secur32: Implement simple MakeSignature.

9b480ef0 · Kai Blin · Alexandre Julliard · c8c7bf61 · 9b480ef0 · 9b480ef0
Commit 9b480ef0 authored Aug 12, 2006 by Kai Blin Committed by Alexandre Julliard Aug 14, 2006
Showing with 208 additions and 43 deletions

dispatcher.c dlls/secur32/dispatcher.c +4 -1

ntlm.c dlls/secur32/ntlm.c +153 -39

secur32_priv.h dlls/secur32/secur32_priv.h +23 -0

ntlm.c dlls/secur32/tests/ntlm.c +28 -3

No files found.
--- a/dlls/secur32/dispatcher.c
+++ b/dlls/secur32/dispatcher.c
 /*
- * Copyright 2005 Kai Blin
+ * Copyright 2005, 2006 Kai Blin
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
@@ -114,6 +114,8 @@ SECURITY_STATUS fork_helper(PNegoHelper *new_helper, const char *prog,
        helper->com_buf = NULL;
        helper->com_buf_size = 0;
        helper->com_buf_offset = 0;
+        helper->session_key = NULL;
+        helper->neg_flags = 0;
        helper->pipe_in = pipe_in[0];
        close(pipe_in[1]);
        helper->pipe_out = pipe_out[1];
@@ -262,6 +264,7 @@ void cleanup_helper(PNegoHelper helper)
      
    HeapFree(GetProcessHeap(), 0, helper->password);
    HeapFree(GetProcessHeap(), 0, helper->com_buf);
+    HeapFree(GetProcessHeap(), 0, helper->session_key);

    /* closing stdin will terminate ntlm_auth */
    close(helper->pipe_out);

--- a/dlls/secur32/ntlm.c
+++ b/dlls/secur32/ntlm.c
--- a/dlls/secur32/secur32_priv.h
+++ b/dlls/secur32/secur32_priv.h
@@ -66,6 +66,9 @@ typedef struct _NegoHelper {
    char *com_buf;
    int com_buf_size;
    int com_buf_offset;
+    BYTE *session_key;
+    BOOL valid_session_key;
+    unsigned long neg_flags;
 } NegoHelper, *PNegoHelper;

 /* Allocates space for and initializes a new provider.  If fnTableA or fnTableW
@@ -121,4 +124,24 @@ SECURITY_STATUS encodeBase64(PBYTE in_buf, int in_len, char* out_buf,
 SECURITY_STATUS decodeBase64(char *in_buf, int in_len, BYTE *out_buf, 
        int max_len, int *out_len);

+/* NTLMSSP flags indicating the negotiated features */
+#define NTLMSSP_NEGOTIATE_UNICODE                   0x00000001
+#define NTLMSSP_NEGOTIATE_OEM                       0x00000002
+#define NTLMSSP_REQUEST_TARGET                      0x00000004
+#define NTLMSSP_NEGOTIATE_SIGN                      0x00000010
+#define NTLMSSP_NEGOTIATE_SEAL                      0x00000020
+#define NTLMSSP_NEGOTIATE_DATAGRAM_STYLE            0x00000040
+#define NTLMSSP_NEGOTIATE_LM_SESSION_KEY            0x00000080
+#define NTLMSSP_NEGOTIATE_NTLM                      0x00000200
+#define NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED           0x00001000
+#define NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED      0x00002000
+#define NTLMSSP_NEGOTIATE_LOCAL_CALL                0x00004000
+#define NTLMSSP_NEGOTIATE_ALWAYS_SIGN               0x00008000
+#define NTLMSSP_NEGOTIATE_TARGET_TYPE_DOMAIN        0x00010000
+#define NTLMSSP_NEGOTIATE_TARGET_TYPE_SERVER        0x00020000
+#define NTLMSSP_NEGOTIATE_NTLM2                     0x00080000
+#define NTLMSSP_NEGOTIATE_TARGET_INFO               0x00800000
+#define NTLMSSP_NEGOTIATE_128                       0x20000000
+#define NTLMSSP_NEGOTIATE_KEY_EXCHANGE              0x40000000
+#define NTLMSSP_NEGOTIATE_56                        0x80000000
 #endif /* ndef __SECUR32_PRIV_H__ */
--- a/dlls/secur32/tests/ntlm.c
+++ b/dlls/secur32/tests/ntlm.c
@@ -673,7 +673,7 @@ static void testSignSeal()
    SEC_WINNT_AUTH_IDENTITY id;
    static char             sec_pkg_name[] = "NTLM";
    PSecBufferDesc          crypt = NULL;
-    PSecBuffer              data = NULL;
+    PSecBuffer              data = NULL, fake_data = NULL;
    ULONG                   qop = 0;
    SecPkgContext_Sizes     ctxt_sizes;

@@ -739,6 +739,28 @@ static void testSignSeal()
        crypt->ulVersion = SECBUFFER_VERSION;
        crypt->cBuffers = 2;

+        if((fake_data = HeapAlloc(GetProcessHeap(), 0, sizeof(SecBuffer) * 2)) == NULL)
+        {
+            trace("Failed to allocate the fake crypto buffer, aborting test.\n");
+            goto end;
+        }
+
+        crypt->pBuffers = fake_data;
+
+        fake_data[0].BufferType = SECBUFFER_DATA;
+        fake_data[0].cbBuffer = ctxt_sizes.cbSecurityTrailer;
+        fake_data[0].pvBuffer = HeapAlloc(GetProcessHeap(), 0, fake_data[0].cbBuffer);
+
+        fake_data[1].BufferType = SECBUFFER_DATA;
+        fake_data[1].cbBuffer = lstrlen(message);
+        fake_data[1].pvBuffer = HeapAlloc(GetProcessHeap(), 0, fake_data[1].cbBuffer);
+
+        sec_status = pMakeSignature(client.ctxt, 0, crypt, 0);
+        ok(sec_status == SEC_E_INVALID_TOKEN, 
+                "MakeSignature returned %s, not SEC_E_INVALID_TOKEN.\n",
+                getSecError(sec_status));
+
+
        if((data = HeapAlloc(GetProcessHeap(), 0, sizeof(SecBuffer) * 2)) == NULL)
        {
            trace("Failed to allocate the crypto buffer, aborting test.\n");
@@ -761,12 +783,10 @@ static void testSignSeal()
         * it is sent by the client or the server
         */
        sec_status = pMakeSignature(client.ctxt, 0, crypt, 0);
-        todo_wine {
        ok(sec_status == SEC_E_OK, "MakeSignature returned %s, not SEC_E_OK.\n",
                getSecError(sec_status));
        ok(!memcmp(crypt->pBuffers[0].pvBuffer, message_signature,
                   crypt->pBuffers[0].cbBuffer), "Signature is not as expected.\n");
-        }

        data[0].cbBuffer = sizeof(message_signature);
        memcpy(data[0].pvBuffer, message_signature, data[0].cbBuffer);
@@ -807,6 +827,11 @@ end:

        pDeleteSecurityContext(client.ctxt);
        pFreeCredentialsHandle(client.cred);
+        if(fake_data)
+        {
+            HeapFree(GetProcessHeap(), 0, fake_data[0].pvBuffer);
+            HeapFree(GetProcessHeap(), 0, fake_data[1].pvBuffer);
+        }
        if(data)
        {
            HeapFree(GetProcessHeap(), 0, data[0].pvBuffer);