[PATCH 02/10] ncrypt: Test key import of an rsa key.

Mon Feb 14 03:56:25 CST 2022

On Sat, 2022-02-12 at 18:49 -0300, Santino Mazza wrote:
> Signed-off-by: Santino Mazza <mazzasantino1206 at gmail.com>
> ---
>  dlls/ncrypt/tests/Makefile.in |   6 ++
>  dlls/ncrypt/tests/ncrypt.c    | 142 ++++++++++++++++++++++++++++++++++
>  include/ncrypt.h              |   5 ++
>  3 files changed, 153 insertions(+)
>  create mode 100644 dlls/ncrypt/tests/Makefile.in
>  create mode 100644 dlls/ncrypt/tests/ncrypt.c

You also need to add an entry in configure.ac.

> diff --git a/dlls/ncrypt/tests/Makefile.in b/dlls/ncrypt/tests/Makefile.in
> new file mode 100644
> index 00000000000..3ab100f849f
> --- /dev/null
> +++ b/dlls/ncrypt/tests/Makefile.in
> @@ -0,0 +1,6 @@
> +EXTRADEFS = -DWINE_NO_LONG_TYPES
> +TESTDLL   = ncrypt.dll
> +IMPORTS   = advapi32 ncrypt bcrypt

I would be better to build without -DWINE_NO_LONG_TYPES. The advapi32 and bcrypt
imports are not needed.

> +C_SRCS = \
> +	ncrypt.c
> diff --git a/dlls/ncrypt/tests/ncrypt.c b/dlls/ncrypt/tests/ncrypt.c
> new file mode 100644
> index 00000000000..39ee0f04254
> --- /dev/null
> +++ b/dlls/ncrypt/tests/ncrypt.c
> @@ -0,0 +1,142 @@
> +/* Unit test suite for ncrypt.dll
> + *
> + * Copyright 2021 Santino Mazza
> + *
> + * This library is free software; you can redistribute it and/or
> + * modify it under the terms of the GNU Lesser General Public
> + * License as published by the Free Software Foundation; either
> + * version 2.1 of the License, or (at your option) any later version.
> + *
> + * This library is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> + * Lesser General Public License for more details.
> + *
> + * You should have received a copy of the GNU Lesser General Public
> + * License along with this library; if not, write to the Free Software
> + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
> + */
> +
> +#include "wine/test.h"
> +#include "winbase.h"
> +#include "winnt.h"
> +#include "ncrypt.h"
> +#include "bcrypt.h"

...

> +static void test_key_import_rsa(void)
> +{
> +    NCRYPT_PROV_HANDLE prov;
> +    SECURITY_STATUS ncryptret = NCryptOpenStorageProvider(&prov, NULL, 0);
> +    ok(ncryptret == ERROR_SUCCESS, "got 0x%x\n", ncryptret);

The 'ncrypt' prefix doesn't add anything here. 'ret' or 'status' would be
better.

> +    NCRYPT_KEY_HANDLE key = NULL;

NCRYPT_KEY_HANDLE is a ULONG_PTR which is an integer with the size of a pointer.
You should initialize it with 0 and compare it against 0.

> +    ncryptret = NCryptImportKey(prov, NULL, BCRYPT_RSAPUBLIC_BLOB, NULL, &key, rsa_key_blob, 155, 0);

155 -> sizeof(rsa_key_blob)

> +    ok(ncryptret == ERROR_SUCCESS, "got 0x%x\n", ncryptret);
> +    ok(key != NULL, "got null handle\n");
> +    NCryptFreeObject(key);
> +
> +    key = NULL;
> +    ncryptret = NCryptImportKey(prov, NULL, BCRYPT_PUBLIC_KEY_BLOB, NULL, &key, rsa_key_blob, 155, 0);
> +    ok(ncryptret == ERROR_SUCCESS, "got 0x%x\n", ncryptret);
> +    ok(key != NULL, "got null handle\n");
> +    NCryptFreeObject(key);
> +
> +    key = NULL;
> +    ncryptret = NCryptImportKey(prov, NULL, BCRYPT_PUBLIC_KEY_BLOB, NULL, &key, rsa_key_blob, 155, 49);
> +    ok(ncryptret == NTE_BAD_FLAGS, "got 0x%x\n", ncryptret);
> +    ok(key == NULL, "expected null handle\n");
> +
> +    key = NULL;
> +    ncryptret = NCryptImportKey(prov, NULL, BCRYPT_PUBLIC_KEY_BLOB, NULL, &key, invalid_rsa_key_blob, 155, 0);
> +    ok(ncryptret == NTE_INVALID_PARAMETER, "got 0x%x\n", ncryptret);
> +    ok(key == NULL, "expected null handle\n");
> +
> +    key = NULL;
> +    ncryptret = NCryptImportKey(prov, NULL, BCRYPT_PUBLIC_KEY_BLOB, NULL, &key, rsa_key_blob_with_invalid_bit_length, 155, 0);
> +    ok(ncryptret == ERROR_SUCCESS, "got 0x%x\n", ncryptret); /* I'm not sure why, but this returns success */
> +    ok(key != NULL, "got null handle\n");
> +    NCryptFreeObject(key);
> +
> +    key = NULL;
> +    ncryptret = NCryptImportKey(prov, NULL, BCRYPT_PUBLIC_KEY_BLOB, NULL, &key, rsa_key_blob_with_invalid_publicexp_size, 155, 0);
> +    ok(ncryptret == NTE_BAD_DATA, "got 0x%x\n", ncryptret);
> +    ok(key == NULL, "expected null handle\n");
> +
> +    key = NULL;
> +    ncryptret = NCryptImportKey(prov, NULL, BCRYPT_PUBLIC_KEY_BLOB, NULL, &key, rsa_key_blob, 40, 0);
> +    ok(ncryptret == NTE_BAD_DATA, "got 0x%x\n", ncryptret);
> +    ok(key == NULL, "expected null handle\n");
> +
> +    key = NULL;
> +    ncryptret = NCryptImportKey(prov, NULL, BCRYPT_PUBLIC_KEY_BLOB, NULL, &key, rsa_key_blob, 300, 0);
> +    ok(ncryptret == NTE_BAD_DATA, "got 0x%x\n", ncryptret);
> +    ok(key == NULL, "expected null handle\n");
> +
> +    NCryptFreeObject(prov);
> +}

Tests must always pass on Wine so you need to add todo_wine statements where
necessary.

> diff --git a/include/ncrypt.h b/include/ncrypt.h
> index 111693f1d49..bfb4c0c325c 100644
> --- a/include/ncrypt.h
> +++ b/include/ncrypt.h
> @@ -69,12 +69,17 @@ typedef ULONG_PTR NCRYPT_SECRET_HANDLE;
>  #define NCRYPT_SCHANNEL_SIGNATURE_INTERFACE 0x00010003
>  #define NCRYPT_KEY_PROTECTION_INTERFACE     0x00010004
> 
> +#define NCRYPT_SILENT_FLAG 0x00000040L

You can drop the L suffix.

>  SECURITY_STATUS WINAPI NCryptCreatePersistedKey(NCRYPT_PROV_HANDLE, NCRYPT_KEY_HANDLE *, const WCHAR *, const WCHAR *, DWORD, DWORD);
>  SECURITY_STATUS WINAPI NCryptDecrypt(NCRYPT_KEY_HANDLE, BYTE *, DWORD, void *, BYTE *, DWORD, DWORD *, DWORD);
>  SECURITY_STATUS WINAPI NCryptEncrypt(NCRYPT_KEY_HANDLE, BYTE *, DWORD, void *, BYTE *, DWORD, DWORD *, DWORD);
>  SECURITY_STATUS WINAPI NCryptFinalizeKey(NCRYPT_KEY_HANDLE, DWORD);
>  SECURITY_STATUS WINAPI NCryptFreeObject(NCRYPT_HANDLE);
>  SECURITY_STATUS WINAPI NCryptOpenKey(NCRYPT_PROV_HANDLE, NCRYPT_KEY_HANDLE *, const WCHAR *, DWORD, DWORD);
> +SECURITY_STATUS WINAPI NCryptImportKey(NCRYPT_PROV_HANDLE provider, NCRYPT_KEY_HANDLE decrypt_key,
> +                                       const WCHAR *type, NCryptBufferDesc *params, NCRYPT_KEY_HANDLE *key,
> +                                       PBYTE data, DWORD datasize, DWORD flags);
>  SECURITY_STATUS WINAPI NCryptOpenStorageProvider(NCRYPT_PROV_HANDLE *, const WCHAR *, DWORD);

Parameter names are not very useful here. Please keep these sorted.