Marek Chmiel : dssenh/tests: Key length tests for the DSSENH cryptographic service provider.
Alexandre Julliard
julliard at winehq.org
Tue Aug 14 12:59:51 CDT 2012
Module: wine
Branch: master
Commit: 01e937d49a1d0d4aedfeb308951bfa48b29b0ff9
URL: http://source.winehq.org/git/wine.git/?a=commit;h=01e937d49a1d0d4aedfeb308951bfa48b29b0ff9
Author: Marek Chmiel <kcmark at gmail.com>
Date: Thu Jun 28 21:31:37 2012 -0500
dssenh/tests: Key length tests for the DSSENH cryptographic service provider.
---
dlls/dssenh/tests/dssenh.c | 218 ++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 218 insertions(+), 0 deletions(-)
diff --git a/dlls/dssenh/tests/dssenh.c b/dlls/dssenh/tests/dssenh.c
index 332b865..0c37c91 100644
--- a/dlls/dssenh/tests/dssenh.c
+++ b/dlls/dssenh/tests/dssenh.c
@@ -179,7 +179,225 @@ static void test_acquire_context(void)
"Expected NTE_EXISTS, got %08x\n", GetLastError());
}
+struct keylength_test {
+ ALG_ID algid;
+ DWORD flags;
+ BOOL expectedResult;
+ DWORD expectedError;
+ BOOL brokenResult;
+ DWORD brokenError;
+};
+
+static const struct keylength_test baseDSS_keylength[] = {
+ /* AT_KEYEXCHANGE is not supported by the base DSS provider */
+ {AT_KEYEXCHANGE, 448 << 16, FALSE, NTE_BAD_ALGID, FALSE, NTE_BAD_FLAGS}, /* WinNT4 and Win2k */
+ {AT_KEYEXCHANGE, 512 << 16, FALSE, NTE_BAD_ALGID, TRUE}, /* success on WinNT4 */
+ {AT_KEYEXCHANGE, 1024 << 16, FALSE, NTE_BAD_ALGID, TRUE}, /* success on WinNT4 */
+ {AT_KEYEXCHANGE, 1088 << 16, FALSE, NTE_BAD_ALGID, FALSE, NTE_BAD_FLAGS},/* WinNT4 and Win2k */
+ /* min 512 max 1024 increment by 64 */
+ {AT_SIGNATURE, 448 << 16, FALSE, NTE_BAD_FLAGS},
+ {AT_SIGNATURE, 512 << 16, TRUE},
+ {AT_SIGNATURE, 513 << 16, FALSE, NTE_FAIL, FALSE, NTE_BAD_FLAGS}, /* WinNT4 and Win2k */
+ {AT_SIGNATURE, 768 << 16, TRUE},
+ {AT_SIGNATURE, 1024 << 16, TRUE},
+ {AT_SIGNATURE, 1088 << 16, FALSE, NTE_BAD_FLAGS},
+ /* CALG_DH_EPHEM is not supported by the base DSS provider */
+ {CALG_DH_EPHEM, 448 << 16, FALSE, NTE_BAD_ALGID, FALSE, NTE_BAD_FLAGS}, /* WinNT4 and Win2k */
+ {CALG_DH_EPHEM, 512 << 16, FALSE, NTE_BAD_ALGID, TRUE}, /* success on WinNT4 */
+ {CALG_DH_EPHEM, 1024 << 16, FALSE, NTE_BAD_ALGID, TRUE}, /* success on WinNT4 */
+ {CALG_DH_EPHEM, 1088 << 16, FALSE, NTE_BAD_ALGID, FALSE, NTE_BAD_FLAGS}, /* WinNT4 and Win2k */
+ /* CALG_DH_SF is not supported by the base DSS provider */
+ {CALG_DH_SF, 448 << 16, FALSE, NTE_BAD_ALGID, FALSE, NTE_BAD_FLAGS}, /* WinNT4 and Win2k */
+ {CALG_DH_SF, 512 << 16, FALSE, NTE_BAD_ALGID, TRUE}, /* success on WinNT4 */
+ {CALG_DH_SF, 1024 << 16, FALSE, NTE_BAD_ALGID, TRUE}, /* success on WinNT4 */
+ {CALG_DH_SF, 1088 << 16, FALSE, NTE_BAD_ALGID, FALSE, NTE_BAD_FLAGS}, /* WinNT4 and Win2k */
+ /* min 512 max 1024, increment by 64 */
+ {CALG_DSS_SIGN, 448 << 16, FALSE, NTE_BAD_FLAGS},
+ {CALG_DSS_SIGN, 512 << 16, TRUE},
+ {CALG_DSS_SIGN, 513 << 16, FALSE, NTE_FAIL, FALSE, NTE_BAD_FLAGS}, /* WinNT4 and Win2k */
+ {CALG_DSS_SIGN, 768 << 16, TRUE},
+ {CALG_DSS_SIGN, 1024 << 16, TRUE},
+ {CALG_DSS_SIGN, 1088 << 16, FALSE, NTE_BAD_FLAGS}
+};
+
+static const struct keylength_test dssDH_keylength[] = {
+ /* min 512 max 1024, increment by 64 */
+ {AT_KEYEXCHANGE, 448 << 16, FALSE, NTE_BAD_FLAGS},
+ {AT_KEYEXCHANGE, 512 << 16, TRUE},
+ {AT_KEYEXCHANGE, 513 << 16, FALSE, NTE_FAIL, FALSE, NTE_BAD_FLAGS}, /* WinNT4 and Win2k */
+ {AT_KEYEXCHANGE, 768 << 16, TRUE},
+ {AT_KEYEXCHANGE, 1024 << 16, TRUE},
+ {AT_KEYEXCHANGE, 1088 << 16, FALSE, NTE_BAD_FLAGS},
+ {AT_SIGNATURE, 448 << 16, FALSE, NTE_BAD_FLAGS},
+ {AT_SIGNATURE, 512 << 16, TRUE},
+ {AT_SIGNATURE, 513 << 16, FALSE, NTE_FAIL, FALSE, NTE_BAD_FLAGS}, /* WinNT4 and Win2k */
+ {AT_SIGNATURE, 768 << 16, TRUE},
+ {AT_SIGNATURE, 1024 << 16, TRUE},
+ {AT_SIGNATURE, 1088 << 16, FALSE, NTE_BAD_FLAGS},
+ {CALG_DH_EPHEM, 448 << 16, FALSE, NTE_BAD_FLAGS},
+ {CALG_DH_EPHEM, 512 << 16, TRUE},
+ {CALG_DH_EPHEM, 513 << 16, FALSE, NTE_FAIL, FALSE, NTE_BAD_FLAGS}, /* WinNT4 and Win2k */
+ {CALG_DH_EPHEM, 768 << 16, TRUE},
+ {CALG_DH_EPHEM, 1024 << 16, TRUE},
+ {CALG_DH_EPHEM, 1088 << 16, FALSE, NTE_BAD_FLAGS},
+ {CALG_DH_SF, 448 << 16, FALSE, NTE_BAD_FLAGS},
+ {CALG_DH_SF, 512 << 16, TRUE},
+ {CALG_DH_SF, 513 << 16, FALSE, NTE_FAIL, FALSE, NTE_BAD_FLAGS}, /* WinNT4 and Win2k */
+ {CALG_DH_SF, 768 << 16, TRUE},
+ {CALG_DH_SF, 1024 << 16, TRUE},
+ {CALG_DH_SF, 1088 << 16, FALSE, NTE_BAD_FLAGS},
+ {CALG_DSS_SIGN, 448 << 16, FALSE, NTE_BAD_FLAGS},
+ {CALG_DSS_SIGN, 512 << 16, TRUE},
+ {CALG_DSS_SIGN, 513 << 16, FALSE, NTE_FAIL, FALSE, NTE_BAD_FLAGS}, /* WinNT4 and Win2k */
+ {CALG_DSS_SIGN, 768 << 16, TRUE},
+ {CALG_DSS_SIGN, 1024 << 16, TRUE},
+ {CALG_DSS_SIGN, 1088 << 16, FALSE, NTE_BAD_FLAGS}
+};
+
+static const struct keylength_test dssENH_keylength[] = {
+ /* min 512 max 1024 (AT_KEYEXCHANGE max 4096), increment by 64*/
+ {AT_KEYEXCHANGE, 448 << 16, FALSE, NTE_BAD_FLAGS},
+ {AT_KEYEXCHANGE, 512 << 16, TRUE},
+ {AT_KEYEXCHANGE, 513 << 16, FALSE, NTE_FAIL, FALSE, NTE_BAD_FLAGS}, /* WinNT4 and Win2k */
+ {AT_KEYEXCHANGE, 768 << 16, TRUE},
+ {AT_KEYEXCHANGE, 1024 << 16, TRUE},
+ {AT_KEYEXCHANGE, 1088 << 16, TRUE},
+ {AT_KEYEXCHANGE, 2048 << 16, TRUE},
+ /* Keylength too large - test bot timeout.
+ {AT_KEYEXCHANGE, 3072 << 16, TRUE},
+ {AT_KEYEXCHANGE, 4096 << 16, TRUE}, */
+ {AT_KEYEXCHANGE, 4160 << 16, FALSE, NTE_BAD_FLAGS},
+ {AT_SIGNATURE, 448 << 16, FALSE, NTE_BAD_FLAGS},
+ {AT_SIGNATURE, 512 << 16, TRUE},
+ {AT_SIGNATURE, 513 << 16, FALSE, NTE_FAIL, FALSE, NTE_BAD_FLAGS}, /* WinNT4 and Win2k */
+ {AT_SIGNATURE, 768 << 16, TRUE},
+ {AT_SIGNATURE, 1024 << 16, TRUE},
+ {AT_SIGNATURE, 1032 << 16, FALSE, NTE_BAD_FLAGS},
+ {CALG_DH_EPHEM, 448 << 16, FALSE, NTE_BAD_FLAGS},
+ {CALG_DH_EPHEM, 512 << 16, TRUE},
+ {CALG_DH_EPHEM, 513 << 16, FALSE, NTE_FAIL, FALSE, NTE_BAD_FLAGS}, /* WinNT4 and Win2k */
+ {CALG_DH_EPHEM, 768 << 16, TRUE},
+ {CALG_DH_EPHEM, 1024 << 16, TRUE},
+ {CALG_DH_EPHEM, 1040 << 16, FALSE, NTE_BAD_FLAGS},
+ {CALG_DH_SF, 448 << 16, FALSE, NTE_BAD_FLAGS},
+ {CALG_DH_SF, 512 << 16, TRUE},
+ {CALG_DH_SF, 513 << 16, FALSE, NTE_FAIL, FALSE, NTE_BAD_FLAGS}, /* WinNT4 and Win2k */
+ {CALG_DH_SF, 768 << 16, TRUE},
+ {CALG_DH_SF, 1024 << 16, TRUE},
+ {CALG_DH_SF, 1032 << 16, FALSE, NTE_BAD_FLAGS},
+ {CALG_DSS_SIGN, 448 << 16, FALSE, NTE_BAD_FLAGS},
+ {CALG_DSS_SIGN, 512 << 16, TRUE},
+ {CALG_DSS_SIGN, 513 << 16, FALSE, NTE_FAIL, FALSE, NTE_BAD_FLAGS}, /* WinNT4 and Win2k */
+ {CALG_DSS_SIGN, 768 << 16, TRUE},
+ {CALG_DSS_SIGN, 1024 << 16, TRUE},
+ {CALG_DSS_SIGN, 1088 << 16, FALSE, NTE_BAD_FLAGS}
+};
+
+static void test_keylength_array(HCRYPTPROV hProv,const struct keylength_test *tests, int testLen)
+{
+ HCRYPTKEY key;
+ BOOL result;
+ int i;
+
+ for (i = 0; i < testLen; i++)
+ {
+ SetLastError(0xdeadbeef);
+ result = CryptGenKey(hProv, tests[i].algid, tests[i].flags, &key);
+
+ /* success */
+ if(tests[i].expectedResult)
+ {
+ ok(result, "Expected a key, got %08x\n", GetLastError());
+ result = CryptDestroyKey(key);
+ ok(result, "Expected no errors.\n");
+ }
+ else
+ { /* error but success on older system */
+ if(tests[i].brokenResult)
+ ok((!result && GetLastError() == tests[i].expectedError) ||
+ broken(result), "Expected a key, got %x.\n", GetLastError());
+ else
+ {
+ /* error */
+ if(!tests[i].brokenError)
+ ok(!result && GetLastError() == tests[i].expectedError,
+ "Expected a key, got %x.\n", GetLastError());
+
+ /* error but different error on older system */
+ else
+ ok(!result && (GetLastError() == tests[i].expectedError ||
+ broken(GetLastError() == tests[i].brokenError)),
+ "Expected a key, got %x.\n", GetLastError());
+ }
+ }
+ }
+}
+
+#define TESTLEN(x) (sizeof(x) / sizeof((x)[0]))
+
+static void test_keylength(void)
+{
+ HCRYPTPROV hProv = 0;
+ BOOL result;
+
+ /* acquire base dss provider */
+ result = CryptAcquireContextA(
+ &hProv, NULL, MS_DEF_DSS_PROV_A, PROV_DSS, CRYPT_VERIFYCONTEXT);
+ if(!result)
+ {
+ skip("DSSENH is currently not available, skipping key length tests.\n");
+ return;
+ }
+ ok(result, "Expected no errors.\n");
+
+ /* perform keylength tests */
+ test_keylength_array(hProv, baseDSS_keylength, TESTLEN(baseDSS_keylength));
+
+ result = CryptReleaseContext(hProv, 0);
+ ok(result, "Expected release of CSP provider.\n");
+
+ /* acquire diffie hellman dss provider */
+ result = CryptAcquireContextA(
+ &hProv, NULL, MS_DEF_DSS_DH_PROV, PROV_DSS_DH, CRYPT_VERIFYCONTEXT);
+ ok(result, "Expected no errors.\n");
+
+ /* perform keylength tests */
+ test_keylength_array(hProv, dssDH_keylength, TESTLEN(dssDH_keylength));
+
+ result = CryptReleaseContext(hProv, 0);
+ ok(result, "Expected release of CSP provider.\n");
+
+ /* acquire enhanced dss provider */
+ SetLastError(0xdeadbeef);
+ result = CryptAcquireContextA(
+ &hProv, NULL, MS_ENH_DSS_DH_PROV, PROV_DSS_DH, CRYPT_VERIFYCONTEXT);
+ if(!result && GetLastError() == NTE_KEYSET_NOT_DEF)
+ {
+ win_skip("DSSENH and Schannel provider is broken on WinNT4\n");
+ return;
+ }
+ ok(result, "Expected no errors.\n");
+
+ /* perform keylength tests */
+ test_keylength_array(hProv, dssENH_keylength, TESTLEN(dssENH_keylength));
+
+ result = CryptReleaseContext(hProv, 0);
+ ok(result, "Expected release of CSP provider.\n");
+
+ /* acquire schannel dss provider */
+ result = CryptAcquireContextA(
+ &hProv, NULL, MS_DEF_DH_SCHANNEL_PROV, PROV_DH_SCHANNEL, CRYPT_VERIFYCONTEXT);
+ ok(result, "Expected no errors.\n");
+
+ /* perform keylength tests */
+ test_keylength_array(hProv, dssENH_keylength, TESTLEN(dssENH_keylength));
+
+ result = CryptReleaseContext(hProv, 0);
+ ok(result, "Expected release of CSP provider.\n");
+}
+
START_TEST(dssenh)
{
test_acquire_context();
+ test_keylength();
}
More information about the wine-cvs
mailing list