search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
push 0e6205f14485faf726c13701981a3210b06d24f6
[wine/hacks.git] / dlls / secur32 / tests / schannel.c
blob881f443929844c011dc979535d159cf68b0731c1
1 /*
2 * Schannel tests
3 *
4 * Copyright 2006 Juan Lang
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
19 */
20 #include <stdio.h>
21 #include <stdarg.h>
22 #include <windef.h>
23 #include <winbase.h>
24 #define SECURITY_WIN32
25 #include <security.h>
26 #include <schannel.h>
27
28 #include "wine/test.h"
29
30 static HMODULE secdll, crypt32dll;
31
32 static ACQUIRE_CREDENTIALS_HANDLE_FN_A pAcquireCredentialsHandleA;
33 static FREE_CREDENTIALS_HANDLE_FN pFreeCredentialsHandle;
34 static QUERY_CREDENTIALS_ATTRIBUTES_FN_A pQueryCredentialsAttributesA;
35
36 static PCCERT_CONTEXT (WINAPI *pCertCreateCertificateContext)(DWORD,const BYTE*,DWORD);
37 static BOOL (WINAPI *pCertFreeCertificateContext)(PCCERT_CONTEXT);
38 static BOOL (WINAPI *pCertSetCertificateContextProperty)(PCCERT_CONTEXT,DWORD,DWORD,const void*);
39
40 static BOOL (WINAPI *pCryptAcquireContextW)(HCRYPTPROV*, LPCWSTR, LPCWSTR, DWORD, DWORD);
41 static BOOL (WINAPI *pCryptDestroyKey)(HCRYPTKEY);
42 static BOOL (WINAPI *pCryptImportKey)(HCRYPTPROV,CONST BYTE*,DWORD,HCRYPTKEY,DWORD,HCRYPTKEY*);
43 static BOOL (WINAPI *pCryptReleaseContext)(HCRYPTPROV,ULONG_PTR);
44
45 static const BYTE bigCert[] = { 0x30, 0x7a, 0x02, 0x01, 0x01, 0x30, 0x02, 0x06,
46 0x00, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13,
47 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x22,
48 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30,
49 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30,
50 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x15, 0x31, 0x13, 0x30,
51 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20,
52 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x07, 0x30, 0x02, 0x06, 0x00, 0x03, 0x01,
53 0x00, 0xa3, 0x16, 0x30, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01,
54 0x01, 0xff, 0x04, 0x08, 0x30, 0x06, 0x01, 0x01, 0xff, 0x02, 0x01, 0x01 };
55 static WCHAR cspNameW[] = { 'W','i','n','e','C','r','y','p','t','T','e',
56 'm','p',0 };
57 static BYTE privKey[] = {
58 0x07, 0x02, 0x00, 0x00, 0x00, 0x24, 0x00, 0x00, 0x52, 0x53, 0x41, 0x32, 0x00,
59 0x02, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x79, 0x10, 0x1c, 0xd0, 0x6b, 0x10,
60 0x18, 0x30, 0x94, 0x61, 0xdc, 0x0e, 0xcb, 0x96, 0x4e, 0x21, 0x3f, 0x79, 0xcd,
61 0xa9, 0x17, 0x62, 0xbc, 0xbb, 0x61, 0x4c, 0xe0, 0x75, 0x38, 0x6c, 0xf3, 0xde,
62 0x60, 0x86, 0x03, 0x97, 0x65, 0xeb, 0x1e, 0x6b, 0xdb, 0x53, 0x85, 0xad, 0x68,
63 0x21, 0xf1, 0x5d, 0xe7, 0x1f, 0xe6, 0x53, 0xb4, 0xbb, 0x59, 0x3e, 0x14, 0x27,
64 0xb1, 0x83, 0xa7, 0x3a, 0x54, 0xe2, 0x8f, 0x65, 0x8e, 0x6a, 0x4a, 0xcf, 0x3b,
65 0x1f, 0x65, 0xff, 0xfe, 0xf1, 0x31, 0x3a, 0x37, 0x7a, 0x8b, 0xcb, 0xc6, 0xd4,
66 0x98, 0x50, 0x36, 0x67, 0xe4, 0xa1, 0xe8, 0x7e, 0x8a, 0xc5, 0x23, 0xf2, 0x77,
67 0xf5, 0x37, 0x61, 0x49, 0x72, 0x59, 0xe8, 0x3d, 0xf7, 0x60, 0xb2, 0x77, 0xca,
68 0x78, 0x54, 0x6d, 0x65, 0x9e, 0x03, 0x97, 0x1b, 0x61, 0xbd, 0x0c, 0xd8, 0x06,
69 0x63, 0xe2, 0xc5, 0x48, 0xef, 0xb3, 0xe2, 0x6e, 0x98, 0x7d, 0xbd, 0x4e, 0x72,
70 0x91, 0xdb, 0x31, 0x57, 0xe3, 0x65, 0x3a, 0x49, 0xca, 0xec, 0xd2, 0x02, 0x4e,
71 0x22, 0x7e, 0x72, 0x8e, 0xf9, 0x79, 0x84, 0x82, 0xdf, 0x7b, 0x92, 0x2d, 0xaf,
72 0xc9, 0xe4, 0x33, 0xef, 0x89, 0x5c, 0x66, 0x99, 0xd8, 0x80, 0x81, 0x47, 0x2b,
73 0xb1, 0x66, 0x02, 0x84, 0x59, 0x7b, 0xc3, 0xbe, 0x98, 0x45, 0x4a, 0x3d, 0xdd,
74 0xea, 0x2b, 0xdf, 0x4e, 0xb4, 0x24, 0x6b, 0xec, 0xe7, 0xd9, 0x0c, 0x45, 0xb8,
75 0xbe, 0xca, 0x69, 0x37, 0x92, 0x4c, 0x38, 0x6b, 0x96, 0x6d, 0xcd, 0x86, 0x67,
76 0x5c, 0xea, 0x54, 0x94, 0xa4, 0xca, 0xa4, 0x02, 0xa5, 0x21, 0x4d, 0xae, 0x40,
77 0x8f, 0x9d, 0x51, 0x83, 0xf2, 0x3f, 0x33, 0xc1, 0x72, 0xb4, 0x1d, 0x94, 0x6e,
78 0x7d, 0xe4, 0x27, 0x3f, 0xea, 0xff, 0xe5, 0x9b, 0xa7, 0x5e, 0x55, 0x8e, 0x0d,
79 0x69, 0x1c, 0x7a, 0xff, 0x81, 0x9d, 0x53, 0x52, 0x97, 0x9a, 0x76, 0x79, 0xda,
80 0x93, 0x32, 0x16, 0xec, 0x69, 0x51, 0x1a, 0x4e, 0xc3, 0xf1, 0x72, 0x80, 0x78,
81 0x5e, 0x66, 0x4a, 0x8d, 0x85, 0x2f, 0x3f, 0xb2, 0xa7 };
82
83 static const BYTE selfSignedCert[] = {
84 0x30, 0x82, 0x01, 0x1f, 0x30, 0x81, 0xce, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02,
85 0x10, 0xeb, 0x0d, 0x57, 0x2a, 0x9c, 0x09, 0xba, 0xa4, 0x4a, 0xb7, 0x25, 0x49,
86 0xd9, 0x3e, 0xb5, 0x73, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1d,
87 0x05, 0x00, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03,
88 0x13, 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30,
89 0x1e, 0x17, 0x0d, 0x30, 0x36, 0x30, 0x36, 0x32, 0x39, 0x30, 0x35, 0x30, 0x30,
90 0x34, 0x36, 0x5a, 0x17, 0x0d, 0x30, 0x37, 0x30, 0x36, 0x32, 0x39, 0x31, 0x31,
91 0x30, 0x30, 0x34, 0x36, 0x5a, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03,
92 0x55, 0x04, 0x03, 0x13, 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e,
93 0x67, 0x00, 0x30, 0x5c, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
94 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x4b, 0x00, 0x30, 0x48, 0x02, 0x41,
95 0x00, 0xe2, 0x54, 0x3a, 0xa7, 0x83, 0xb1, 0x27, 0x14, 0x3e, 0x59, 0xbb, 0xb4,
96 0x53, 0xe6, 0x1f, 0xe7, 0x5d, 0xf1, 0x21, 0x68, 0xad, 0x85, 0x53, 0xdb, 0x6b,
97 0x1e, 0xeb, 0x65, 0x97, 0x03, 0x86, 0x60, 0xde, 0xf3, 0x6c, 0x38, 0x75, 0xe0,
98 0x4c, 0x61, 0xbb, 0xbc, 0x62, 0x17, 0xa9, 0xcd, 0x79, 0x3f, 0x21, 0x4e, 0x96,
99 0xcb, 0x0e, 0xdc, 0x61, 0x94, 0x30, 0x18, 0x10, 0x6b, 0xd0, 0x1c, 0x10, 0x79,
100 0x02, 0x03, 0x01, 0x00, 0x01, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02,
101 0x1d, 0x05, 0x00, 0x03, 0x41, 0x00, 0x25, 0x90, 0x53, 0x34, 0xd9, 0x56, 0x41,
102 0x5e, 0xdb, 0x7e, 0x01, 0x36, 0xec, 0x27, 0x61, 0x5e, 0xb7, 0x4d, 0x90, 0x66,
103 0xa2, 0xe1, 0x9d, 0x58, 0x76, 0xd4, 0x9c, 0xba, 0x2c, 0x84, 0xc6, 0x83, 0x7a,
104 0x22, 0x0d, 0x03, 0x69, 0x32, 0x1a, 0x6d, 0xcb, 0x0c, 0x15, 0xb3, 0x6b, 0xc7,
105 0x0a, 0x8c, 0xb4, 0x5c, 0x34, 0x78, 0xe0, 0x3c, 0x9c, 0xe9, 0xf3, 0x30, 0x9f,
106 0xa8, 0x76, 0x57, 0x92, 0x36 };
107
108 static void InitFunctionPtrs(void)
109 {
110 HMODULE advapi32dll;
111
112 crypt32dll = LoadLibraryA("crypt32.dll");
113 secdll = LoadLibraryA("secur32.dll");
114 if(!secdll)
115 secdll = LoadLibraryA("security.dll");
116 advapi32dll = GetModuleHandleA("advapi32.dll");
117
118 #define GET_PROC(h, func) p ## func = (void*)GetProcAddress(h, #func)
119
120 if(secdll)
121 {
122 GET_PROC(secdll, AcquireCredentialsHandleA);
123 GET_PROC(secdll, FreeCredentialsHandle);
124 GET_PROC(secdll, QueryCredentialsAttributesA);
125 }
126
127 GET_PROC(advapi32dll, CryptAcquireContextW);
128 GET_PROC(advapi32dll, CryptDestroyKey);
129 GET_PROC(advapi32dll, CryptImportKey);
130 GET_PROC(advapi32dll, CryptReleaseContext);
131
132 GET_PROC(crypt32dll, CertFreeCertificateContext);
133 GET_PROC(crypt32dll, CertSetCertificateContextProperty);
134 GET_PROC(crypt32dll, CertCreateCertificateContext);
135
136 #undef GET_PROC
137 }
138
139 static void test_strength(PCredHandle handle)
140 {
141 SecPkgCred_CipherStrengths strength = {-1,-1};
142 SECURITY_STATUS st;
143
144 st = pQueryCredentialsAttributesA(handle, SECPKG_ATTR_CIPHER_STRENGTHS, &strength);
145 ok(st == SEC_E_OK, "QueryCredentialsAttributesA failed: %u\n", GetLastError());
146 ok(strength.dwMinimumCipherStrength, "dwMinimumCipherStrength not changed\n");
147 ok(strength.dwMaximumCipherStrength, "dwMaximumCipherStrength not changed\n");
148 trace("strength %d - %d\n", strength.dwMinimumCipherStrength, strength.dwMaximumCipherStrength);
149 }
150
151 static void testAcquireSecurityContext(void)
152 {
153 SECURITY_STATUS st;
154 CredHandle cred;
155 TimeStamp exp;
156 SCHANNEL_CRED schanCred;
157 PCCERT_CONTEXT certs[2];
158 HCRYPTPROV csp;
159 static CHAR unisp_name_a[] = UNISP_NAME_A;
160 WCHAR ms_def_prov_w[MAX_PATH];
161 BOOL ret;
162 HCRYPTKEY key;
163 CRYPT_KEY_PROV_INFO keyProvInfo;
164
165 if (!pAcquireCredentialsHandleA || !pCertCreateCertificateContext ||
166 !pFreeCredentialsHandle || !pCryptAcquireContextW)
167 {
168 skip("Needed functions are not available\n");
169 return;
170 }
171
172 lstrcpyW(ms_def_prov_w, MS_DEF_PROV_W);
173
174 keyProvInfo.pwszContainerName = cspNameW;
175 keyProvInfo.pwszProvName = ms_def_prov_w;
176 keyProvInfo.dwProvType = PROV_RSA_FULL;
177 keyProvInfo.dwFlags = 0;
178 keyProvInfo.cProvParam = 0;
179 keyProvInfo.rgProvParam = NULL;
180 keyProvInfo.dwKeySpec = AT_SIGNATURE;
181
182 certs[0] = pCertCreateCertificateContext(X509_ASN_ENCODING, bigCert,
183 sizeof(bigCert));
184 certs[1] = pCertCreateCertificateContext(X509_ASN_ENCODING, selfSignedCert,
185 sizeof(selfSignedCert));
186
187 pCryptAcquireContextW(&csp, cspNameW, MS_DEF_PROV_W, PROV_RSA_FULL,
188 CRYPT_DELETEKEYSET);
189
190 st = pAcquireCredentialsHandleA(NULL, NULL, 0, NULL, NULL, NULL, NULL, NULL,
191 NULL);
192 ok(st == SEC_E_SECPKG_NOT_FOUND,
193 "Expected SEC_E_SECPKG_NOT_FOUND, got %08x\n", st);
194 if (0)
195 {
196 /* Crashes on Win2K */
197 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, 0, NULL, NULL, NULL,
198 NULL, NULL, NULL);
199 ok(st == SEC_E_NO_CREDENTIALS, "Expected SEC_E_NO_CREDENTIALS, got %08x\n",
200 st);
201 }
202 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_BOTH, NULL,
203 NULL, NULL, NULL, NULL, NULL);
204 ok(st == SEC_E_NO_CREDENTIALS, "Expected SEC_E_NO_CREDENTIALS, got %08x\n",
205 st);
206 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND,
207 NULL, NULL, NULL, NULL, NULL, NULL);
208 ok(st == SEC_E_NO_CREDENTIALS, "Expected SEC_E_NO_CREDENTIALS, got %08x\n",
209 st);
210 if (0)
211 {
212 /* Crashes */
213 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND,
214 NULL, NULL, NULL, NULL, NULL, NULL);
215 }
216 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND,
217 NULL, NULL, NULL, NULL, &cred, NULL);
218 ok(st == SEC_E_OK, "AcquireCredentialsHandleA failed: %08x\n", st);
219 if(st == SEC_E_OK)
220 pFreeCredentialsHandle(&cred);
221 memset(&cred, 0, sizeof(cred));
222 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND,
223 NULL, NULL, NULL, NULL, &cred, &exp);
224 ok(st == SEC_E_OK, "AcquireCredentialsHandleA failed: %08x\n", st);
225 /* expriy is indeterminate in win2k3 */
226 trace("expiry: %08lx%08lx\n", exp.HighPart, exp.LowPart);
227 pFreeCredentialsHandle(&cred);
228
229 /* Bad version in SCHANNEL_CRED */
230 memset(&schanCred, 0, sizeof(schanCred));
231 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND,
232 NULL, &schanCred, NULL, NULL, NULL, NULL);
233 ok(st == SEC_E_INTERNAL_ERROR ||
234 st == SEC_E_UNKNOWN_CREDENTIALS /* Vista/win2k8 */,
235 "Expected SEC_E_INTERNAL_ERROR or SEC_E_UNKNOWN_CREDENTIALS, got %08x\n", st);
236 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND,
237 NULL, &schanCred, NULL, NULL, NULL, NULL);
238 ok(st == SEC_E_INTERNAL_ERROR ||
239 st == SEC_E_UNKNOWN_CREDENTIALS /* Vista/win2k8 */,
240 "Expected SEC_E_INTERNAL_ERROR or SEC_E_UNKNOWN_CREDENTIALS, got %08x\n", st);
241
242 /* No cert in SCHANNEL_CRED succeeds for outbound.. */
243 schanCred.dwVersion = SCHANNEL_CRED_VERSION;
244 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND,
245 NULL, &schanCred, NULL, NULL, &cred, NULL);
246 ok(st == SEC_E_OK, "AcquireCredentialsHandleA failed: %08x\n", st);
247 pFreeCredentialsHandle(&cred);
248 /* but fails for inbound. */
249 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND,
250 NULL, &schanCred, NULL, NULL, &cred, NULL);
251 ok(st == SEC_E_NO_CREDENTIALS ||
252 st == SEC_E_OK /* Vista/win2k8 */,
253 "Expected SEC_E_NO_CREDENTIALS or SEC_E_OK, got %08x\n", st);
254
255 if (0)
256 {
257 /* Crashes with bad paCred pointer */
258 schanCred.cCreds = 1;
259 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND,
260 NULL, &schanCred, NULL, NULL, NULL, NULL);
261 }
262
263 /* Bogus cert in SCHANNEL_CRED. Windows fails with
264 * SEC_E_UNKNOWN_CREDENTIALS, but I'll accept SEC_E_NO_CREDENTIALS too.
265 */
266 schanCred.cCreds = 1;
267 schanCred.paCred = &certs[0];
268 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND,
269 NULL, &schanCred, NULL, NULL, NULL, NULL);
270 ok(st == SEC_E_UNKNOWN_CREDENTIALS || st == SEC_E_NO_CREDENTIALS,
271 "Expected SEC_E_UNKNOWN_CREDENTIALS or SEC_E_NO_CREDENTIALS, got %08x\n",
272 st);
273 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND,
274 NULL, &schanCred, NULL, NULL, NULL, NULL);
275 ok(st == SEC_E_UNKNOWN_CREDENTIALS || st == SEC_E_NO_CREDENTIALS,
276 "Expected SEC_E_UNKNOWN_CREDENTIALS or SEC_E_NO_CREDENTIALS, got %08x\n",
277 st);
278
279 /* Good cert, but missing private key. Windows fails with
280 * SEC_E_NO_CREDENTIALS, but I'll accept SEC_E_UNKNOWN_CREDENTIALS too.
281 */
282 schanCred.cCreds = 1;
283 schanCred.paCred = &certs[1];
284 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND,
285 NULL, &schanCred, NULL, NULL, &cred, NULL);
286 ok(st == SEC_E_UNKNOWN_CREDENTIALS || st == SEC_E_NO_CREDENTIALS,
287 "Expected SEC_E_UNKNOWN_CREDENTIALS or SEC_E_NO_CREDENTIALS, got %08x\n",
288 st);
289 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND,
290 NULL, &schanCred, NULL, NULL, NULL, NULL);
291 ok(st == SEC_E_UNKNOWN_CREDENTIALS || st == SEC_E_NO_CREDENTIALS,
292 "Expected SEC_E_UNKNOWN_CREDENTIALS or SEC_E_NO_CREDENTIALS, got %08x\n",
293 st);
294
295 /* Good cert, with CRYPT_KEY_PROV_INFO set before it's had a key loaded. */
296 if (pCertSetCertificateContextProperty)
297 {
298 ret = pCertSetCertificateContextProperty(certs[1],
299 CERT_KEY_PROV_INFO_PROP_ID, 0, &keyProvInfo);
300 schanCred.dwVersion = SCH_CRED_V3;
301 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND,
302 NULL, &schanCred, NULL, NULL, &cred, NULL);
303 ok(st == SEC_E_UNKNOWN_CREDENTIALS,
304 "Expected SEC_E_UNKNOWN_CREDENTIALS, got %08x\n", st);
305 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND,
306 NULL, &schanCred, NULL, NULL, &cred, NULL);
307 ok(st == SEC_E_UNKNOWN_CREDENTIALS,
308 "Expected SEC_E_UNKNOWN_CREDENTIALS, got %08x\n", st);
309 }
310
311 ret = pCryptAcquireContextW(&csp, cspNameW, MS_DEF_PROV_W, PROV_RSA_FULL,
312 CRYPT_NEWKEYSET);
313 ok(ret, "CryptAcquireContextW failed: %08x\n", GetLastError());
314 ret = 0;
315 if (pCryptImportKey)
316 {
317 ret = pCryptImportKey(csp, privKey, sizeof(privKey), 0, 0, &key);
318 ok(ret, "CryptImportKey failed: %08x\n", GetLastError());
319 }
320 if (ret)
321 {
322 PCCERT_CONTEXT tmp;
323
324 if (0)
325 {
326 /* Crashes */
327 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND,
328 NULL, &schanCred, NULL, NULL, NULL, NULL);
329 }
330 /* Good cert with private key, bogus version */
331 schanCred.dwVersion = SCH_CRED_V1;
332 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND,
333 NULL, &schanCred, NULL, NULL, &cred, NULL);
334 ok(st == SEC_E_INTERNAL_ERROR ||
335 st == SEC_E_UNKNOWN_CREDENTIALS /* Vista/win2k8 */,
336 "Expected SEC_E_INTERNAL_ERROR or SEC_E_UNKNOWN_CREDENTIALS, got %08x\n", st);
337 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND,
338 NULL, &schanCred, NULL, NULL, &cred, NULL);
339 ok(st == SEC_E_INTERNAL_ERROR ||
340 st == SEC_E_UNKNOWN_CREDENTIALS /* Vista/win2k8 */,
341 "Expected SEC_E_INTERNAL_ERROR or SEC_E_UNKNOWN_CREDENTIALS, got %08x\n", st);
342 schanCred.dwVersion = SCH_CRED_V2;
343 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND,
344 NULL, &schanCred, NULL, NULL, &cred, NULL);
345 ok(st == SEC_E_INTERNAL_ERROR ||
346 st == SEC_E_UNKNOWN_CREDENTIALS /* Vista/win2k8 */,
347 "Expected SEC_E_INTERNAL_ERROR or SEC_E_UNKNOWN_CREDENTIALS, got %08x\n", st);
348 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND,
349 NULL, &schanCred, NULL, NULL, &cred, NULL);
350 ok(st == SEC_E_INTERNAL_ERROR ||
351 st == SEC_E_UNKNOWN_CREDENTIALS /* Vista/win2k8 */,
352 "Expected SEC_E_INTERNAL_ERROR or SEC_E_UNKNOWN_CREDENTIALS, got %08x\n", st);
353
354 /* Succeeds on V3 or higher */
355 schanCred.dwVersion = SCH_CRED_V3;
356 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND,
357 NULL, &schanCred, NULL, NULL, &cred, NULL);
358 ok(st == SEC_E_OK, "AcquireCredentialsHandleA failed: %08x\n", st);
359 pFreeCredentialsHandle(&cred);
360 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND,
361 NULL, &schanCred, NULL, NULL, &cred, NULL);
362 ok(st == SEC_E_OK ||
363 st == SEC_E_UNKNOWN_CREDENTIALS, /* win2k3 */
364 "AcquireCredentialsHandleA failed: %08x\n", st);
365 pFreeCredentialsHandle(&cred);
366 schanCred.dwVersion = SCHANNEL_CRED_VERSION;
367 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND,
368 NULL, &schanCred, NULL, NULL, &cred, NULL);
369 ok(st == SEC_E_OK, "AcquireCredentialsHandleA failed: %08x\n", st);
370 pFreeCredentialsHandle(&cred);
371 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND,
372 NULL, &schanCred, NULL, NULL, &cred, NULL);
373 ok(st == SEC_E_OK ||
374 st == SEC_E_UNKNOWN_CREDENTIALS, /* win2k3 */
375 "AcquireCredentialsHandleA failed: %08x\n", st);
376 if (st == SEC_E_OK) test_strength(&cred);
377 pFreeCredentialsHandle(&cred);
378
379 /* How about more than one cert? */
380 schanCred.cCreds = 2;
381 schanCred.paCred = certs;
382 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND,
383 NULL, &schanCred, NULL, NULL, &cred, NULL);
384 ok(st == SEC_E_UNKNOWN_CREDENTIALS ||
385 st == SEC_E_NO_CREDENTIALS /* Vista/win2k8 */,
386 "Expected SEC_E_UNKNOWN_CREDENTIALS or SEC_E_NO_CREDENTIALS, got %08x\n", st);
387 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND,
388 NULL, &schanCred, NULL, NULL, &cred, NULL);
389 ok(st == SEC_E_UNKNOWN_CREDENTIALS ||
390 st == SEC_E_NO_CREDENTIALS,
391 "Expected SEC_E_UNKNOWN_CREDENTIALS, got %08x\n", st);
392 tmp = certs[0];
393 certs[0] = certs[1];
394 certs[1] = tmp;
395 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_OUTBOUND,
396 NULL, &schanCred, NULL, NULL, &cred, NULL);
397 ok(st == SEC_E_UNKNOWN_CREDENTIALS ||
398 st == SEC_E_NO_CREDENTIALS,
399 "Expected SEC_E_UNKNOWN_CREDENTIALS, got %08x\n", st);
400 st = pAcquireCredentialsHandleA(NULL, unisp_name_a, SECPKG_CRED_INBOUND,
401 NULL, &schanCred, NULL, NULL, &cred, NULL);
402 ok(st == SEC_E_UNKNOWN_CREDENTIALS,
403 "Expected SEC_E_UNKNOWN_CREDENTIALS, got %08x\n", st);
404 /* FIXME: what about two valid certs? */
405
406 if (pCryptDestroyKey)
407 pCryptDestroyKey(key);
408 }
409
410 if (pCryptReleaseContext)
411 pCryptReleaseContext(csp, 0);
412 pCryptAcquireContextW(&csp, cspNameW, MS_DEF_PROV_W, PROV_RSA_FULL,
413 CRYPT_DELETEKEYSET);
414
415 if (pCertFreeCertificateContext)
416 {
417 pCertFreeCertificateContext(certs[0]);
418 pCertFreeCertificateContext(certs[1]);
419 }
420 }
421
422 START_TEST(schannel)
423 {
424 InitFunctionPtrs();
425
426 testAcquireSecurityContext();
427
428 if(secdll)
429 FreeLibrary(secdll);
430 if(crypt32dll)
431 FreeLibrary(crypt32dll);
432 }
useful hacks and other patches not (yet) suitable for mainline