From: Derek Lesho Subject: [PATCH v3 2/4] bcrypt/tests: Add tests for BCRYPT_KDF_HASH. Message-Id: <20200107202250.2277241-2-dlesho@codeweavers.com> Date: Tue, 7 Jan 2020 14:22:48 -0600 In-Reply-To: <20200107202250.2277241-1-dlesho@codeweavers.com> References: <20200107202250.2277241-1-dlesho@codeweavers.com> Signed-off-by: Derek Lesho --- dlls/bcrypt/tests/bcrypt.c | 60 ++++++++++++++++++++++++++++++++++++-- include/bcrypt.h | 6 ++++ 2 files changed, 64 insertions(+), 2 deletions(-) diff --git a/dlls/bcrypt/tests/bcrypt.c b/dlls/bcrypt/tests/bcrypt.c index 47bb58d3d1..d26150f469 100644 --- a/dlls/bcrypt/tests/bcrypt.c +++ b/dlls/bcrypt/tests/bcrypt.c @@ -1951,6 +1951,28 @@ static BYTE ecdh_secret[] = 0x9b, 0x69, 0xaf, 0xd1, 0xaf, 0x1f, 0xc2, 0xd7, 0x83, 0x0a, 0xb7, 0xf8, 0x4f, 0x24, 0x32, 0x8e, }; +BCryptBuffer hash_param_buffers[] = +{ +{ + sizeof(BCRYPT_SHA1_ALGORITHM), + KDF_HASH_ALGORITHM, + (void *)BCRYPT_SHA1_ALGORITHM, +} +}; + +BCryptBufferDesc hash_params = +{ + BCRYPTBUFFER_VERSION, + ARRAY_SIZE(hash_param_buffers), + hash_param_buffers, +}; + +static BYTE hashed_secret[] = +{ + 0x1b, 0xe7, 0xbf, 0x0f, 0x65, 0x1e, 0xd0, 0x07, 0xf9, 0xf4, 0x77, 0x48, 0x48, 0x39, 0xd0, 0xf8, + 0xf3, 0xce, 0xfc, 0x89 +}; + static void test_ECDH(void) { BYTE *buf; @@ -2045,14 +2067,14 @@ static void test_ECDH(void) if (status == STATUS_NOT_SUPPORTED) { win_skip("BCRYPT_KDF_RAW_SECRET not supported\n"); - goto derive_end; + goto raw_secret_end; } todo_wine ok(status == STATUS_SUCCESS, "got %08x\n", status); if (status != STATUS_SUCCESS) { - goto derive_end; + goto raw_secret_end; } ok(size == 32, "size of secret key incorrect, got %u, expected 32\n", size); @@ -2062,6 +2084,40 @@ static void test_ECDH(void) ok(!(memcmp(ecdh_secret, buf, size)), "wrong data\n"); HeapFree(GetProcessHeap(), 0, buf); + raw_secret_end: + + status = pBCryptDeriveKey(secret, BCRYPT_KDF_HASH, &hash_params, NULL, 0, &size, 0); + todo_wine ok (status == STATUS_SUCCESS, "got %08x\n", status); + + if (status != STATUS_SUCCESS) + { + goto derive_end; + } + + ok (size == 20, "got %u\n", size); + buf = HeapAlloc(GetProcessHeap(), 0, size); + status = pBCryptDeriveKey(secret, BCRYPT_KDF_HASH, &hash_params, buf, size, &size, 0); + ok(status == STATUS_SUCCESS, "got %08x\n", status); + ok(!(memcmp(hashed_secret, buf, size)), "wrong data\n"); + HeapFree(GetProcessHeap(), 0, buf); + + /* ulVersion is not verified */ + hash_params.ulVersion = 0xdeadbeef; + status = pBCryptDeriveKey(secret, BCRYPT_KDF_HASH, &hash_params, NULL, 0, &size, 0); + ok (status == STATUS_SUCCESS, "got %08x\n", status); + + hash_params.ulVersion = BCRYPTBUFFER_VERSION; + hash_param_buffers[0].pvBuffer = (void*) L"INVALID"; + hash_param_buffers[0].cbBuffer = sizeof(L"INVALID"); + + status = pBCryptDeriveKey(secret, BCRYPT_KDF_HASH, &hash_params, NULL, 0, &size, 0); + ok (status == STATUS_NOT_SUPPORTED || broken (status == STATUS_NOT_FOUND) /* < win8 */, "got %08x\n", status); + + hash_param_buffers[0].pvBuffer = (void*) BCRYPT_RNG_ALGORITHM; + hash_param_buffers[0].cbBuffer = sizeof(BCRYPT_RNG_ALGORITHM); + status = pBCryptDeriveKey(secret, BCRYPT_KDF_HASH, &hash_params, NULL, 0, &size, 0); + ok (status == STATUS_NOT_SUPPORTED, "got %08x\n", status); + derive_end: pBCryptDestroySecret(secret); diff --git a/include/bcrypt.h b/include/bcrypt.h index f393dc6e5c..0bc4dea910 100644 --- a/include/bcrypt.h +++ b/include/bcrypt.h @@ -286,6 +286,10 @@ typedef struct _BCRYPT_KEY_DATA_BLOB_HEADER ULONG cbKeyData; } BCRYPT_KEY_DATA_BLOB_HEADER, *PBCRYPT_KEY_DATA_BLOB_HEADER; +#define KDF_HASH_ALGORITHM 0x00000000 +#define KDF_SECRET_PREPEND 0x00000001 +#define KDF_SECRET_APPEND 0x00000002 + typedef struct _BCryptBuffer { ULONG cbBuffer; @@ -293,6 +297,8 @@ typedef struct _BCryptBuffer void *pvBuffer; } BCryptBuffer, *PBCryptBuffer; +#define BCRYPTBUFFER_VERSION 0 + typedef struct _BCryptBufferDesc { ULONG ulVersion; -- 2.24.1