Commit 9b480ef0 authored by Kai Blin's avatar Kai Blin Committed by Alexandre Julliard

secur32: Implement simple MakeSignature.

parent c8c7bf61
/* /*
* Copyright 2005 Kai Blin * Copyright 2005, 2006 Kai Blin
* *
* This library is free software; you can redistribute it and/or * This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public * modify it under the terms of the GNU Lesser General Public
...@@ -114,6 +114,8 @@ SECURITY_STATUS fork_helper(PNegoHelper *new_helper, const char *prog, ...@@ -114,6 +114,8 @@ SECURITY_STATUS fork_helper(PNegoHelper *new_helper, const char *prog,
helper->com_buf = NULL; helper->com_buf = NULL;
helper->com_buf_size = 0; helper->com_buf_size = 0;
helper->com_buf_offset = 0; helper->com_buf_offset = 0;
helper->session_key = NULL;
helper->neg_flags = 0;
helper->pipe_in = pipe_in[0]; helper->pipe_in = pipe_in[0];
close(pipe_in[1]); close(pipe_in[1]);
helper->pipe_out = pipe_out[1]; helper->pipe_out = pipe_out[1];
...@@ -262,6 +264,7 @@ void cleanup_helper(PNegoHelper helper) ...@@ -262,6 +264,7 @@ void cleanup_helper(PNegoHelper helper)
HeapFree(GetProcessHeap(), 0, helper->password); HeapFree(GetProcessHeap(), 0, helper->password);
HeapFree(GetProcessHeap(), 0, helper->com_buf); HeapFree(GetProcessHeap(), 0, helper->com_buf);
HeapFree(GetProcessHeap(), 0, helper->session_key);
/* closing stdin will terminate ntlm_auth */ /* closing stdin will terminate ntlm_auth */
close(helper->pipe_out); close(helper->pipe_out);
......
...@@ -66,6 +66,9 @@ typedef struct _NegoHelper { ...@@ -66,6 +66,9 @@ typedef struct _NegoHelper {
char *com_buf; char *com_buf;
int com_buf_size; int com_buf_size;
int com_buf_offset; int com_buf_offset;
BYTE *session_key;
BOOL valid_session_key;
unsigned long neg_flags;
} NegoHelper, *PNegoHelper; } NegoHelper, *PNegoHelper;
/* Allocates space for and initializes a new provider. If fnTableA or fnTableW /* Allocates space for and initializes a new provider. If fnTableA or fnTableW
...@@ -121,4 +124,24 @@ SECURITY_STATUS encodeBase64(PBYTE in_buf, int in_len, char* out_buf, ...@@ -121,4 +124,24 @@ SECURITY_STATUS encodeBase64(PBYTE in_buf, int in_len, char* out_buf,
SECURITY_STATUS decodeBase64(char *in_buf, int in_len, BYTE *out_buf, SECURITY_STATUS decodeBase64(char *in_buf, int in_len, BYTE *out_buf,
int max_len, int *out_len); int max_len, int *out_len);
/* NTLMSSP flags indicating the negotiated features */
#define NTLMSSP_NEGOTIATE_UNICODE 0x00000001
#define NTLMSSP_NEGOTIATE_OEM 0x00000002
#define NTLMSSP_REQUEST_TARGET 0x00000004
#define NTLMSSP_NEGOTIATE_SIGN 0x00000010
#define NTLMSSP_NEGOTIATE_SEAL 0x00000020
#define NTLMSSP_NEGOTIATE_DATAGRAM_STYLE 0x00000040
#define NTLMSSP_NEGOTIATE_LM_SESSION_KEY 0x00000080
#define NTLMSSP_NEGOTIATE_NTLM 0x00000200
#define NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED 0x00001000
#define NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED 0x00002000
#define NTLMSSP_NEGOTIATE_LOCAL_CALL 0x00004000
#define NTLMSSP_NEGOTIATE_ALWAYS_SIGN 0x00008000
#define NTLMSSP_NEGOTIATE_TARGET_TYPE_DOMAIN 0x00010000
#define NTLMSSP_NEGOTIATE_TARGET_TYPE_SERVER 0x00020000
#define NTLMSSP_NEGOTIATE_NTLM2 0x00080000
#define NTLMSSP_NEGOTIATE_TARGET_INFO 0x00800000
#define NTLMSSP_NEGOTIATE_128 0x20000000
#define NTLMSSP_NEGOTIATE_KEY_EXCHANGE 0x40000000
#define NTLMSSP_NEGOTIATE_56 0x80000000
#endif /* ndef __SECUR32_PRIV_H__ */ #endif /* ndef __SECUR32_PRIV_H__ */
...@@ -673,7 +673,7 @@ static void testSignSeal() ...@@ -673,7 +673,7 @@ static void testSignSeal()
SEC_WINNT_AUTH_IDENTITY id; SEC_WINNT_AUTH_IDENTITY id;
static char sec_pkg_name[] = "NTLM"; static char sec_pkg_name[] = "NTLM";
PSecBufferDesc crypt = NULL; PSecBufferDesc crypt = NULL;
PSecBuffer data = NULL; PSecBuffer data = NULL, fake_data = NULL;
ULONG qop = 0; ULONG qop = 0;
SecPkgContext_Sizes ctxt_sizes; SecPkgContext_Sizes ctxt_sizes;
...@@ -739,6 +739,28 @@ static void testSignSeal() ...@@ -739,6 +739,28 @@ static void testSignSeal()
crypt->ulVersion = SECBUFFER_VERSION; crypt->ulVersion = SECBUFFER_VERSION;
crypt->cBuffers = 2; crypt->cBuffers = 2;
if((fake_data = HeapAlloc(GetProcessHeap(), 0, sizeof(SecBuffer) * 2)) == NULL)
{
trace("Failed to allocate the fake crypto buffer, aborting test.\n");
goto end;
}
crypt->pBuffers = fake_data;
fake_data[0].BufferType = SECBUFFER_DATA;
fake_data[0].cbBuffer = ctxt_sizes.cbSecurityTrailer;
fake_data[0].pvBuffer = HeapAlloc(GetProcessHeap(), 0, fake_data[0].cbBuffer);
fake_data[1].BufferType = SECBUFFER_DATA;
fake_data[1].cbBuffer = lstrlen(message);
fake_data[1].pvBuffer = HeapAlloc(GetProcessHeap(), 0, fake_data[1].cbBuffer);
sec_status = pMakeSignature(client.ctxt, 0, crypt, 0);
ok(sec_status == SEC_E_INVALID_TOKEN,
"MakeSignature returned %s, not SEC_E_INVALID_TOKEN.\n",
getSecError(sec_status));
if((data = HeapAlloc(GetProcessHeap(), 0, sizeof(SecBuffer) * 2)) == NULL) if((data = HeapAlloc(GetProcessHeap(), 0, sizeof(SecBuffer) * 2)) == NULL)
{ {
trace("Failed to allocate the crypto buffer, aborting test.\n"); trace("Failed to allocate the crypto buffer, aborting test.\n");
...@@ -761,12 +783,10 @@ static void testSignSeal() ...@@ -761,12 +783,10 @@ static void testSignSeal()
* it is sent by the client or the server * it is sent by the client or the server
*/ */
sec_status = pMakeSignature(client.ctxt, 0, crypt, 0); sec_status = pMakeSignature(client.ctxt, 0, crypt, 0);
todo_wine {
ok(sec_status == SEC_E_OK, "MakeSignature returned %s, not SEC_E_OK.\n", ok(sec_status == SEC_E_OK, "MakeSignature returned %s, not SEC_E_OK.\n",
getSecError(sec_status)); getSecError(sec_status));
ok(!memcmp(crypt->pBuffers[0].pvBuffer, message_signature, ok(!memcmp(crypt->pBuffers[0].pvBuffer, message_signature,
crypt->pBuffers[0].cbBuffer), "Signature is not as expected.\n"); crypt->pBuffers[0].cbBuffer), "Signature is not as expected.\n");
}
data[0].cbBuffer = sizeof(message_signature); data[0].cbBuffer = sizeof(message_signature);
memcpy(data[0].pvBuffer, message_signature, data[0].cbBuffer); memcpy(data[0].pvBuffer, message_signature, data[0].cbBuffer);
...@@ -807,6 +827,11 @@ end: ...@@ -807,6 +827,11 @@ end:
pDeleteSecurityContext(client.ctxt); pDeleteSecurityContext(client.ctxt);
pFreeCredentialsHandle(client.cred); pFreeCredentialsHandle(client.cred);
if(fake_data)
{
HeapFree(GetProcessHeap(), 0, fake_data[0].pvBuffer);
HeapFree(GetProcessHeap(), 0, fake_data[1].pvBuffer);
}
if(data) if(data)
{ {
HeapFree(GetProcessHeap(), 0, data[0].pvBuffer); HeapFree(GetProcessHeap(), 0, data[0].pvBuffer);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment