Commit 8e479f78 authored by Juan Lang's avatar Juan Lang Committed by Alexandre Julliard

rsaenh: Disallow deriving schannel encryption keys before setting the encryption algorithm.

parent ea43c598
...@@ -3923,6 +3923,12 @@ BOOL WINAPI RSAENH_CPDeriveKey(HCRYPTPROV hProv, ALG_ID Algid, HCRYPTHASH hBaseD ...@@ -3923,6 +3923,12 @@ BOOL WINAPI RSAENH_CPDeriveKey(HCRYPTPROV hProv, ALG_ID Algid, HCRYPTHASH hBaseD
{ {
/* See RFC 2246, chapter 6.3 Key calculation */ /* See RFC 2246, chapter 6.3 Key calculation */
case CALG_SCHANNEL_ENC_KEY: case CALG_SCHANNEL_ENC_KEY:
if (!pMasterKey->siSChannelInfo.saEncAlg.Algid ||
!pMasterKey->siSChannelInfo.saEncAlg.cBits)
{
SetLastError(NTE_BAD_FLAGS);
return FALSE;
}
*phKey = new_key(hProv, pMasterKey->siSChannelInfo.saEncAlg.Algid, *phKey = new_key(hProv, pMasterKey->siSChannelInfo.saEncAlg.Algid,
MAKELONG(LOWORD(dwFlags),pMasterKey->siSChannelInfo.saEncAlg.cBits), MAKELONG(LOWORD(dwFlags),pMasterKey->siSChannelInfo.saEncAlg.cBits),
&pCryptKey); &pCryptKey);
......
...@@ -2371,7 +2371,6 @@ static void test_schannel_provider(void) ...@@ -2371,7 +2371,6 @@ static void test_schannel_provider(void)
* succeed before the encryption key algorithm is set. * succeed before the encryption key algorithm is set.
*/ */
result = CryptDeriveKey(hProv, CALG_SCHANNEL_ENC_KEY, hMasterHash, CRYPT_SERVER, &hServerWriteKey); result = CryptDeriveKey(hProv, CALG_SCHANNEL_ENC_KEY, hMasterHash, CRYPT_SERVER, &hServerWriteKey);
todo_wine
ok (!result && GetLastError() == NTE_BAD_FLAGS, ok (!result && GetLastError() == NTE_BAD_FLAGS,
"expected NTE_BAD_FLAGS, got %08x\n", GetLastError()); "expected NTE_BAD_FLAGS, got %08x\n", GetLastError());
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment