Kai Blin : secur32: Test and fix DecryptMessage for multiple data buffers.

Alexandre Julliard julliard at wine.codeweavers.com
Mon Nov 6 08:48:52 CST 2006 

Module: wine
Branch: master
Commit: 3af72bec1eb139e446f157fa0e7d00cd55932612
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=3af72bec1eb139e446f157fa0e7d00cd55932612

Author: Kai Blin <kai.blin at gmail.com>
Date:   Sat Nov  4 12:30:30 2006 +0100

secur32: Test and fix DecryptMessage for multiple data buffers.

---

 dlls/secur32/ntlm.c       |   39 ++++++++++++++++++++++++++++-----------
 dlls/secur32/tests/ntlm.c |   24 ++++++++++++++++++++++++
 2 files changed, 52 insertions(+), 11 deletions(-)

diff --git a/dlls/secur32/ntlm.c b/dlls/secur32/ntlm.c
index d1d951f..8cc206d 100644
--- a/dlls/secur32/ntlm.c
+++ b/dlls/secur32/ntlm.c
@@ -1308,6 +1308,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_Ve
     ULONG fQOP = 0;
     UINT i;
     int token_idx = -1;
+    SECURITY_STATUS ret;
 
     TRACE("%p %p %d %p\n", phContext, pMessage, MessageSeqNo, pfQOP);
     if(!phContext)
@@ -1345,26 +1346,42 @@ static SECURITY_STATUS SEC_ENTRY ntlm_Ve
     if(helper->neg_flags & NTLMSSP_NEGOTIATE_SIGN)
     {
         SecBufferDesc local_desc;
-        SecBuffer     local_buff[2];
+        PSecBuffer    local_buff;
         BYTE          local_sig[16];
 
+        local_buff = HeapAlloc(GetProcessHeap(), 0, pMessage->cBuffers * sizeof(SecBuffer));
+
         local_desc.ulVersion = SECBUFFER_VERSION;
-        local_desc.cBuffers = 2;
+        local_desc.cBuffers = pMessage->cBuffers;
         local_desc.pBuffers = local_buff;
-        local_buff[0].BufferType = SECBUFFER_TOKEN;
-        local_buff[0].cbBuffer = 16;
-        local_buff[0].pvBuffer = local_sig;
-        local_buff[1].BufferType = SECBUFFER_DATA;
-        local_buff[1].cbBuffer = pMessage->pBuffers[1].cbBuffer;
-        local_buff[1].pvBuffer = pMessage->pBuffers[1].pvBuffer;
+
+        for(i=0; i < pMessage->cBuffers; ++i)
+        {
+            if(pMessage->pBuffers[i].BufferType == SECBUFFER_TOKEN)
+            {
+                local_buff[i].BufferType = SECBUFFER_TOKEN;
+                local_buff[i].cbBuffer = 16;
+                local_buff[i].pvBuffer = local_sig;
+            }
+            else
+            {
+                local_buff[i].BufferType = pMessage->pBuffers[i].BufferType;
+                local_buff[i].cbBuffer = pMessage->pBuffers[i].cbBuffer;
+                local_buff[i].pvBuffer = pMessage->pBuffers[i].pvBuffer;
+            }
+        }
 
         ntlm_MakeSignature(phContext, fQOP, &local_desc, MessageSeqNo);
 
-        if(memcmp(((PBYTE)local_buff[0].pvBuffer) + 8,
+        if(memcmp(((PBYTE)local_buff[token_idx].pvBuffer) + 8,
                     ((PBYTE)pMessage->pBuffers[token_idx].pvBuffer) + 8, 8))
-            return SEC_E_MESSAGE_ALTERED;
+            ret = SEC_E_MESSAGE_ALTERED;
+        else
+            ret = SEC_E_OK;
 
-        return SEC_E_OK;
+        HeapFree(GetProcessHeap(), 0, local_buff);
+
+        return ret;
     }
 
     if(helper->neg_flags & NTLMSSP_NEGOTIATE_KEY_EXCHANGE)
diff --git a/dlls/secur32/tests/ntlm.c b/dlls/secur32/tests/ntlm.c
index 7e63697..7fa9358 100644
--- a/dlls/secur32/tests/ntlm.c
+++ b/dlls/secur32/tests/ntlm.c
@@ -137,6 +137,14 @@ static BYTE crypt_message_server[] =
    {0xf6, 0xb7, 0x92, 0x0c, 0xac, 0xea, 0x98, 0xe6, 0xef, 0xa0,
     0x29, 0x66, 0xfd};
 
+static BYTE crypt_trailer_server2[] =
+   {0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xb1, 0x4e,
+    0x46, 0xb7, 0xca, 0xf7, 0x7f, 0xb3};
+
+static BYTE crypt_message_server2[] =
+   {0xc8, 0xf2, 0x39, 0x7f, 0x0c, 0xaf, 0xf5, 0x5d, 0xef, 0x0c,
+    0x8b, 0x5f, 0x82};
+
 static void InitFunctionPtrs(void)
 {
     secdll = LoadLibraryA("secur32.dll");
@@ -846,6 +854,12 @@ static void testSignSeal()
         ok(!memcmp(crypt.pBuffers[3].pvBuffer, message_signature,
                    crypt.pBuffers[3].cbBuffer), "Signature is not as expected.\n");
 
+        /* Being a dummy signature, it will verify right away, as if the server
+         * sent it */
+        sec_status = pVerifySignature(client.ctxt, &crypt, 0, &qop);
+        ok(sec_status == SEC_E_OK, "VerifySignature returned %s, not SEC_E_OK\n",
+                getSecError(sec_status));
+
         sec_status = pEncryptMessage(client.ctxt, 0, &crypt, 0);
         ok(sec_status == SEC_E_OK, "EncryptMessage returned %s, not SEC_E_OK.\n",
                 getSecError(sec_status));
@@ -856,6 +870,14 @@ static void testSignSeal()
         ok(!memcmp(crypt.pBuffers[1].pvBuffer, crypt_message_client2,
                    crypt.pBuffers[1].cbBuffer), "Crypt message not as expected.\n");
 
+        memcpy(complex_data[1].pvBuffer, crypt_message_server2, complex_data[1].cbBuffer);
+        memcpy(complex_data[3].pvBuffer, crypt_trailer_server2, complex_data[3].cbBuffer);
+
+        sec_status = pDecryptMessage(client.ctxt, &crypt, 0, &qop);
+        ok(sec_status == SEC_E_OK, "DecryptMessage returned %s, not SEC_E_OK.\n",
+                getSecError(sec_status));
+
+
 end:
         cleanupBuffers(&client);
         cleanupBuffers(&server);
@@ -867,6 +889,8 @@ end:
         HeapFree(GetProcessHeap(), 0, fake_data[1].pvBuffer);
         HeapFree(GetProcessHeap(), 0, data[0].pvBuffer);
         HeapFree(GetProcessHeap(), 0, data[1].pvBuffer);
+        HeapFree(GetProcessHeap(), 0, complex_data[1].pvBuffer);
+        HeapFree(GetProcessHeap(), 0, complex_data[3].pvBuffer);
     }
     else
     {

More information about the wine-cvs mailing list