Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
W
wine-winehq
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
wine
wine-winehq
Commits
acfa433f
Commit
acfa433f
authored
Nov 06, 2009
by
Juan Lang
Committed by
Alexandre Julliard
Nov 09, 2009
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
crypt32: Add more tests of cert encoding/decoding.
parent
bcfa7c57
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
135 additions
and
5 deletions
+135
-5
encode.c
dlls/crypt32/tests/encode.c
+135
-5
No files found.
dlls/crypt32/tests/encode.c
View file @
acfa433f
...
...
@@ -2784,6 +2784,11 @@ static const BYTE v3Cert[] = { 0x30, 0x38, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02,
0x30
,
0x31
,
0x30
,
0x31
,
0x30
,
0x30
,
0x30
,
0x30
,
0x30
,
0x30
,
0x5a
,
0x18
,
0x0f
,
0x31
,
0x36
,
0x30
,
0x31
,
0x30
,
0x31
,
0x30
,
0x31
,
0x30
,
0x30
,
0x30
,
0x30
,
0x30
,
0x30
,
0x5a
,
0x30
,
0x07
,
0x30
,
0x02
,
0x06
,
0x00
,
0x03
,
0x01
,
0x00
};
static
const
BYTE
v4Cert
[]
=
{
0x30
,
0x38
,
0xa0
,
0x03
,
0x02
,
0x01
,
0x03
,
0x02
,
0x00
,
0x30
,
0x02
,
0x06
,
0x00
,
0x30
,
0x22
,
0x18
,
0x0f
,
0x31
,
0x36
,
0x30
,
0x31
,
0x30
,
0x31
,
0x30
,
0x31
,
0x30
,
0x30
,
0x30
,
0x30
,
0x30
,
0x30
,
0x5a
,
0x18
,
0x0f
,
0x31
,
0x36
,
0x30
,
0x31
,
0x30
,
0x31
,
0x30
,
0x31
,
0x30
,
0x30
,
0x30
,
0x30
,
0x30
,
0x30
,
0x5a
,
0x30
,
0x07
,
0x30
,
0x02
,
0x06
,
0x00
,
0x03
,
0x01
,
0x00
};
static
const
BYTE
v1CertWithConstraints
[]
=
{
0x30
,
0x4b
,
0x02
,
0x00
,
0x30
,
0x02
,
0x06
,
0x00
,
0x30
,
0x22
,
0x18
,
0x0f
,
0x31
,
0x36
,
0x30
,
0x31
,
0x30
,
0x31
,
0x30
,
0x31
,
0x30
,
0x30
,
0x30
,
0x30
,
0x30
,
0x30
,
0x5a
,
0x18
,
0x0f
,
0x31
,
0x36
,
...
...
@@ -2841,6 +2846,35 @@ static const BYTE v1CertWithSubjectKeyId[] = {
0x00
,
0x30
,
0x07
,
0x30
,
0x02
,
0x06
,
0x00
,
0x03
,
0x01
,
0x00
,
0xa3
,
0x17
,
0x30
,
0x15
,
0x30
,
0x13
,
0x06
,
0x03
,
0x55
,
0x1d
,
0x0e
,
0x04
,
0x0c
,
0x04
,
0x0a
,
0x4a
,
0x75
,
0x61
,
0x6e
,
0x20
,
0x4c
,
0x61
,
0x6e
,
0x67
,
0x00
};
static
const
BYTE
v1CertWithIssuerUniqueId
[]
=
{
0x30
,
0x38
,
0x02
,
0x01
,
0x01
,
0x30
,
0x02
,
0x06
,
0x00
,
0x30
,
0x22
,
0x18
,
0x0f
,
0x31
,
0x36
,
0x30
,
0x31
,
0x30
,
0x31
,
0x30
,
0x31
,
0x30
,
0x30
,
0x30
,
0x30
,
0x30
,
0x30
,
0x5a
,
0x18
,
0x0f
,
0x31
,
0x36
,
0x30
,
0x31
,
0x30
,
0x31
,
0x30
,
0x31
,
0x30
,
0x30
,
0x30
,
0x30
,
0x30
,
0x30
,
0x5a
,
0x30
,
0x07
,
0x30
,
0x02
,
0x06
,
0x00
,
0x03
,
0x01
,
0x00
,
0x81
,
0x02
,
0x00
,
0x01
};
static
const
BYTE
v1CertWithSubjectIssuerSerialAndIssuerUniqueId
[]
=
{
0x30
,
0x81
,
0x99
,
0x02
,
0x01
,
0x01
,
0x30
,
0x02
,
0x06
,
0x00
,
0x30
,
0x15
,
0x31
,
0x13
,
0x30
,
0x11
,
0x06
,
0x03
,
0x55
,
0x04
,
0x03
,
0x13
,
0x0a
,
0x4a
,
0x75
,
0x61
,
0x6e
,
0x20
,
0x4c
,
0x61
,
0x6e
,
0x67
,
0x00
,
0x30
,
0x22
,
0x18
,
0x0f
,
0x31
,
0x36
,
0x30
,
0x31
,
0x30
,
0x31
,
0x30
,
0x31
,
0x30
,
0x30
,
0x30
,
0x30
,
0x30
,
0x30
,
0x5a
,
0x18
,
0x0f
,
0x31
,
0x36
,
0x30
,
0x31
,
0x30
,
0x31
,
0x30
,
0x31
,
0x30
,
0x30
,
0x30
,
0x30
,
0x30
,
0x30
,
0x5a
,
0x30
,
0x15
,
0x31
,
0x13
,
0x30
,
0x11
,
0x06
,
0x03
,
0x55
,
0x04
,
0x03
,
0x13
,
0x0a
,
0x4a
,
0x75
,
0x61
,
0x6e
,
0x20
,
0x4c
,
0x61
,
0x6e
,
0x67
,
0x00
,
0x30
,
0x22
,
0x30
,
0x0d
,
0x06
,
0x09
,
0x2a
,
0x86
,
0x48
,
0x86
,
0xf7
,
0x0d
,
0x01
,
0x01
,
0x01
,
0x05
,
0x00
,
0x03
,
0x11
,
0x00
,
0x00
,
0x01
,
0x02
,
0x03
,
0x04
,
0x05
,
0x06
,
0x07
,
0x08
,
0x09
,
0x0a
,
0x0b
,
0x0c
,
0x0d
,
0x0e
,
0x0f
,
0x81
,
0x02
,
0x00
,
0x01
,
0xa3
,
0x16
,
0x30
,
0x14
,
0x30
,
0x12
,
0x06
,
0x03
,
0x55
,
0x1d
,
0x13
,
0x01
,
0x01
,
0xff
,
0x04
,
0x08
,
0x30
,
0x06
,
0x01
,
0x01
,
0xff
,
0x02
,
0x01
,
0x01
};
static
const
BYTE
v1CertWithSubjectIssuerSerialAndIssuerUniqueIdNoNull
[]
=
{
0x30
,
0x81
,
0x97
,
0x02
,
0x01
,
0x01
,
0x30
,
0x02
,
0x06
,
0x00
,
0x30
,
0x15
,
0x31
,
0x13
,
0x30
,
0x11
,
0x06
,
0x03
,
0x55
,
0x04
,
0x03
,
0x13
,
0x0a
,
0x4a
,
0x75
,
0x61
,
0x6e
,
0x20
,
0x4c
,
0x61
,
0x6e
,
0x67
,
0x00
,
0x30
,
0x22
,
0x18
,
0x0f
,
0x31
,
0x36
,
0x30
,
0x31
,
0x30
,
0x31
,
0x30
,
0x31
,
0x30
,
0x30
,
0x30
,
0x30
,
0x30
,
0x30
,
0x5a
,
0x18
,
0x0f
,
0x31
,
0x36
,
0x30
,
0x31
,
0x30
,
0x31
,
0x30
,
0x31
,
0x30
,
0x30
,
0x30
,
0x30
,
0x30
,
0x30
,
0x5a
,
0x30
,
0x15
,
0x31
,
0x13
,
0x30
,
0x11
,
0x06
,
0x03
,
0x55
,
0x04
,
0x03
,
0x13
,
0x0a
,
0x4a
,
0x75
,
0x61
,
0x6e
,
0x20
,
0x4c
,
0x61
,
0x6e
,
0x67
,
0x00
,
0x30
,
0x20
,
0x30
,
0x0b
,
0x06
,
0x09
,
0x2a
,
0x86
,
0x48
,
0x86
,
0xf7
,
0x0d
,
0x01
,
0x01
,
0x01
,
0x03
,
0x11
,
0x00
,
0x00
,
0x01
,
0x02
,
0x03
,
0x04
,
0x05
,
0x06
,
0x07
,
0x08
,
0x09
,
0x0a
,
0x0b
,
0x0c
,
0x0d
,
0x0e
,
0x0f
,
0x81
,
0x02
,
0x00
,
0x01
,
0xa3
,
0x16
,
0x30
,
0x14
,
0x30
,
0x12
,
0x06
,
0x03
,
0x55
,
0x1d
,
0x13
,
0x01
,
0x01
,
0xff
,
0x04
,
0x08
,
0x30
,
0x06
,
0x01
,
0x01
,
0xff
,
0x02
,
0x01
,
0x01
};
static
const
BYTE
serialNum
[]
=
{
0x01
};
...
...
@@ -2898,6 +2932,16 @@ static void test_encodeCertToBeSigned(DWORD dwEncoding)
ok
(
!
memcmp
(
buf
,
v3Cert
,
size
),
"Got unexpected value
\n
"
);
LocalFree
(
buf
);
}
/* A v4 cert? */
info
.
dwVersion
=
3
;
/* Not a typo, CERT_V3 is 2 */
ret
=
pCryptEncodeObjectEx
(
dwEncoding
,
X509_CERT_TO_BE_SIGNED
,
&
info
,
CRYPT_ENCODE_ALLOC_FLAG
,
NULL
,
&
buf
,
&
size
);
if
(
buf
)
{
ok
(
size
==
sizeof
(
v4Cert
),
"Wrong size %d
\n
"
,
size
);
ok
(
!
memcmp
(
buf
,
v4Cert
,
size
),
"Unexpected value
\n
"
);
LocalFree
(
buf
);
}
/* see if a V1 cert can have basic constraints set (RFC3280 says no, but
* API doesn't prevent it)
*/
...
...
@@ -2925,7 +2969,28 @@ static void test_encodeCertToBeSigned(DWORD dwEncoding)
ok
(
!
memcmp
(
buf
,
v1CertWithSerial
,
size
),
"Got unexpected value
\n
"
);
LocalFree
(
buf
);
}
/* Test v1 cert with an issuer name, serial number, and issuer unique id */
info
.
dwVersion
=
CERT_V1
;
info
.
cExtension
=
0
;
info
.
IssuerUniqueId
.
cbData
=
sizeof
(
serialNum
);
info
.
IssuerUniqueId
.
pbData
=
(
BYTE
*
)
serialNum
;
ret
=
pCryptEncodeObjectEx
(
dwEncoding
,
X509_CERT_TO_BE_SIGNED
,
&
info
,
CRYPT_ENCODE_ALLOC_FLAG
,
NULL
,
&
buf
,
&
size
);
ok
(
ret
,
"CryptEncodeObjectEx failed: %08x
\n
"
,
GetLastError
());
if
(
buf
)
{
todo_wine
{
ok
(
size
==
sizeof
(
v1CertWithIssuerUniqueId
),
"Wrong size %d
\n
"
,
size
);
ok
(
!
memcmp
(
buf
,
v1CertWithIssuerUniqueId
,
size
),
"Got unexpected value
\n
"
);
}
LocalFree
(
buf
);
}
/* Test v1 cert with an issuer name, a subject name, and a serial number */
info
.
IssuerUniqueId
.
cbData
=
0
;
info
.
IssuerUniqueId
.
pbData
=
NULL
;
info
.
cExtension
=
1
;
info
.
rgExtension
=
&
criticalExt
;
info
.
Issuer
.
cbData
=
sizeof
(
encodedCommonName
);
info
.
Issuer
.
pbData
=
(
BYTE
*
)
encodedCommonName
;
info
.
Subject
.
cbData
=
sizeof
(
encodedCommonName
);
...
...
@@ -2955,7 +3020,32 @@ static void test_encodeCertToBeSigned(DWORD dwEncoding)
"Got unexpected value
\n
"
);
LocalFree
(
buf
);
}
/* Again add an issuer unique id */
info
.
IssuerUniqueId
.
cbData
=
sizeof
(
serialNum
);
info
.
IssuerUniqueId
.
pbData
=
(
BYTE
*
)
serialNum
;
ret
=
pCryptEncodeObjectEx
(
dwEncoding
,
X509_CERT_TO_BE_SIGNED
,
&
info
,
CRYPT_ENCODE_ALLOC_FLAG
,
NULL
,
&
buf
,
&
size
);
ok
(
ret
,
"CryptEncodeObjectEx failed: %08x
\n
"
,
GetLastError
());
if
(
buf
)
{
ok
(
size
==
sizeof
(
v1CertWithSubjectIssuerSerialAndIssuerUniqueId
)
||
size
==
sizeof
(
v1CertWithSubjectIssuerSerialAndIssuerUniqueIdNoNull
),
"Wrong size %d
\n
"
,
size
);
todo_wine
{
if
(
size
==
sizeof
(
v1CertWithSubjectIssuerSerialAndIssuerUniqueId
))
ok
(
!
memcmp
(
buf
,
v1CertWithSubjectIssuerSerialAndIssuerUniqueId
,
size
),
"unexpected value
\n
"
);
else
if
(
size
==
sizeof
(
v1CertWithSubjectIssuerSerialAndIssuerUniqueIdNoNull
))
ok
(
!
memcmp
(
buf
,
v1CertWithSubjectIssuerSerialAndIssuerUniqueIdNoNull
,
size
),
"unexpected value
\n
"
);
}
LocalFree
(
buf
);
}
/* Remove the public key, and add a subject key identifier extension */
info
.
IssuerUniqueId
.
cbData
=
0
;
info
.
IssuerUniqueId
.
pbData
=
NULL
;
info
.
SubjectPublicKeyInfo
.
Algorithm
.
pszObjId
=
NULL
;
info
.
SubjectPublicKeyInfo
.
PublicKey
.
cbData
=
0
;
info
.
SubjectPublicKeyInfo
.
PublicKey
.
pbData
=
NULL
;
...
...
@@ -2977,8 +3067,8 @@ static void test_encodeCertToBeSigned(DWORD dwEncoding)
static
void
test_decodeCertToBeSigned
(
DWORD
dwEncoding
)
{
static
const
BYTE
*
corruptCerts
[]
=
{
v1Cert
,
v2Cert
,
v3Cert
,
v1CertWithConstraints
,
v1CertWithSerial
};
static
const
BYTE
*
corruptCerts
[]
=
{
v1Cert
,
v2Cert
,
v3Cert
,
v4Cert
,
v1CertWithConstraints
,
v1CertWithSerial
,
v1CertWithIssuerUniqueId
};
BOOL
ret
;
BYTE
*
buf
=
NULL
;
DWORD
size
=
0
,
i
;
...
...
@@ -2997,9 +3087,9 @@ static void test_decodeCertToBeSigned(DWORD dwEncoding)
ok
(
!
ret
&&
GetLastError
()
==
STATUS_ACCESS_VIOLATION
,
"Expected STATUS_ACCESS_VIOLATION, got %08x
\n
"
,
GetLastError
());
}
/* The following certs all fail with CRYPT_E_ASN1_CORRUPT
, because at a
*
minimum a cert must have a non-zero serial number, an issuer, and a
* s
ubject
.
/* The following certs all fail with CRYPT_E_ASN1_CORRUPT
or
*
CRYPT_E_ASN1_BADTAG, because at a minimum a cert must have a non-zero
* s
erial number, an issuer, a subject, and a public key
.
*/
for
(
i
=
0
;
i
<
sizeof
(
corruptCerts
)
/
sizeof
(
corruptCerts
[
0
]);
i
++
)
{
...
...
@@ -3008,6 +3098,46 @@ static void test_decodeCertToBeSigned(DWORD dwEncoding)
&
buf
,
&
size
);
ok
(
!
ret
,
"Expected failure
\n
"
);
}
/* The following succeeds, even though v1 certs are not allowed to have
* extensions.
*/
ret
=
pCryptDecodeObjectEx
(
dwEncoding
,
X509_CERT_TO_BE_SIGNED
,
v1CertWithSubjectKeyId
,
sizeof
(
v1CertWithSubjectKeyId
),
CRYPT_DECODE_ALLOC_FLAG
,
NULL
,
&
buf
,
&
size
);
ok
(
ret
,
"CryptDecodeObjectEx failed: %08x
\n
"
,
GetLastError
());
if
(
ret
)
{
CERT_INFO
*
info
=
(
CERT_INFO
*
)
buf
;
ok
(
size
>=
sizeof
(
CERT_INFO
),
"Wrong size %d
\n
"
,
size
);
ok
(
info
->
dwVersion
==
CERT_V1
,
"expected CERT_V1, got %d
\n
"
,
info
->
dwVersion
);
ok
(
info
->
cExtension
==
1
,
"expected 1 extension, got %d
\n
"
,
info
->
cExtension
);
LocalFree
(
buf
);
}
/* The following also succeeds, even though V1 certs are not allowed to
* have issuer unique ids.
*/
ret
=
pCryptDecodeObjectEx
(
dwEncoding
,
X509_CERT_TO_BE_SIGNED
,
v1CertWithSubjectIssuerSerialAndIssuerUniqueId
,
sizeof
(
v1CertWithSubjectIssuerSerialAndIssuerUniqueId
),
CRYPT_DECODE_ALLOC_FLAG
,
NULL
,
&
buf
,
&
size
);
todo_wine
ok
(
ret
,
"CryptDecodeObjectEx failed: %08x
\n
"
,
GetLastError
());
if
(
ret
)
{
CERT_INFO
*
info
=
(
CERT_INFO
*
)
buf
;
ok
(
size
>=
sizeof
(
CERT_INFO
),
"Wrong size %d
\n
"
,
size
);
ok
(
info
->
dwVersion
==
CERT_V1
,
"expected CERT_V1, got %d
\n
"
,
info
->
dwVersion
);
ok
(
info
->
IssuerUniqueId
.
cbData
==
sizeof
(
serialNum
),
"unexpected issuer unique id size %d
\n
"
,
info
->
IssuerUniqueId
.
cbData
);
ok
(
!
memcmp
(
info
->
IssuerUniqueId
.
pbData
,
serialNum
,
sizeof
(
serialNum
)),
"unexpected issuer unique id value
\n
"
);
LocalFree
(
buf
);
}
/* Now check with serial number, subject and issuer specified */
ret
=
pCryptDecodeObjectEx
(
dwEncoding
,
X509_CERT_TO_BE_SIGNED
,
bigCert
,
sizeof
(
bigCert
),
CRYPT_DECODE_ALLOC_FLAG
,
NULL
,
&
buf
,
&
size
);
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment