[PATCH v2 1/2] bcrypt: Return STATUS_INVALID_PARAMETER on ECC magic mismatch.
Hans Leidekker
hans at codeweavers.com
Wed Sep 2 02:59:46 CDT 2020
From: Rémi Bernon <rbernon at codeweavers.com>
Flight Simulator XAL authentication hits this condition because of
buggy bcrypt private key export (see next patch).
Signed-off-by: Rémi Bernon <rbernon at codeweavers.com>
Signed-off-by: Hans Leidekker <hans at codeweavers.com>
---
dlls/bcrypt/bcrypt_main.c | 4 ++--
dlls/bcrypt/tests/bcrypt.c | 12 ++++++++++++
2 files changed, 14 insertions(+), 2 deletions(-)
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
index b6bb73a715f..cd3b746e295 100644
--- a/dlls/bcrypt/bcrypt_main.c
+++ b/dlls/bcrypt/bcrypt_main.c
@@ -1171,7 +1171,7 @@ static NTSTATUS key_import_pair( struct algorithm *alg, const WCHAR *type, BCRYP
return STATUS_NOT_SUPPORTED;
}
- if (ecc_blob->dwMagic != magic) return STATUS_NOT_SUPPORTED;
+ if (ecc_blob->dwMagic != magic) return STATUS_INVALID_PARAMETER;
if (ecc_blob->cbKey != key_size || input_len < sizeof(*ecc_blob) + ecc_blob->cbKey * 2)
return STATUS_INVALID_PARAMETER;
@@ -1211,7 +1211,7 @@ static NTSTATUS key_import_pair( struct algorithm *alg, const WCHAR *type, BCRYP
return STATUS_NOT_SUPPORTED;
}
- if (ecc_blob->dwMagic != magic) return STATUS_NOT_SUPPORTED;
+ if (ecc_blob->dwMagic != magic) return STATUS_INVALID_PARAMETER;
if (ecc_blob->cbKey != key_size || input_len < sizeof(*ecc_blob) + ecc_blob->cbKey * 3)
return STATUS_INVALID_PARAMETER;
diff --git a/dlls/bcrypt/tests/bcrypt.c b/dlls/bcrypt/tests/bcrypt.c
index e37a33e38a0..3e5d5cf17f8 100644
--- a/dlls/bcrypt/tests/bcrypt.c
+++ b/dlls/bcrypt/tests/bcrypt.c
@@ -1730,6 +1730,12 @@ static void test_ECDSA(void)
status = pBCryptImportKeyPair(alg, NULL, BCRYPT_ECCPUBLIC_BLOB, &key, buffer, size, 0);
ok(status == STATUS_INVALID_PARAMETER, "Expected STATUS_INVALID_PARAMETER, got %08x\n", status);
+ ecckey->dwMagic = BCRYPT_ECDH_PUBLIC_P256_MAGIC;
+ ecckey->cbKey = 32;
+ status = pBCryptImportKeyPair(alg, NULL, BCRYPT_ECCPUBLIC_BLOB, &key, buffer, size, 0);
+ ok(status == STATUS_INVALID_PARAMETER, "Expected STATUS_INVALID_PARAMETER, got %08x\n", status);
+
+ ecckey->dwMagic = BCRYPT_ECDSA_PUBLIC_P256_MAGIC;
ecckey->cbKey = 32;
status = pBCryptImportKeyPair(alg, NULL, BCRYPT_ECCPUBLIC_BLOB, &key, buffer, size, 0);
ok(!status, "BCryptImportKeyPair failed: %08x\n", status);
@@ -1749,6 +1755,12 @@ static void test_ECDSA(void)
status = pBCryptImportKeyPair(alg, NULL, BCRYPT_ECCPRIVATE_BLOB, &key, buffer, size, 0);
ok(status == STATUS_INVALID_PARAMETER, "Expected STATUS_INVALID_PARAMETER, got %08x\n", status);
+ ecckey->dwMagic = BCRYPT_ECDH_PRIVATE_P256_MAGIC;
+ ecckey->cbKey = 32;
+ status = pBCryptImportKeyPair(alg, NULL, BCRYPT_ECCPRIVATE_BLOB, &key, buffer, size, 0);
+ ok(status == STATUS_INVALID_PARAMETER, "Expected STATUS_INVALID_PARAMETER, got %08x\n", status);
+
+ ecckey->dwMagic = BCRYPT_ECDSA_PRIVATE_P256_MAGIC;
ecckey->cbKey = 32;
status = pBCryptImportKeyPair(alg, NULL, BCRYPT_ECCPRIVATE_BLOB, &key, buffer, size, 0);
ok(!status, "BCryptImportKeyPair failed: %08x\n", status);
--
2.20.1
More information about the wine-devel
mailing list