1751 ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError());
1752 check_param("signedWithCertWithValidPubKeyEmptyContent", msg,
1753 CMSG_CONTENT_PARAM, signedWithCertWithValidPubKeyEmptyContent,
1754 sizeof(signedWithCertWithValidPubKeyEmptyContent));
1755 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
1756 check_param("signedWithCertWithValidPubKeyContent", msg,
1757 CMSG_CONTENT_PARAM, signedWithCertWithValidPubKeyContent,
1758 sizeof(signedWithCertWithValidPubKeyContent));
1759 CryptMsgClose(msg);
1760
1761 CryptDestroyKey(key);
1762 CryptReleaseContext(signer.hCryptProv, 0);
1763 pCryptAcquireContextA(&signer.hCryptProv, cspNameA, NULL, PROV_RSA_FULL,
1764 CRYPT_DELETEKEYSET);
1765 }
1766
1767 static void test_signed_msg_get_param(void)
1768 {
1769 BOOL ret;
1770 HCRYPTMSG msg;
1771 DWORD size, value = 0;
1772 CMSG_SIGNED_ENCODE_INFO signInfo = { sizeof(signInfo), 0 };
1773 CMSG_SIGNER_ENCODE_INFO signer = { sizeof(signer), 0 };
1774 CERT_INFO certInfo = { 0 };
1775
1776 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED, &signInfo,
1777 NULL, NULL);
1778 ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError());
1779
1780 /* Content and bare content are always gettable */
1781 size = 0;
1782 ret = CryptMsgGetParam(msg, CMSG_CONTENT_PARAM, 0, NULL, &size);
1783 ok(ret, "CryptMsgGetParam failed: %08x\n", GetLastError());
1784 size = 0;
1785 ret = CryptMsgGetParam(msg, CMSG_BARE_CONTENT_PARAM, 0, NULL, &size);
1786 ok(ret, "CryptMsgGetParam failed: %08x\n", GetLastError());
1787 /* For "signed" messages, so is the version. */
1788 size = 0;
1789 ret = CryptMsgGetParam(msg, CMSG_VERSION_PARAM, 0, NULL, &size);
1790 ok(ret, "CryptMsgGetParam failed: %08x\n", GetLastError());
1791 size = sizeof(value);
1792 ret = CryptMsgGetParam(msg, CMSG_VERSION_PARAM, 0, (LPBYTE)&value, &size);
1793 ok(ret, "CryptMsgGetParam failed: %08x\n", GetLastError());
1794 ok(value == CMSG_SIGNED_DATA_V1, "Expected version 1, got %d\n", value);
1795 /* But for this message, with no signers, the hash and signer aren't
1796 * available.
1797 */
1798 size = 0;
1799 SetLastError(0xdeadbeef);
1800 ret = CryptMsgGetParam(msg, CMSG_ENCODED_SIGNER, 0, NULL, &size);
1801 ok(!ret && GetLastError() == CRYPT_E_INVALID_INDEX,
1802 "Expected CRYPT_E_INVALID_INDEX, got %x\n", GetLastError());
1803 SetLastError(0xdeadbeef);
1804 ret = CryptMsgGetParam(msg, CMSG_COMPUTED_HASH_PARAM, 0, NULL, &size);
1805 ok(!ret && GetLastError() == CRYPT_E_INVALID_INDEX,
1806 "Expected CRYPT_E_INVALID_INDEX, got %x\n", GetLastError());
1807 /* As usual, the type isn't available. */
1808 ret = CryptMsgGetParam(msg, CMSG_TYPE_PARAM, 0, NULL, &size);
1809 ok(!ret && GetLastError() == CRYPT_E_INVALID_MSG_TYPE,
1810 "Expected CRYPT_E_INVALID_MSG_TYPE, got %x\n", GetLastError());
1811
1812 CryptMsgClose(msg);
1813
1814 certInfo.SerialNumber.cbData = sizeof(serialNum);
1815 certInfo.SerialNumber.pbData = serialNum;
1816 certInfo.Issuer.cbData = sizeof(encodedCommonName);
1817 certInfo.Issuer.pbData = encodedCommonName;
1818 signer.pCertInfo = &certInfo;
1819 signer.HashAlgorithm.pszObjId = oid_rsa_md5;
1820 signInfo.cSigners = 1;
1821 signInfo.rgSigners = &signer;
1822
1823 ret = pCryptAcquireContextA(&signer.hCryptProv, cspNameA, NULL,
1824 PROV_RSA_FULL, CRYPT_NEWKEYSET);
1825 if (!ret && GetLastError() == NTE_EXISTS) {
1826 ret = pCryptAcquireContextA(&signer.hCryptProv, cspNameA, NULL,
1827 PROV_RSA_FULL, 0);
1828 }
1829 ok(ret, "CryptAcquireContext failed: 0x%x\n", GetLastError());
1830
1831 if (!ret) {
1832 skip("No context for tests\n");
1833 return;
1834 }
1835
1836 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED, &signInfo,
1837 NULL, NULL);
1838 ok(msg != NULL, "CryptMsgOpenToEncode failed: %x\n", GetLastError());
1839
1840 /* This message, with one signer, has the hash and signer for index 0
1841 * available, but not for other indexes.
1842 */
1843 size = 0;
1844 ret = CryptMsgGetParam(msg, CMSG_ENCODED_SIGNER, 0, NULL, &size);
1845 ok(ret, "CryptMsgGetParam failed: %x\n", GetLastError());
1846 ret = CryptMsgGetParam(msg, CMSG_COMPUTED_HASH_PARAM, 0, NULL, &size);
1847 ok(ret, "CryptMsgGetParam failed: %x\n", GetLastError());
1848 size = 0;
1849 SetLastError(0xdeadbeef);
1850 ret = CryptMsgGetParam(msg, CMSG_ENCODED_SIGNER, 1, NULL, &size);
1851 ok(!ret && GetLastError() == CRYPT_E_INVALID_INDEX,
1852 "Expected CRYPT_E_INVALID_INDEX, got %x\n", GetLastError());
1853 SetLastError(0xdeadbeef);
1854 ret = CryptMsgGetParam(msg, CMSG_COMPUTED_HASH_PARAM, 1, NULL, &size);
1855 ok(!ret && GetLastError() == CRYPT_E_INVALID_INDEX,
1856 "Expected CRYPT_E_INVALID_INDEX, got %x\n", GetLastError());
1857 /* As usual, the type isn't available. */
1858 ret = CryptMsgGetParam(msg, CMSG_TYPE_PARAM, 0, NULL, &size);
1859 ok(!ret && GetLastError() == CRYPT_E_INVALID_MSG_TYPE,
1860 "Expected CRYPT_E_INVALID_MSG_TYPE, got %x\n", GetLastError());
1861
1862 CryptMsgClose(msg);
1863
1864 CryptReleaseContext(signer.hCryptProv, 0);
1865 pCryptAcquireContextA(&signer.hCryptProv, cspNameA, MS_DEF_PROV_A,
1866 PROV_RSA_FULL, CRYPT_DELETEKEYSET);
1867 }
1868
1869 static void test_signed_msg(void)
1870 {
1871 test_signed_msg_open();
1872 test_signed_msg_update();
1873 test_signed_msg_encoding();
1874 test_signed_msg_get_param();
1875 }
1876
1877 static CRYPT_DATA_BLOB b4 = { 0, NULL };
1878 static const struct update_accum a4 = { 1, &b4 };
1879
1880 static const BYTE bogusOIDContent[] = {
1881 0x30,0x0f,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x07,0xa0,0x02,
1882 0x04,0x00 };
1883 static const BYTE bogusHashContent[] = {
1884 0x30,0x47,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x05,0xa0,0x3a,
1885 0x30,0x38,0x02,0x01,0x00,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,
1886 0x02,0x05,0x05,0x00,0x30,0x13,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,
1887 0x07,0x01,0xa0,0x06,0x04,0x04,0x01,0x02,0x03,0x04,0x04,0x10,0x00,0xd6,0xc0,
1888 0x5a,0x21,0x51,0x2a,0x79,0xa1,0xdf,0xeb,0x9d,0x2a,0x8f,0x26,0x2f };
1889
1890 static void test_decode_msg_update(void)
1891 {
1892 HCRYPTMSG msg;
1893 BOOL ret;
1894 CMSG_STREAM_INFO streamInfo = { 0 };
1895 DWORD i;
1896 struct update_accum accum = { 0, NULL };
1897
1898 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL);
1899 /* Update with a full message in a final update */
1900 ret = CryptMsgUpdate(msg, dataEmptyContent, sizeof(dataEmptyContent), TRUE);
1901 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
1902 /* Can't update after a final update */
1903 SetLastError(0xdeadbeef);
1904 ret = CryptMsgUpdate(msg, dataEmptyContent, sizeof(dataEmptyContent), TRUE);
1905 ok(!ret && GetLastError() == CRYPT_E_MSG_ERROR,
1906 "Expected CRYPT_E_MSG_ERROR, got %x\n", GetLastError());
1907 CryptMsgClose(msg);
1908
1909 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL);
1910 /* Can't send a non-final update without streaming */
1911 SetLastError(0xdeadbeef);
1912 ret = CryptMsgUpdate(msg, dataEmptyContent, sizeof(dataEmptyContent),
1913 FALSE);
1914 ok(!ret && GetLastError() == CRYPT_E_MSG_ERROR,
1915 "Expected CRYPT_E_MSG_ERROR, got %x\n", GetLastError());
1916 /* A subsequent final update succeeds */
1917 ret = CryptMsgUpdate(msg, dataEmptyContent, sizeof(dataEmptyContent), TRUE);
1918 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
1919 CryptMsgClose(msg);
1920
1921 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, &streamInfo);
1922 /* Updating a message that has a NULL stream callback fails */
1923 SetLastError(0xdeadbeef);
1924 ret = CryptMsgUpdate(msg, dataEmptyContent, sizeof(dataEmptyContent),
1925 FALSE);
1926 todo_wine
1927 ok(!ret && GetLastError() == STATUS_ACCESS_VIOLATION,
1928 "Expected STATUS_ACCESS_VIOLATION, got %x\n", GetLastError());
1929 /* Changing the callback pointer after the fact yields the same error (so
1930 * the message must copy the stream info, not just store a pointer to it)
1931 */
1932 streamInfo.pfnStreamOutput = nop_stream_output;
1933 SetLastError(0xdeadbeef);
1934 ret = CryptMsgUpdate(msg, dataEmptyContent, sizeof(dataEmptyContent),
1935 FALSE);
1936 todo_wine
1937 ok(!ret && GetLastError() == STATUS_ACCESS_VIOLATION,
1938 "Expected STATUS_ACCESS_VIOLATION, got %x\n", GetLastError());
1939 CryptMsgClose(msg);
1940
1941 /* Empty non-final updates are allowed when streaming.. */
1942 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, &streamInfo);
1943 ret = CryptMsgUpdate(msg, NULL, 0, FALSE);
1944 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
1945 /* but final updates aren't when not enough data has been received. */
1946 SetLastError(0xdeadbeef);
1947 ret = CryptMsgUpdate(msg, NULL, 0, TRUE);
1948 todo_wine
1949 ok(!ret && GetLastError() == CRYPT_E_STREAM_INSUFFICIENT_DATA,
1950 "Expected CRYPT_E_STREAM_INSUFFICIENT_DATA, got %x\n", GetLastError());
1951 CryptMsgClose(msg);
1952
1953 /* Updating the message byte by byte is legal */
1954 streamInfo.pfnStreamOutput = accumulating_stream_output;
1955 streamInfo.pvArg = &accum;
1956 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, &streamInfo);
1957 for (i = 0, ret = TRUE; ret && i < sizeof(dataEmptyContent); i++)
1958 ret = CryptMsgUpdate(msg, &dataEmptyContent[i], 1, FALSE);
1959 ok(ret, "CryptMsgUpdate failed on byte %d: %x\n", i, GetLastError());
1960 ret = CryptMsgUpdate(msg, NULL, 0, TRUE);
1961 ok(ret, "CryptMsgUpdate failed on byte %d: %x\n", i, GetLastError());
1962 CryptMsgClose(msg);
1963 todo_wine
1964 check_updates("byte-by-byte empty content", &a4, &accum);
1965 free_updates(&accum);
1966
1967 /* Decoding bogus content fails in non-streaming mode.. */
1968 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL);
1969 SetLastError(0xdeadbeef);
1970 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
1971 ok(!ret && GetLastError() == CRYPT_E_ASN1_BADTAG,
1972 "Expected CRYPT_E_ASN1_BADTAG, got %x\n", GetLastError());
1973 CryptMsgClose(msg);
1974 /* and as the final update in streaming mode.. */
1975 streamInfo.pfnStreamOutput = nop_stream_output;
1976 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, &streamInfo);
1977 SetLastError(0xdeadbeef);
1978 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
1979 todo_wine
1980 ok(!ret && GetLastError() == CRYPT_E_ASN1_BADTAG,
1981 "Expected CRYPT_E_ASN1_BADTAG, got %x\n", GetLastError());
1982 CryptMsgClose(msg);
1983 /* and even as a non-final update in streaming mode. */
1984 streamInfo.pfnStreamOutput = nop_stream_output;
1985 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, &streamInfo);
1986 SetLastError(0xdeadbeef);
1987 ret = CryptMsgUpdate(msg, msgData, sizeof(msgData), FALSE);
1988 todo_wine
1989 ok(!ret && GetLastError() == CRYPT_E_ASN1_BADTAG,
1990 "Expected CRYPT_E_ASN1_BADTAG, got %x\n", GetLastError());
1991 CryptMsgClose(msg);
1992
1993 /* An empty message can be opened with undetermined type.. */
1994 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL);
1995 ret = CryptMsgUpdate(msg, dataEmptyContent, sizeof(dataEmptyContent),
1996 TRUE);
1997 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
1998 CryptMsgClose(msg);
1999 /* but decoding it as an explicitly typed message fails. */
2000 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, CMSG_DATA, 0, NULL,
2001 NULL);
2002 SetLastError(0xdeadbeef);
2003 ret = CryptMsgUpdate(msg, dataEmptyContent, sizeof(dataEmptyContent),
2004 TRUE);
2005 ok(!ret && GetLastError() == CRYPT_E_ASN1_BADTAG,
2006 "Expected CRYPT_E_ASN1_BADTAG, got %x\n", GetLastError());
2007 CryptMsgClose(msg);
2008 /* On the other hand, decoding the bare content of an empty message fails
2009 * with unspecified type..
2010 */
2011 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL);
2012 SetLastError(0xdeadbeef);
2013 ret = CryptMsgUpdate(msg, dataEmptyBareContent,
2014 sizeof(dataEmptyBareContent), TRUE);
2015 ok(!ret && GetLastError() == CRYPT_E_ASN1_BADTAG,
2016 "Expected CRYPT_E_ASN1_BADTAG, got %x\n", GetLastError());
2017 CryptMsgClose(msg);
2018 /* but succeeds with explicit type. */
2019 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, CMSG_DATA, 0, NULL,
2020 NULL);
2021 ret = CryptMsgUpdate(msg, dataEmptyBareContent,
2022 sizeof(dataEmptyBareContent), TRUE);
2023 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
2024 CryptMsgClose(msg);
2025
2026 /* Decoding valid content with an unsupported OID fails */
2027 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL);
2028 SetLastError(0xdeadbeef);
2029 ret = CryptMsgUpdate(msg, bogusOIDContent, sizeof(bogusOIDContent), TRUE);
2030 ok(!ret && GetLastError() == CRYPT_E_INVALID_MSG_TYPE,
2031 "Expected CRYPT_E_INVALID_MSG_TYPE, got %x\n", GetLastError());
2032 CryptMsgClose(msg);
2033
2034 /* Similarly, opening an empty hash with unspecified type succeeds.. */
2035 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL);
2036 SetLastError(0xdeadbeef);
2037 ret = CryptMsgUpdate(msg, hashEmptyContent, sizeof(hashEmptyContent), TRUE);
2038 ok(ret, "CryptMsgUpdate failed: %08x\n", GetLastError());
2039 CryptMsgClose(msg);
2040 /* while with specified type it fails. */
2041 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, CMSG_HASHED, 0, NULL,
2042 NULL);
2043 SetLastError(0xdeadbeef);
2044 ret = CryptMsgUpdate(msg, hashEmptyContent, sizeof(hashEmptyContent), TRUE);
2045 ok(!ret && GetLastError() == CRYPT_E_ASN1_BADTAG,
2046 "Expected CRYPT_E_ASN1_BADTAG, got %x\n", GetLastError());
2047 CryptMsgClose(msg);
2048 /* On the other hand, decoding the bare content of an empty hash message
2049 * fails with unspecified type..
2050 */
2051 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL);
2052 SetLastError(0xdeadbeef);
2053 ret = CryptMsgUpdate(msg, hashEmptyBareContent,
2054 sizeof(hashEmptyBareContent), TRUE);
2055 ok(!ret && GetLastError() == CRYPT_E_ASN1_BADTAG,
2056 "Expected CRYPT_E_ASN1_BADTAG, got %x\n", GetLastError());
2057 CryptMsgClose(msg);
2058 /* but succeeds with explicit type. */
2059 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, CMSG_HASHED, 0, NULL,
2060 NULL);
2061 ret = CryptMsgUpdate(msg, hashEmptyBareContent,
2062 sizeof(hashEmptyBareContent), TRUE);
2063 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
2064 CryptMsgClose(msg);
2065
2066 /* And again, opening a (non-empty) hash message with unspecified type
2067 * succeeds..
2068 */
2069 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL);
2070 SetLastError(0xdeadbeef);
2071 ret = CryptMsgUpdate(msg, hashContent, sizeof(hashContent), TRUE);
2072 ok(ret, "CryptMsgUpdate failed: %08x\n", GetLastError());
2073 CryptMsgClose(msg);
2074 /* while with specified type it fails.. */
2075 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, CMSG_HASHED, 0, NULL,
2076 NULL);
2077 SetLastError(0xdeadbeef);
2078 ret = CryptMsgUpdate(msg, hashContent, sizeof(hashContent), TRUE);
2079 ok(!ret && GetLastError() == CRYPT_E_ASN1_BADTAG,
2080 "Expected CRYPT_E_ASN1_BADTAG, got %x\n", GetLastError());
2081 CryptMsgClose(msg);
2082 /* and decoding the bare content of a non-empty hash message fails with
2083 * unspecified type..
2084 */
2085 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL);
2086 SetLastError(0xdeadbeef);
2087 ret = CryptMsgUpdate(msg, hashBareContent, sizeof(hashBareContent), TRUE);
2088 ok(!ret && GetLastError() == CRYPT_E_ASN1_BADTAG,
2089 "Expected CRYPT_E_ASN1_BADTAG, got %x\n", GetLastError());
2090 CryptMsgClose(msg);
2091 /* but succeeds with explicit type. */
2092 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, CMSG_HASHED, 0, NULL,
2093 NULL);
2094 ret = CryptMsgUpdate(msg, hashBareContent, sizeof(hashBareContent), TRUE);
2095 ok(ret, "CryptMsgUpdate failed: %x\n", GetLastError());
2096 CryptMsgClose(msg);
2097
2098 /* Opening a (non-empty) hash message with unspecified type and a bogus
2099 * hash value succeeds..
2100 */
2101 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL);
2102 SetLastError(0xdeadbeef);
2103 ret = CryptMsgUpdate(msg, bogusHashContent, sizeof(bogusHashContent), TRUE);
2104 ok(ret, "CryptMsgUpdate failed: %08x\n", GetLastError());
2105 CryptMsgClose(msg);
2106
2107 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL);
2108 ret = CryptMsgUpdate(msg, signedContent, sizeof(signedContent), TRUE);
2109 ok(ret, "CryptMsgUpdate failed: %08x\n", GetLastError());
2110 CryptMsgClose(msg);
2111 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL);
2112 SetLastError(0xdeadbeef);
2113 ret = CryptMsgUpdate(msg, signedWithCertAndCrlBareContent,
2114 sizeof(signedWithCertAndCrlBareContent), TRUE);
2115 ok(!ret && GetLastError() == CRYPT_E_ASN1_BADTAG,
2116 "Expected CRYPT_E_ASN1_BADTAG, got %08x\n", GetLastError());
2117 CryptMsgClose(msg);
2118 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED, 0, NULL,
2119 NULL);
2120 ret = CryptMsgUpdate(msg, signedWithCertAndCrlBareContent,
2121 sizeof(signedWithCertAndCrlBareContent), TRUE);
2122 ok(ret, "CryptMsgUpdate failed: %08x\n", GetLastError());
2123 CryptMsgClose(msg);
2124
2125 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, CMSG_DETACHED_FLAG, 0, 0,
2126 NULL, NULL);
2127 /* The first update succeeds.. */
2128 ret = CryptMsgUpdate(msg, detachedSignedContent,
2129 sizeof(detachedSignedContent), TRUE);
2130 ok(ret, "CryptMsgUpdate failed: %08x\n", GetLastError());
2131 /* as does a second (probably to update the detached portion).. */
2132 ret = CryptMsgUpdate(msg, detachedSignedContent,
2133 sizeof(detachedSignedContent), TRUE);
2134 ok(ret, "CryptMsgUpdate failed: %08x\n", GetLastError());
2135 /* while a third fails. */
2136 ret = CryptMsgUpdate(msg, detachedSignedContent,
2137 sizeof(detachedSignedContent), TRUE);
2138 ok(!ret && GetLastError() == CRYPT_E_MSG_ERROR,
2139 "expected CRYPT_E_MSG_ERROR, got %08x\n", GetLastError());
2140 CryptMsgClose(msg);
2141 }
2142
2143 static const BYTE hashParam[] = { 0x08,0xd6,0xc0,0x5a,0x21,0x51,0x2a,0x79,0xa1,
2144 0xdf,0xeb,0x9d,0x2a,0x8f,0x26,0x2f };
2145
2146 static void compare_signer_info(const CMSG_SIGNER_INFO *got,
2147 const CMSG_SIGNER_INFO *expected)
2148 {
2149 ok(got->dwVersion == expected->dwVersion, "Expected version %d, got %d\n",
2150 expected->dwVersion, got->dwVersion);
2151 ok(got->Issuer.cbData == expected->Issuer.cbData,
2152 "Expected issuer size %d, got %d\n", expected->Issuer.cbData,
2153 got->Issuer.cbData);
2154 ok(!memcmp(got->Issuer.pbData, got->Issuer.pbData, got->Issuer.cbData),
2155 "Unexpected issuer\n");
2156 ok(got->SerialNumber.cbData == expected->SerialNumber.cbData,
2157 "Expected serial number size %d, got %d\n", expected->SerialNumber.cbData,
2158 got->SerialNumber.cbData);
2159 ok(!memcmp(got->SerialNumber.pbData, got->SerialNumber.pbData,
2160 got->SerialNumber.cbData), "Unexpected serial number\n");
2161 /* FIXME: check more things */
2162 }
2163
2164 static const BYTE signedWithCertAndCrlComputedHash[] = {
2165 0x08,0xd6,0xc0,0x5a,0x21,0x51,0x2a,0x79,0xa1,0xdf,0xeb,0x9d,0x2a,0x8f,0x26,
2166 0x2f };
2167
2168 static void test_decode_msg_get_param(void)
2169 {
2170 HCRYPTMSG msg;
2171 BOOL ret;
2172 DWORD size = 0, value;
2173 LPBYTE buf;
2174
2175 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL);
2176 SetLastError(0xdeadbeef);
2177 ret = CryptMsgGetParam(msg, CMSG_CONTENT_PARAM, 0, NULL, &size);
2178 ok(!ret && GetLastError() == CRYPT_E_INVALID_MSG_TYPE,
2179 "Expected CRYPT_E_INVALID_MSG_TYPE, got %x\n", GetLastError());
2180 ret = CryptMsgUpdate(msg, dataContent, sizeof(dataContent), TRUE);
2181 check_param("data content", msg, CMSG_CONTENT_PARAM, msgData,
2182 sizeof(msgData));
2183 CryptMsgClose(msg);
2184
2185 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL);
2186 ret = CryptMsgUpdate(msg, hashEmptyContent, sizeof(hashEmptyContent), TRUE);
2187 check_param("empty hash content", msg, CMSG_CONTENT_PARAM, NULL, 0);
2188 check_param("empty hash hash data", msg, CMSG_HASH_DATA_PARAM, NULL, 0);
2189 check_param("empty hash computed hash", msg, CMSG_COMPUTED_HASH_PARAM,
2190 emptyHashParam, sizeof(emptyHashParam));
2191 CryptMsgClose(msg);
2192 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL);
2193 ret = CryptMsgUpdate(msg, hashContent, sizeof(hashContent), TRUE);
2194 check_param("hash content", msg, CMSG_CONTENT_PARAM, msgData,
2195 sizeof(msgData));
2196 check_param("hash hash data", msg, CMSG_HASH_DATA_PARAM, hashParam,
2197 sizeof(hashParam));
2198 check_param("hash computed hash", msg, CMSG_COMPUTED_HASH_PARAM,
2199 hashParam, sizeof(hashParam));
2200 /* Curiously, getting the hash of index 1 succeeds, even though there's
2201 * only one hash.
2202 */
2203 ret = CryptMsgGetParam(msg, CMSG_COMPUTED_HASH_PARAM, 1, NULL, &size);
2204 ok(ret, "CryptMsgGetParam failed: %08x\n", GetLastError());
2205 buf = CryptMemAlloc(size);
2206 if (buf)
2207 {
2208 ret = CryptMsgGetParam(msg, CMSG_COMPUTED_HASH_PARAM, 1, buf, &size);
2209 ok(size == sizeof(hashParam), "Unexpected size %d\n", size);
2210 ok(!memcmp(buf, hashParam, size), "Unexpected value\n");
2211 CryptMemFree(buf);
2212 }
2213 check_param("hash inner OID", msg, CMSG_INNER_CONTENT_TYPE_PARAM,
2214 (const BYTE *)szOID_RSA_data, strlen(szOID_RSA_data) + 1);
2215 value = CMSG_HASHED_DATA_V0;
2216 check_param("hash version", msg, CMSG_VERSION_PARAM, (const BYTE *)&value,
2217 sizeof(value));
2218 CryptMsgClose(msg);
2219
2220 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL);
2221 ret = CryptMsgUpdate(msg, signedContent, sizeof(signedContent), TRUE);
2222 ok(ret, "CryptMsgUpdate failed: %08x\n", GetLastError());
2223 check_param("signed content", msg, CMSG_CONTENT_PARAM, msgData,
2224 sizeof(msgData));
2225 check_param("inner content", msg, CMSG_INNER_CONTENT_TYPE_PARAM,
2226 (const BYTE *)szOID_RSA_data, strlen(szOID_RSA_data) + 1);
2227 size = sizeof(value);
2228 value = 2112;
2229 ret = CryptMsgGetParam(msg, CMSG_SIGNER_COUNT_PARAM, 0, &value, &size);
2230 ok(ret, "CryptMsgGetParam failed: %08x\n", GetLastError());
2231 ok(value == 1, "Expected 1 signer, got %d\n", value);
2232 size = 0;
2233 ret = CryptMsgGetParam(msg, CMSG_SIGNER_INFO_PARAM, 0, NULL, &size);
2234 ok(ret, "CryptMsgGetParam failed: %08x\n", GetLastError());
2235 if (ret)
2236 buf = CryptMemAlloc(size);
2237 else
2238 buf = NULL;
2239 if (buf)
2240 {
2241 CMSG_SIGNER_INFO signer = { 0 };
2242
2243 signer.dwVersion = 1;
2244 signer.Issuer.cbData = sizeof(encodedCommonName);
2245 signer.Issuer.pbData = encodedCommonName;
2246 signer.SerialNumber.cbData = sizeof(serialNum);
2247 signer.SerialNumber.pbData = serialNum;
2248 signer.HashAlgorithm.pszObjId = oid_rsa_md5;
2249 CryptMsgGetParam(msg, CMSG_SIGNER_INFO_PARAM, 0, buf, &size);
2250 compare_signer_info((CMSG_SIGNER_INFO *)buf, &signer);
2251 CryptMemFree(buf);
2252 }
2253 /* index is ignored when getting signer count */
2254 size = sizeof(value);
2255 ret = CryptMsgGetParam(msg, CMSG_SIGNER_COUNT_PARAM, 1, &value, &size);
2256 ok(ret, "CryptMsgGetParam failed: %08x\n", GetLastError());
2257 ok(value == 1, "Expected 1 signer, got %d\n", value);
2258 ret = CryptMsgGetParam(msg, CMSG_CERT_COUNT_PARAM, 0, &value, &size);
2259 ok(ret, "CryptMsgGetParam failed: %08x\n", GetLastError());
2260 ok(value == 0, "Expected 0 certs, got %d\n", value);
2261 ret = CryptMsgGetParam(msg, CMSG_CRL_COUNT_PARAM, 0, &value, &size);
2262 ok(ret, "CryptMsgGetParam failed: %08x\n", GetLastError());
2263 ok(value == 0, "Expected 0 CRLs, got %d\n", value);
2264 CryptMsgClose(msg);
2265 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED, 0, NULL,
2266 NULL);
2267 ret = CryptMsgUpdate(msg, signedWithCertAndCrlBareContent,
2268 sizeof(signedWithCertAndCrlBareContent), TRUE);
2269 ok(ret, "CryptMsgUpdate failed: %08x\n", GetLastError());
2270 ret = CryptMsgGetParam(msg, CMSG_CERT_COUNT_PARAM, 0, &value, &size);
2271 ok(ret, "CryptMsgGetParam failed: %08x\n", GetLastError());
2272 ok(value == 1, "Expected 1 cert, got %d\n", value);
2273 check_param("cert", msg, CMSG_CERT_PARAM, cert, sizeof(cert));
2274 ret = CryptMsgGetParam(msg, CMSG_CRL_COUNT_PARAM, 0, &value, &size);
2275 ok(ret, "CryptMsgGetParam failed: %08x\n", GetLastError());
2276 ok(value == 1, "Expected 1 CRL, got %d\n", value);
2277 check_param("crl", msg, CMSG_CRL_PARAM, crl, sizeof(crl));
2278 check_param("signed with cert and CRL computed hash", msg,
2279 CMSG_COMPUTED_HASH_PARAM, signedWithCertAndCrlComputedHash,
2280 sizeof(signedWithCertAndCrlComputedHash));
2281 CryptMsgClose(msg);
2282 }
2283
2284 static void test_decode_msg(void)
2285 {
2286 test_decode_msg_update();
2287 test_decode_msg_get_param();
2288 }
2289
2290 static BYTE aKey[] = { 0,1,2,3,4,5,6,7,8,9,0xa,0xb,0xc,0xd,0xe,0xf };
2291 /* aKey encoded as a X509_PUBLIC_KEY_INFO */
2292 static BYTE encodedPubKey[] = {
2293 0x30,0x1f,0x30,0x0a,0x06,0x06,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x05,0x00,0x03,
2294 0x11,0x00,0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,
2295 0x0d,0x0e,0x0f };
2296 /* a weird modulus encoded as RSA_CSP_PUBLICKEYBLOB */
2297 static BYTE mod_encoded[] = {
2298 0x30,0x10,0x02,0x09,0x00,0x80,0x00,0x00,0x01,0x01,0x01,0x01,0x01,0x02,0x03,
2299 0x01,0x00,0x01 };
2300
2301 static void test_msg_control(void)
2302 {
2303 static char oid_rsa_rsa[] = szOID_RSA_RSA;
2304 BOOL ret;
2305 HCRYPTMSG msg;
2306 DWORD i;
2307 CERT_INFO certInfo = { 0 };
2308 CMSG_HASHED_ENCODE_INFO hashInfo = { 0 };
2309 CMSG_SIGNED_ENCODE_INFO signInfo = { sizeof(signInfo), 0 };
2310 CMSG_CTRL_DECRYPT_PARA decryptPara = { sizeof(decryptPara), 0 };
2311
2312 /* Crashes
2313 ret = CryptMsgControl(NULL, 0, 0, NULL);
2314 */
2315
2316 /* Data encode messages don't allow any sort of control.. */
2317 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_DATA, NULL, NULL,
2318 NULL);
2319 /* either with no prior update.. */
2320 for (i = 1; have_nt && (i <= CMSG_CTRL_ADD_CMS_SIGNER_INFO); i++)
2321 {
2322 SetLastError(0xdeadbeef);
2323 ret = CryptMsgControl(msg, 0, i, NULL);
2324 ok(!ret && GetLastError() == E_INVALIDARG,
2325 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2326 }
2327 /* or after an update. */
2328 for (i = 1; have_nt && (i <= CMSG_CTRL_ADD_CMS_SIGNER_INFO); i++)
2329 {
2330 SetLastError(0xdeadbeef);
2331 ret = CryptMsgControl(msg, 0, i, NULL);
2332 ok(!ret && GetLastError() == E_INVALIDARG,
2333 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2334 }
2335 CryptMsgClose(msg);
2336
2337 /* Hash encode messages don't allow any sort of control.. */
2338 hashInfo.cbSize = sizeof(hashInfo);
2339 hashInfo.HashAlgorithm.pszObjId = oid_rsa_md5;
2340 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_HASHED, &hashInfo,
2341 NULL, NULL);
2342 /* either with no prior update.. */
2343 for (i = 1; have_nt && (i <= CMSG_CTRL_ADD_CMS_SIGNER_INFO); i++)
2344 {
2345 SetLastError(0xdeadbeef);
2346 ret = CryptMsgControl(msg, 0, i, NULL);
2347 ok(!ret && GetLastError() == E_INVALIDARG,
2348 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2349 }
2350 ret = CryptMsgUpdate(msg, NULL, 0, TRUE);
2351 /* or after an update. */
2352 for (i = 1; have_nt && (i <= CMSG_CTRL_ADD_CMS_SIGNER_INFO); i++)
2353 {
2354 SetLastError(0xdeadbeef);
2355 ret = CryptMsgControl(msg, 0, i, NULL);
2356 ok(!ret && GetLastError() == E_INVALIDARG,
2357 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2358 }
2359 CryptMsgClose(msg);
2360
2361 /* Signed encode messages likewise don't allow any sort of control.. */
2362 signInfo.cbSize = sizeof(signInfo);
2363 msg = CryptMsgOpenToEncode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED, &signInfo,
2364 NULL, NULL);
2365 /* either before an update.. */
2366 for (i = 1; have_nt && (i <= CMSG_CTRL_ADD_CMS_SIGNER_INFO); i++)
2367 {
2368 SetLastError(0xdeadbeef);
2369 ret = CryptMsgControl(msg, 0, i, NULL);
2370 ok(!ret && GetLastError() == E_INVALIDARG,
2371 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2372 }
2373 ret = CryptMsgUpdate(msg, NULL, 0, TRUE);
2374 /* or after an update. */
2375 for (i = 1; have_nt && (i <= CMSG_CTRL_ADD_CMS_SIGNER_INFO); i++)
2376 {
2377 SetLastError(0xdeadbeef);
2378 ret = CryptMsgControl(msg, 0, i, NULL);
2379 ok(!ret && GetLastError() == E_INVALIDARG,
2380 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2381 }
2382 CryptMsgClose(msg);
2383
2384 /* Decode messages behave a bit differently. */
2385 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL);
2386 /* Bad control type */
2387 SetLastError(0xdeadbeef);
2388 ret = CryptMsgControl(msg, 0, 0, NULL);
2389 ok(!ret && GetLastError() == CRYPT_E_CONTROL_TYPE,
2390 "Expected CRYPT_E_CONTROL_TYPE, got %08x\n", GetLastError());
2391 SetLastError(0xdeadbeef);
2392 ret = CryptMsgControl(msg, 1, 0, NULL);
2393 ok(!ret && GetLastError() == CRYPT_E_CONTROL_TYPE,
2394 "Expected CRYPT_E_CONTROL_TYPE, got %08x\n", GetLastError());
2395 /* Can't verify the hash of an indeterminate-type message */
2396 SetLastError(0xdeadbeef);
2397 ret = CryptMsgControl(msg, 0, CMSG_CTRL_VERIFY_HASH, NULL);
2398 ok(!ret && GetLastError() == CRYPT_E_INVALID_MSG_TYPE,
2399 "Expected CRYPT_E_INVALID_MSG_TYPE, got %08x\n", GetLastError());
2400 /* Crashes
2401 ret = CryptMsgControl(msg, 0, CMSG_CTRL_DECRYPT, NULL);
2402 */
2403 /* Can't decrypt an indeterminate-type message */
2404 ret = CryptMsgControl(msg, 0, CMSG_CTRL_DECRYPT, &decryptPara);
2405 ok(!ret && GetLastError() == CRYPT_E_INVALID_MSG_TYPE,
2406 "Expected CRYPT_E_INVALID_MSG_TYPE, got %08x\n", GetLastError());
2407 CryptMsgClose(msg);
2408
2409 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, CMSG_HASHED, 0, NULL,
2410 NULL);
2411 /* Can't verify the hash of an empty message */
2412 SetLastError(0xdeadbeef);
2413 ret = CryptMsgControl(msg, 0, CMSG_CTRL_VERIFY_HASH, NULL);
2414 todo_wine
2415 ok(!ret && GetLastError() == STATUS_ACCESS_VIOLATION,
2416 "Expected STATUS_ACCESS_VIOLATION, got %08x\n", GetLastError());
2417 /* Crashes
2418 ret = CryptMsgControl(msg, 0, CMSG_CTRL_VERIFY_SIGNATURE, NULL);
2419 */
2420 /* Can't verify the signature of a hash message */
2421 ret = CryptMsgControl(msg, 0, CMSG_CTRL_VERIFY_SIGNATURE, &certInfo);
2422 ok(!ret && GetLastError() == CRYPT_E_INVALID_MSG_TYPE,
2423 "Expected CRYPT_E_INVALID_MSG_TYPE, got %08x\n", GetLastError());
2424 CryptMsgUpdate(msg, hashEmptyBareContent, sizeof(hashEmptyBareContent),
2425 TRUE);
2426 /* Oddly enough, this fails */
2427 ret = CryptMsgControl(msg, 0, CMSG_CTRL_VERIFY_HASH, NULL);
2428 todo_wine
2429 ok(!ret, "Expected failure\n");
2430 CryptMsgClose(msg);
2431 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, CMSG_HASHED, 0, NULL,
2432 NULL);
2433 CryptMsgUpdate(msg, hashBareContent, sizeof(hashBareContent), TRUE);
2434 ret = CryptMsgControl(msg, 0, CMSG_CTRL_VERIFY_HASH, NULL);
2435 ok(ret, "CryptMsgControl failed: %08x\n", GetLastError());
2436 /* Can't decrypt an indeterminate-type message */
2437 SetLastError(0xdeadbeef);
2438 ret = CryptMsgControl(msg, 0, CMSG_CTRL_DECRYPT, &decryptPara);
2439 ok(!ret && GetLastError() == CRYPT_E_INVALID_MSG_TYPE,
2440 "Expected CRYPT_E_INVALID_MSG_TYPE, got %08x\n", GetLastError());
2441 CryptMsgClose(msg);
2442
2443 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED, 0, NULL,
2444 NULL);
2445 /* Can't verify the hash of a signed message */
2446 SetLastError(0xdeadbeef);
2447 ret = CryptMsgControl(msg, 0, CMSG_CTRL_VERIFY_HASH, NULL);
2448 ok(!ret && GetLastError() == CRYPT_E_INVALID_MSG_TYPE,
2449 "Expected CRYPT_E_INVALID_MSG_TYPE, got %08x\n", GetLastError());
2450 /* Can't decrypt a signed message */
2451 SetLastError(0xdeadbeef);
2452 ret = CryptMsgControl(msg, 0, CMSG_CTRL_DECRYPT, &decryptPara);
2453 ok(!ret && GetLastError() == CRYPT_E_INVALID_MSG_TYPE,
2454 "Expected CRYPT_E_INVALID_MSG_TYPE, got %08x\n", GetLastError());
2455 /* Crash
2456 ret = CryptMsgControl(msg, 0, CMSG_CTRL_VERIFY_SIGNATURE, NULL);
2457 ret = CryptMsgControl(msg, 0, CMSG_CTRL_VERIFY_SIGNATURE, &certInfo);
2458 */
2459 CryptMsgUpdate(msg, signedWithCertBareContent,
2460 sizeof(signedWithCertBareContent), TRUE);
2461 /* With an empty cert info, the signer can't be found in the message (and
2462 * the signature can't be verified.
2463 */
2464 SetLastError(0xdeadbeef);
2465 ret = CryptMsgControl(msg, 0, CMSG_CTRL_VERIFY_SIGNATURE, &certInfo);
2466 ok(!ret && GetLastError() == CRYPT_E_SIGNER_NOT_FOUND,
2467 "Expected CRYPT_E_SIGNER_NOT_FOUND, got %08x\n", GetLastError());
2468 /* The cert info is expected to have an issuer, serial number, and public
2469 * key info set.
2470 */
2471 certInfo.SerialNumber.cbData = sizeof(serialNum);
2472 certInfo.SerialNumber.pbData = serialNum;
2473 certInfo.Issuer.cbData = sizeof(encodedCommonName);
2474 certInfo.Issuer.pbData = encodedCommonName;
2475 SetLastError(0xdeadbeef);
2476 ret = CryptMsgControl(msg, 0, CMSG_CTRL_VERIFY_SIGNATURE, &certInfo);
2477 ok(!ret && GetLastError() == CRYPT_E_ASN1_EOD,
2478 "Expected CRYPT_E_ASN1_EOD, got %08x\n", GetLastError());
2479 CryptMsgClose(msg);
2480 /* This cert has a public key, but it's not in a usable form */
2481 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, CMSG_SIGNED, 0, NULL,
2482 NULL);
2483 CryptMsgUpdate(msg, signedWithCertWithPubKeyBareContent,
2484 sizeof(signedWithCertWithPubKeyBareContent), TRUE);
2485 /* Again, cert info needs to have a public key set */
2486 SetLastError(0xdeadbeef);
2487 ret = CryptMsgControl(msg, 0, CMSG_CTRL_VERIFY_SIGNATURE, &certInfo);
2488 ok(!ret &&
2489 (GetLastError() == CRYPT_E_ASN1_EOD ||
2490 GetLastError() == TRUST_E_NOSIGNATURE /* Vista */),
2491 "Expected CRYPT_E_ASN1_EOD or TRUST_E_NOSIGNATURE, got %08x\n", GetLastError());
2492 /* The public key is supposed to be in encoded form.. */
2493 certInfo.SubjectPublicKeyInfo.Algorithm.pszObjId = oid_rsa_rsa;
2494 certInfo.SubjectPublicKeyInfo.PublicKey.cbData = sizeof(aKey);
2495 certInfo.SubjectPublicKeyInfo.PublicKey.pbData = aKey;
2496 SetLastError(0xdeadbeef);
2497 ret = CryptMsgControl(msg, 0, CMSG_CTRL_VERIFY_SIGNATURE, &certInfo);
2498 ok(!ret &&
2499 (GetLastError() == CRYPT_E_ASN1_BADTAG ||
2500 GetLastError() == TRUST_E_NOSIGNATURE /* Vista */),
2501 "Expected CRYPT_E_ASN1_BADTAG or TRUST_E_NOSIGNATURE, got %08x\n", GetLastError());
2502 /* but not as a X509_PUBLIC_KEY_INFO.. */
2503 certInfo.SubjectPublicKeyInfo.Algorithm.pszObjId = NULL;
2504 certInfo.SubjectPublicKeyInfo.PublicKey.cbData = sizeof(encodedPubKey);
2505 certInfo.SubjectPublicKeyInfo.PublicKey.pbData = encodedPubKey;
2506 SetLastError(0xdeadbeef);
2507 ret = CryptMsgControl(msg, 0, CMSG_CTRL_VERIFY_SIGNATURE, &certInfo);
2508 ok(!ret &&
2509 (GetLastError() == CRYPT_E_ASN1_BADTAG ||
2510 GetLastError() == TRUST_E_NOSIGNATURE /* Vista */),
2511 "Expected CRYPT_E_ASN1_BADTAG or TRUST_E_NOSIGNATURE, got %08x\n", GetLastError());
2512 /* This decodes successfully, but it doesn't match any key in the message */
2513 certInfo.SubjectPublicKeyInfo.PublicKey.cbData = sizeof(mod_encoded);
2514 certInfo.SubjectPublicKeyInfo.PublicKey.pbData = mod_encoded;
2515 SetLastError(0xdeadbeef);
2516 ret = CryptMsgControl(msg, 0, CMSG_CTRL_VERIFY_SIGNATURE, &certInfo);
2517 /* In Wine's rsaenh, this fails to decode because the key length is too
2518 * small. Not sure if that's a bug in rsaenh, so leaving todo_wine for
2519 * now.
2520 */
2521 todo_wine
2522 ok(!ret &&
2523 (GetLastError() == NTE_BAD_SIGNATURE ||
2524 GetLastError() == TRUST_E_NOSIGNATURE /* Vista */),
2525 "Expected NTE_BAD_SIGNATURE or TRUST_E_NOSIGNATURE, got %08x\n", GetLastError());
2526 CryptMsgClose(msg);
2527 /* A message with no data doesn't have a valid signature */
2528 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL);
2529 CryptMsgUpdate(msg, signedWithCertWithValidPubKeyEmptyContent,
2530 sizeof(signedWithCertWithValidPubKeyEmptyContent), TRUE);
2531 certInfo.SubjectPublicKeyInfo.Algorithm.pszObjId = oid_rsa_rsa;
2532 certInfo.SubjectPublicKeyInfo.PublicKey.cbData = sizeof(pubKey);
2533 certInfo.SubjectPublicKeyInfo.PublicKey.pbData = pubKey;
2534 SetLastError(0xdeadbeef);
2535 ret = CryptMsgControl(msg, 0, CMSG_CTRL_VERIFY_SIGNATURE, &certInfo);
2536 ok(!ret &&
2537 (GetLastError() == NTE_BAD_SIGNATURE ||
2538 GetLastError() == TRUST_E_NOSIGNATURE /* Vista */),
2539 "Expected NTE_BAD_SIGNATURE or TRUST_E_NOSIGNATURE, got %08x\n", GetLastError());
2540 CryptMsgClose(msg);
2541 /* Finally, this succeeds */
2542 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL);
2543 CryptMsgUpdate(msg, signedWithCertWithValidPubKeyContent,
2544 sizeof(signedWithCertWithValidPubKeyContent), TRUE);
2545 ret = CryptMsgControl(msg, 0, CMSG_CTRL_VERIFY_SIGNATURE, &certInfo);
2546 ok(ret, "CryptMsgControl failed: %08x\n", GetLastError());
2547 CryptMsgClose(msg);
2548 }
2549
2550 /* win9x has much less parameter checks and will crash on many tests
2551 * this code is from test_signed_msg_update()
2552 */
2553 static BOOL detect_nt(void)
2554 {
2555 BOOL ret;
2556 CMSG_SIGNER_ENCODE_INFO signer = { sizeof(signer), 0 };
2557 CERT_INFO certInfo = { 0 };
2558
2559
2560 certInfo.SerialNumber.cbData = sizeof(serialNum);
2561 certInfo.SerialNumber.pbData = serialNum;
2562 certInfo.Issuer.cbData = sizeof(encodedCommonName);
2563 certInfo.Issuer.pbData = encodedCommonName;
2564 signer.pCertInfo = &certInfo;
2565 signer.HashAlgorithm.pszObjId = oid_rsa_md5;
2566
2567 ret = pCryptAcquireContextW(&signer.hCryptProv, cspNameW, NULL,
2568 PROV_RSA_FULL, CRYPT_NEWKEYSET);
2569 if (!ret && GetLastError() == NTE_EXISTS) {
2570 ret = pCryptAcquireContextW(&signer.hCryptProv, cspNameW, NULL,
2571 PROV_RSA_FULL, 0);
2572 }
2573
2574 if (!ret && GetLastError() == ERROR_CALL_NOT_IMPLEMENTED) return FALSE;
2575
2576 /* cleanup */
2577 CryptReleaseContext(signer.hCryptProv, 0);
2578 pCryptAcquireContextW(&signer.hCryptProv, cspNameW, NULL, PROV_RSA_FULL,
2579 CRYPT_DELETEKEYSET);
2580
2581 return TRUE;
2582 }
2583
2584 static void test_msg_get_and_verify_signer(void)
2585 {
2586 BOOL ret;
2587 HCRYPTMSG msg;
2588 PCCERT_CONTEXT signer;
2589 DWORD signerIndex;
2590 HCERTSTORE store;
2591
2592 /* Crash */
2593 if (0)
2594 {
2595 ret = CryptMsgGetAndVerifySigner(NULL, 0, NULL, 0, NULL, NULL);
2596 ret = CryptMsgGetAndVerifySigner(NULL, 0, NULL, 0, NULL, &signerIndex);
2597 }
2598
2599 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL);
2600 /* An empty message has no signer */
2601 SetLastError(0xdeadbeef);
2602 ret = CryptMsgGetAndVerifySigner(msg, 0, NULL, 0, NULL, NULL);
2603 ok(!ret && GetLastError() == CRYPT_E_NO_TRUSTED_SIGNER,
2604 "expected CRYPT_E_NO_TRUSTED_SIGNER, got 0x%08x\n", GetLastError());
2605 /* The signer is cleared on error */
2606 signer = (PCCERT_CONTEXT)0xdeadbeef;
2607 SetLastError(0xdeadbeef);
2608 ret = CryptMsgGetAndVerifySigner(msg, 0, NULL, 0, &signer, NULL);
2609 ok(!ret && GetLastError() == CRYPT_E_NO_TRUSTED_SIGNER,
2610 "expected CRYPT_E_NO_TRUSTED_SIGNER, got 0x%08x\n", GetLastError());
2611 ok(!signer, "expected signer to be NULL\n");
2612 /* The signer index is also cleared on error */
2613 signerIndex = 0xdeadbeef;
2614 SetLastError(0xdeadbeef);
2615 ret = CryptMsgGetAndVerifySigner(msg, 0, NULL, 0, NULL, &signerIndex);
2616 ok(!ret && GetLastError() == CRYPT_E_NO_TRUSTED_SIGNER,
2617 "expected CRYPT_E_NO_TRUSTED_SIGNER, got 0x%08x\n", GetLastError());
2618 ok(!signerIndex, "expected 0, got %d\n", signerIndex);
2619 /* An unsigned message (msgData isn't a signed message at all)
2620 * likewise has no signer.
2621 */
2622 CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
2623 SetLastError(0xdeadbeef);
2624 ret = CryptMsgGetAndVerifySigner(msg, 0, NULL, 0, NULL, NULL);
2625 ok(!ret && GetLastError() == CRYPT_E_NO_TRUSTED_SIGNER,
2626 "expected CRYPT_E_NO_TRUSTED_SIGNER, got 0x%08x\n", GetLastError());
2627 CryptMsgClose(msg);
2628
2629 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL);
2630 /* A "signed" message created with no signer cert likewise has no signer */
2631 CryptMsgUpdate(msg, signedEmptyContent, sizeof(signedEmptyContent), TRUE);
2632 SetLastError(0xdeadbeef);
2633 ret = CryptMsgGetAndVerifySigner(msg, 0, NULL, 0, NULL, NULL);
2634 ok(!ret && GetLastError() == CRYPT_E_NO_TRUSTED_SIGNER,
2635 "expected CRYPT_E_NO_TRUSTED_SIGNER, got 0x%08x\n", GetLastError());
2636 CryptMsgClose(msg);
2637
2638 msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL);
2639 /* A signed message succeeds, .. */
2640 CryptMsgUpdate(msg, signedWithCertWithValidPubKeyContent,
2641 sizeof(signedWithCertWithValidPubKeyContent), TRUE);
2642 ret = CryptMsgGetAndVerifySigner(msg, 0, NULL, 0, NULL, NULL);
2643 ok(ret, "CryptMsgGetAndVerifySigner failed: 0x%08x\n", GetLastError());
2644 /* the signer index can be retrieved, .. */
2645 signerIndex = 0xdeadbeef;
2646 ret = CryptMsgGetAndVerifySigner(msg, 0, NULL, 0, NULL, &signerIndex);
2647 ok(ret, "CryptMsgGetAndVerifySigner failed: 0x%08x\n", GetLastError());
2648 ok(signerIndex == 0, "expected 0, got %d\n", signerIndex);
2649 /* as can the signer cert. */
2650 signer = (PCCERT_CONTEXT)0xdeadbeef;
2651 ret = CryptMsgGetAndVerifySigner(msg, 0, NULL, 0, &signer, NULL);
2652 ok(ret, "CryptMsgGetAndVerifySigner failed: 0x%08x\n", GetLastError());
2653 ok(signer != NULL && signer != (PCCERT_CONTEXT)0xdeadbeef,
2654 "expected a valid signer\n");
2655 if (signer && signer != (PCCERT_CONTEXT)0xdeadbeef)
2656 CertFreeCertificateContext(signer);
2657 /* Specifying CMSG_USE_SIGNER_INDEX_FLAG and an invalid signer index fails
2658 */
2659 signerIndex = 0xdeadbeef;
2660 SetLastError(0xdeadbeef);
2661 ret = CryptMsgGetAndVerifySigner(msg, 0, NULL, CMSG_USE_SIGNER_INDEX_FLAG,
2662 NULL, &signerIndex);
2663 ok(!ret && GetLastError() == CRYPT_E_INVALID_INDEX,
2664 "expected CRYPT_E_INVALID_INDEX, got 0x%08x\n", GetLastError());
2665 /* Specifying CMSG_TRUSTED_SIGNER_FLAG and no cert stores causes the
2666 * message signer not to be found.
2667 */
2668 SetLastError(0xdeadbeef);
2669 ret = CryptMsgGetAndVerifySigner(msg, 0, NULL, CMSG_TRUSTED_SIGNER_FLAG,
2670 NULL, NULL);
2671 ok(!ret && GetLastError() == CRYPT_E_NO_TRUSTED_SIGNER,
2672 "expected CRYPT_E_NO_TRUSTED_SIGNER, got 0x%08x\n", GetLastError());
2673 /* Specifying CMSG_TRUSTED_SIGNER_FLAG and an empty cert store also causes
2674 * the message signer not to be found.
2675 */
2676 store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
2677 CERT_STORE_CREATE_NEW_FLAG, NULL);
2678 SetLastError(0xdeadbeef);
2679 ret = CryptMsgGetAndVerifySigner(msg, 1, &store, CMSG_TRUSTED_SIGNER_FLAG,
2680 NULL, NULL);
2681 ok(!ret && GetLastError() == CRYPT_E_NO_TRUSTED_SIGNER,
2682 "expected CRYPT_E_NO_TRUSTED_SIGNER, got 0x%08x\n", GetLastError());
2683 ret = CertAddEncodedCertificateToStore(store, X509_ASN_ENCODING,
2684 v1CertWithValidPubKey, sizeof(v1CertWithValidPubKey),
2685 CERT_STORE_ADD_ALWAYS, NULL);
2686 ok(ret, "CertAddEncodedCertificateToStore failed: 0x%08x\n",
2687 GetLastError());
2688 /* Specifying CMSG_TRUSTED_SIGNER_FLAG with a cert store that contains
2689 * the signer succeeds.
2690 */
2691 SetLastError(0xdeadbeef);
2692 ret = CryptMsgGetAndVerifySigner(msg, 1, &store, CMSG_TRUSTED_SIGNER_FLAG,
2693 NULL, NULL);
2694 ok(ret, "CryptMsgGetAndVerifySigner failed: 0x%08x\n", GetLastError());
2695 CertCloseStore(store, 0);
2696 CryptMsgClose(msg);
2697 }
2698
2699 START_TEST(msg)
2700 {
2701 init_function_pointers();
2702 have_nt = detect_nt();
2703
2704 /* Basic parameter checking tests */
2705 test_msg_open_to_encode();
2706 test_msg_open_to_decode();
2707 test_msg_get_param();
2708 test_msg_close();
2709 test_msg_control();
2710
2711 /* Message-type specific tests */
2712 test_data_msg();
2713 test_hash_msg();
2714 test_signed_msg();
2715 test_decode_msg();
2716
2717 test_msg_get_and_verify_signer();
2718 }
useful hacks and other patches not (yet) suitable for mainline