crypt32: Add tests for CryptMsgGetAndVerifySigner.

dlls/crypt32/tests/msg.c

@@ -2561,6 +2561,137 @@ static BOOL detect_nt(void)
     return TRUE;
 }
 
+static void test_msg_get_and_verify_signer(void)
+{
+    BOOL ret;
+    HCRYPTMSG msg;
+    PCCERT_CONTEXT signer;
+    DWORD signerIndex;
+    HCERTSTORE store;
+
+    /* Crash */
+    if (0)
+    {
+        ret = CryptMsgGetAndVerifySigner(NULL, 0, NULL, 0, NULL, NULL);
+        ret = CryptMsgGetAndVerifySigner(NULL, 0, NULL, 0, NULL, &signerIndex);
+    }
+
+    msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL);
+    /* An empty message has no signer */
+    SetLastError(0xdeadbeef);
+    ret = CryptMsgGetAndVerifySigner(msg, 0, NULL, 0, NULL, NULL);
+    todo_wine
+    ok(!ret && GetLastError() == CRYPT_E_NO_TRUSTED_SIGNER,
+     "expected CRYPT_E_NO_TRUSTED_SIGNER, got 0x%08x\n", GetLastError());
+    /* The signer is cleared on error */
+    signer = (PCCERT_CONTEXT)0xdeadbeef;
+    SetLastError(0xdeadbeef);
+    ret = CryptMsgGetAndVerifySigner(msg, 0, NULL, 0, &signer, NULL);
+    todo_wine
+    ok(!ret && GetLastError() == CRYPT_E_NO_TRUSTED_SIGNER,
+     "expected CRYPT_E_NO_TRUSTED_SIGNER, got 0x%08x\n", GetLastError());
+    todo_wine
+    ok(!signer, "expected signer to be NULL\n");
+    /* The signer index is also cleared on error */
+    signerIndex = 0xdeadbeef;
+    SetLastError(0xdeadbeef);
+    ret = CryptMsgGetAndVerifySigner(msg, 0, NULL, 0, NULL, &signerIndex);
+    todo_wine
+    ok(!ret && GetLastError() == CRYPT_E_NO_TRUSTED_SIGNER,
+     "expected CRYPT_E_NO_TRUSTED_SIGNER, got 0x%08x\n", GetLastError());
+    todo_wine
+    ok(!signerIndex, "expected 0, got %d\n", signerIndex);
+    /* An unsigned message (msgData isn't a signed message at all)
+     * likewise has no signer.
+     */
+    CryptMsgUpdate(msg, msgData, sizeof(msgData), TRUE);
+    SetLastError(0xdeadbeef);
+    ret = CryptMsgGetAndVerifySigner(msg, 0, NULL, 0, NULL, NULL);
+    todo_wine
+    ok(!ret && GetLastError() == CRYPT_E_NO_TRUSTED_SIGNER,
+     "expected CRYPT_E_NO_TRUSTED_SIGNER, got 0x%08x\n", GetLastError());
+    CryptMsgClose(msg);
+
+    msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL);
+    /* A "signed" message created with no signer cert likewise has no signer */
+    CryptMsgUpdate(msg, signedEmptyContent, sizeof(signedEmptyContent), TRUE);
+    SetLastError(0xdeadbeef);
+    ret = CryptMsgGetAndVerifySigner(msg, 0, NULL, 0, NULL, NULL);
+    todo_wine
+    ok(!ret && GetLastError() == CRYPT_E_NO_TRUSTED_SIGNER,
+     "expected CRYPT_E_NO_TRUSTED_SIGNER, got 0x%08x\n", GetLastError());
+    CryptMsgClose(msg);
+
+    msg = CryptMsgOpenToDecode(PKCS_7_ASN_ENCODING, 0, 0, 0, NULL, NULL);
+    /* A signed message succeeds, .. */
+    CryptMsgUpdate(msg, signedWithCertWithValidPubKeyContent,
+     sizeof(signedWithCertWithValidPubKeyContent), TRUE);
+    ret = CryptMsgGetAndVerifySigner(msg, 0, NULL, 0, NULL, NULL);
+    todo_wine
+    ok(ret, "CryptMsgGetAndVerifySigner failed: 0x%08x\n", GetLastError());
+    /* the signer index can be retrieved, .. */
+    signerIndex = 0xdeadbeef;
+    ret = CryptMsgGetAndVerifySigner(msg, 0, NULL, 0, NULL, &signerIndex);
+    todo_wine
+    ok(ret, "CryptMsgGetAndVerifySigner failed: 0x%08x\n", GetLastError());
+    todo_wine
+    ok(signerIndex == 0, "expected 0, got %d\n", signerIndex);
+    /* as can the signer cert. */
+    signer = (PCCERT_CONTEXT)0xdeadbeef;
+    ret = CryptMsgGetAndVerifySigner(msg, 0, NULL, 0, &signer, NULL);
+    todo_wine
+    ok(ret, "CryptMsgGetAndVerifySigner failed: 0x%08x\n", GetLastError());
+    todo_wine
+    ok(signer != NULL && signer != (PCCERT_CONTEXT)0xdeadbeef,
+     "expected a valid signer\n");
+    if (signer && signer != (PCCERT_CONTEXT)0xdeadbeef)
+        CertFreeCertificateContext(signer);
+    /* Specifying CMSG_USE_SIGNER_INDEX_FLAG and an invalid signer index fails
+     */
+    signerIndex = 0xdeadbeef;
+    SetLastError(0xdeadbeef);
+    ret = CryptMsgGetAndVerifySigner(msg, 0, NULL, CMSG_USE_SIGNER_INDEX_FLAG,
+     NULL, &signerIndex);
+    todo_wine
+    ok(!ret && GetLastError() == CRYPT_E_INVALID_INDEX,
+     "expected CRYPT_E_INVALID_INDEX, got 0x%08x\n", GetLastError());
+    /* Specifying CMSG_TRUSTED_SIGNER_FLAG and no cert stores causes the
+     * message signer not to be found.
+     */
+    SetLastError(0xdeadbeef);
+    ret = CryptMsgGetAndVerifySigner(msg, 0, NULL, CMSG_TRUSTED_SIGNER_FLAG,
+     NULL, NULL);
+    todo_wine
+    ok(!ret && GetLastError() == CRYPT_E_NO_TRUSTED_SIGNER,
+     "expected CRYPT_E_NO_TRUSTED_SIGNER, got 0x%08x\n", GetLastError());
+    /* Specifying CMSG_TRUSTED_SIGNER_FLAG and an empty cert store also causes
+     * the message signer not to be found.
+     */
+    store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
+     CERT_STORE_CREATE_NEW_FLAG, NULL);
+    SetLastError(0xdeadbeef);
+    ret = CryptMsgGetAndVerifySigner(msg, 1, &store, CMSG_TRUSTED_SIGNER_FLAG,
+     NULL, NULL);
+    todo_wine
+    ok(!ret && GetLastError() == CRYPT_E_NO_TRUSTED_SIGNER,
+     "expected CRYPT_E_NO_TRUSTED_SIGNER, got 0x%08x\n", GetLastError());
+    ret = CertAddEncodedCertificateToStore(store, X509_ASN_ENCODING,
+     v1CertWithValidPubKey, sizeof(v1CertWithValidPubKey),
+     CERT_STORE_ADD_ALWAYS, NULL);
+    ok(ret, "CertAddEncodedCertificateToStore failed: 0x%08x\n",
+     GetLastError());
+    /* Specifying CMSG_TRUSTED_SIGNER_FLAG with a cert store that contains
+     * the signer succeeds.
+     */
+    SetLastError(0xdeadbeef);
+    ret = CryptMsgGetAndVerifySigner(msg, 1, &store, CMSG_TRUSTED_SIGNER_FLAG,
+     NULL, NULL);
+    todo_wine
+    ok(ret, "CryptMsgGetAndVerifySigner failed: 0x%08x\n", GetLastError());
+    CertCloseStore(store, 0);
+    CryptMsgClose(msg);
+}
+
 START_TEST(msg)
 {
     init_function_pointers();
@@ -2578,4 +2709,6 @@ START_TEST(msg)
     test_hash_msg();
     test_signed_msg();
     test_decode_msg();
+
+    test_msg_get_and_verify_signer();
 }