1 /* 2 * crypt32 CTL functions tests 3 * 4 * Copyright 2008 Juan Lang 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2.1 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, write to the Free Software 18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA 19 */ 20 21 #include <stdio.h> 22 #include <stdarg.h> 23 24 #include <windef.h> 25 #include <winbase.h> 26 #include <winerror.h> 27 #include <wincrypt.h> 28 29 #include "wine/test.h" 30 31 static const BYTE emptyCTL[] = { 32 0x30,0x17,0x30,0x00,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30, 33 0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x02,0x06,0x00 }; 34 static const BYTE ctlWithOneEntry[] = { 35 0x30,0x2a,0x30,0x00,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30, 36 0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x02,0x06,0x00,0x30,0x11,0x30,0x0f,0x04, 37 0x01,0x01,0x31,0x0a,0x30,0x08,0x06,0x02,0x2a,0x03,0x31,0x02,0x30,0x00 }; 38 static const BYTE signedCTL[] = { 39 0x30,0x81,0xc7,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x02,0xa0, 40 0x81,0xb9,0x30,0x81,0xb6,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,0x08,0x2a, 41 0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x28,0x06,0x09,0x2a,0x86, 42 0x48,0x86,0xf7,0x0d,0x01,0x07,0x01,0xa0,0x1b,0x04,0x19,0x30,0x17,0x30,0x00, 43 0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, 44 0x30,0x5a,0x30,0x02,0x06,0x00,0x31,0x77,0x30,0x75,0x02,0x01,0x01,0x30,0x1a, 45 0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75, 46 0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x02,0x01,0x01,0x30,0x0c,0x06,0x08, 47 0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x04,0x06,0x00,0x05, 48 0x00,0x04,0x40,0xca,0xd8,0x32,0xd1,0xbd,0x97,0x61,0x54,0xd6,0x80,0xcf,0x0d, 49 0xbd,0xa2,0x42,0xc7,0xca,0x37,0x91,0x7d,0x9d,0xac,0x8c,0xdf,0x05,0x8a,0x39, 50 0xc6,0x07,0xc1,0x37,0xe6,0xb9,0xd1,0x0d,0x26,0xec,0xa5,0xb0,0x8a,0x51,0x26, 51 0x2b,0x4f,0x73,0x44,0x86,0x83,0x5e,0x2b,0x6e,0xcc,0xf8,0x1b,0x85,0x53,0xe9, 52 0x7a,0x80,0x8f,0x6b,0x42,0x19,0x93 }; 53 static const BYTE signedCTLWithSubjectAlgorithm[] = { 54 0x30,0x81,0xd1,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x02,0xa0, 55 0x81,0xc3,0x30,0x81,0xc0,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,0x08,0x2a, 56 0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x32,0x06,0x09,0x2a,0x86, 57 0x48,0x86,0xf7,0x0d,0x01,0x07,0x01,0xa0,0x25,0x04,0x23,0x30,0x21,0x30,0x00, 58 0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, 59 0x30,0x5a,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05, 60 0x00,0x31,0x77,0x30,0x75,0x02,0x01,0x01,0x30,0x1a,0x30,0x15,0x31,0x13,0x30, 61 0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61, 62 0x6e,0x67,0x00,0x02,0x01,0x01,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7, 63 0x0d,0x02,0x05,0x05,0x00,0x30,0x04,0x06,0x00,0x05,0x00,0x04,0x40,0xca,0x7a, 64 0xfa,0xbf,0x44,0x36,0xfd,0xb2,0x84,0x70,0x0f,0xf5,0x66,0xcb,0x68,0xdb,0x45, 65 0x74,0xa1,0xed,0xe3,0x30,0x4a,0x11,0xd2,0x7b,0xf5,0xa9,0x68,0x8d,0x36,0xe8, 66 0x79,0xff,0xa2,0xf2,0x4c,0x8a,0xa9,0x65,0x03,0xf8,0x77,0xa5,0x01,0xd3,0x46, 67 0x8a,0xcc,0x93,0x36,0x30,0xe1,0xa4,0x47,0x70,0x3d,0xb3,0x97,0xfc,0x6d,0x24, 68 0xe9,0xf9 }; 69 static const BYTE signedCTLWithCTLInnerContent[] = { 70 0x30,0x82,0x01,0x0f,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x02, 71 0xa0,0x82,0x01,0x00,0x30,0x81,0xfd,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06, 72 0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x30,0x06,0x09, 73 0x2b,0x06,0x01,0x04,0x01,0x82,0x37,0x0a,0x01,0xa0,0x23,0x30,0x21,0x30,0x00, 74 0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, 75 0x30,0x5a,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05, 76 0x00,0x31,0x81,0xb5,0x30,0x81,0xb2,0x02,0x01,0x01,0x30,0x1a,0x30,0x15,0x31, 77 0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20, 78 0x4c,0x61,0x6e,0x67,0x00,0x02,0x01,0x01,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48, 79 0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0xa0,0x3b,0x30,0x18,0x06,0x09,0x2a,0x86, 80 0x48,0x86,0xf7,0x0d,0x01,0x09,0x03,0x31,0x0b,0x06,0x09,0x2b,0x06,0x01,0x04, 81 0x01,0x82,0x37,0x0a,0x01,0x30,0x1f,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d, 82 0x01,0x09,0x04,0x31,0x12,0x04,0x10,0x54,0x71,0xbc,0xe1,0x56,0x31,0xa2,0xf9, 83 0x65,0x70,0x34,0xf8,0xe2,0xe9,0xb4,0xf4,0x30,0x04,0x06,0x00,0x05,0x00,0x04, 84 0x40,0x2f,0x1b,0x9f,0x5a,0x4a,0x15,0x73,0xfa,0xb1,0x93,0x3d,0x09,0x52,0xdf, 85 0x6b,0x98,0x4b,0x13,0x5e,0xe7,0xbf,0x65,0xf4,0x9c,0xc2,0xb1,0x77,0x09,0xb1, 86 0x66,0x4d,0x72,0x0d,0xb1,0x1a,0x50,0x20,0xe0,0x57,0xa2,0x39,0xc7,0xcd,0x7f, 87 0x8e,0xe7,0x5f,0x76,0x2b,0xd1,0x6a,0x82,0xb3,0x30,0x25,0x61,0xf6,0x25,0x23, 88 0x57,0x6c,0x0b,0x47,0xb8 }; 89 static const BYTE signedCTLWithCTLInnerContentAndBadSig[] = { 90 0x30,0x82,0x01,0x0f,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x02, 91 0xa0,0x82,0x01,0x00,0x30,0x81,0xfd,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06, 92 0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x30,0x06,0x09, 93 0x2b,0x06,0x01,0x04,0x01,0x82,0x37,0x0a,0x01,0xa0,0x23,0x30,0x21,0x30,0x00, 94 0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, 95 0x30,0x5a,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05, 96 0x00,0x31,0x81,0xb5,0x30,0x81,0xb2,0x02,0x01,0x01,0x30,0x1a,0x30,0x15,0x31, 97 0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20, 98 0x4c,0x61,0x6e,0x67,0x00,0x02,0x01,0x01,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48, 99 0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0xa0,0x3b,0x30,0x18,0x06,0x09,0x2a,0x86, 100 0x48,0x86,0xf7,0x0d,0x01,0x09,0x03,0x31,0x0b,0x06,0x09,0x2b,0x06,0x01,0x04, 101 0x01,0x82,0x37,0x0a,0x01,0x30,0x1f,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d, 102 0x01,0x09,0x04,0x31,0x12,0x04,0x10,0x54,0x71,0xbc,0xe1,0x56,0x31,0xa2,0xf9, 103 0x65,0x70,0x34,0xf8,0xe2,0xe9,0xb4,0xf4,0x30,0x04,0x06,0x00,0x05,0x00,0x04, 104 0x40,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff, 105 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff, 106 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff, 107 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff, 108 0xff,0xff,0xff,0xff,0xff }; 109 110 static void testCreateCTL(void) 111 { 112 PCCTL_CONTEXT ctl; 113 114 SetLastError(0xdeadbeef); 115 ctl = CertCreateCTLContext(0, NULL, 0); 116 ok(!ctl && GetLastError() == E_INVALIDARG, 117 "expected E_INVALIDARG, got %08x\n", GetLastError()); 118 SetLastError(0xdeadbeef); 119 ctl = CertCreateCTLContext(X509_ASN_ENCODING, NULL, 0); 120 ok(!ctl && 121 (GetLastError() == ERROR_INVALID_DATA || 122 GetLastError() == OSS_MORE_INPUT), /* win9x */ 123 "expected ERROR_INVALID_DATA, got %d (0x%08x)\n", GetLastError(), 124 GetLastError()); 125 /* An empty CTL can't be created.. */ 126 SetLastError(0xdeadbeef); 127 ctl = CertCreateCTLContext(X509_ASN_ENCODING, emptyCTL, sizeof(emptyCTL)); 128 ok(!ctl && 129 (GetLastError() == ERROR_INVALID_DATA || 130 GetLastError() == OSS_DATA_ERROR), /* win9x */ 131 "expected ERROR_INVALID_DATA, got %d (0x%08x)\n", GetLastError(), 132 GetLastError()); 133 /* Nor can any of these "signed" CTLs whose inner content OID isn't 134 * szOID_CTL. 135 */ 136 SetLastError(0xdeadbeef); 137 ctl = CertCreateCTLContext(X509_ASN_ENCODING, signedCTL, sizeof(signedCTL)); 138 ok(!ctl && 139 (GetLastError() == ERROR_INVALID_DATA || 140 GetLastError() == CRYPT_E_UNEXPECTED_MSG_TYPE /* win9x */ || 141 GetLastError() == ERROR_SUCCESS /* some win98 */), 142 "expected ERROR_INVALID_DATA, CRYPT_E_UNEXPECTED_MSG_TYPE, or ERROR_SUCCESS, got %d (0x%08x)\n", GetLastError(), 143 GetLastError()); 144 SetLastError(0xdeadbeef); 145 ctl = CertCreateCTLContext(X509_ASN_ENCODING, ctlWithOneEntry, 146 sizeof(ctlWithOneEntry)); 147 ok(!ctl && 148 (GetLastError() == ERROR_INVALID_DATA || 149 GetLastError() == CRYPT_E_UNEXPECTED_MSG_TYPE /* win9x */ || 150 GetLastError() == OSS_DATA_ERROR /* some win98 */ || 151 GetLastError() == ERROR_SUCCESS /* some win98 */), 152 "expected ERROR_INVALID_DATA, CRYPT_E_UNEXPECTED_MSG_TYPE, OSS_DATA_ERROR, or ERROR_SUCCESS, got %d (0x%08x)\n", GetLastError(), 153 GetLastError()); 154 SetLastError(0xdeadbeef); 155 ctl = CertCreateCTLContext(X509_ASN_ENCODING, 156 signedCTLWithSubjectAlgorithm, sizeof(signedCTLWithSubjectAlgorithm)); 157 ok(!ctl && 158 (GetLastError() == ERROR_INVALID_DATA || 159 GetLastError() == CRYPT_E_UNEXPECTED_MSG_TYPE /* win9x */ || 160 GetLastError() == ERROR_SUCCESS /* some win98 */), 161 "expected ERROR_INVALID_DATA, got %d (0x%08x)\n", GetLastError(), 162 GetLastError()); 163 /* This signed CTL with the appropriate inner content type can be decoded. 164 */ 165 ctl = CertCreateCTLContext(X509_ASN_ENCODING, 166 signedCTLWithCTLInnerContent, sizeof(signedCTLWithCTLInnerContent)); 167 ok(ctl != NULL, "CertCreateCTLContext failed: %08x\n", GetLastError()); 168 if (ctl) 169 { 170 /* Even though the CTL was decoded with X509_ASN_ENCODING, the 171 * message encoding type is included in the CTL's encoding type. 172 */ 173 ok(ctl->dwMsgAndCertEncodingType == 174 (X509_ASN_ENCODING | PKCS_7_ASN_ENCODING), 175 "expected X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, got %08x\n", 176 ctl->dwMsgAndCertEncodingType); 177 CertFreeCTLContext(ctl); 178 } 179 /* This CTL with a bad signature can also be decoded, so the sig isn't 180 * checked when loading the CTL. 181 */ 182 ctl = CertCreateCTLContext(X509_ASN_ENCODING, 183 signedCTLWithCTLInnerContentAndBadSig, 184 sizeof(signedCTLWithCTLInnerContentAndBadSig)); 185 ok(ctl != NULL, "CertCreateCTLContext failed: %08x\n", GetLastError()); 186 if (ctl) 187 CertFreeCTLContext(ctl); 188 } 189 190 static void testDupCTL(void) 191 { 192 PCCTL_CONTEXT context, dupContext; 193 BOOL res; 194 195 context = CertDuplicateCTLContext(NULL); 196 ok(context == NULL, "expected NULL\n"); 197 context = CertCreateCTLContext(X509_ASN_ENCODING, 198 signedCTLWithCTLInnerContent, sizeof(signedCTLWithCTLInnerContent)); 199 dupContext = CertDuplicateCTLContext(context); 200 ok(dupContext != NULL, "expected a context\n"); 201 ok(dupContext == context, "expected identical context addresses\n"); 202 203 res = CertFreeCTLContext(dupContext); 204 ok(res, "CertFreeCTLContext failed\n"); 205 206 res = CertFreeCTLContext(context); 207 ok(res, "CertFreeCTLContext failed\n"); 208 209 res = CertFreeCTLContext(NULL); 210 ok(res, "CertFreeCTLContext failed\n"); 211 } 212 213 static void checkHash(const BYTE *data, DWORD dataLen, ALG_ID algID, 214 PCCTL_CONTEXT context, DWORD propID) 215 { 216 BYTE hash[20] = { 0 }, hashProperty[20]; 217 BOOL ret; 218 DWORD size; 219 220 memset(hash, 0, sizeof(hash)); 221 memset(hashProperty, 0, sizeof(hashProperty)); 222 size = sizeof(hash); 223 ret = CryptHashCertificate(0, algID, 0, data, dataLen, hash, &size); 224 ok(ret, "CryptHashCertificate failed: %08x\n", GetLastError()); 225 ret = CertGetCTLContextProperty(context, propID, hashProperty, &size); 226 ok(ret, "CertGetCTLContextProperty failed: %08x\n", GetLastError()); 227 if (ret) 228 ok(!memcmp(hash, hashProperty, size), 229 "Unexpected hash for property %d\n", propID); 230 } 231 232 static void testCTLProperties(void) 233 { 234 PCCTL_CONTEXT ctl; 235 BOOL ret; 236 DWORD propID, numProps, access, size; 237 238 ctl = CertCreateCTLContext(X509_ASN_ENCODING, 239 signedCTLWithCTLInnerContent, sizeof(signedCTLWithCTLInnerContent)); 240 if (!ctl) 241 { 242 skip("CertCreateCTLContext failed: %08x\n", GetLastError()); 243 return; 244 } 245 246 /* No properties as yet */ 247 propID = 0; 248 numProps = 0; 249 do { 250 propID = CertEnumCTLContextProperties(ctl, propID); 251 if (propID) 252 numProps++; 253 } while (propID != 0); 254 ok(numProps == 0, "Expected 0 properties, got %d\n", numProps); 255 256 /* An implicit property */ 257 ret = CertGetCTLContextProperty(ctl, CERT_ACCESS_STATE_PROP_ID, NULL, 258 &size); 259 ok(ret || broken(GetLastError() == CRYPT_E_NOT_FOUND /* some win98 */), 260 "CertGetCTLContextProperty failed: %08x\n", GetLastError()); 261 ret = CertGetCTLContextProperty(ctl, CERT_ACCESS_STATE_PROP_ID, &access, 262 &size); 263 ok(ret || broken(GetLastError() == CRYPT_E_NOT_FOUND /* some win98 */), 264 "CertGetCTLContextProperty failed: %08x\n", GetLastError()); 265 if (ret) 266 ok(!(access & CERT_ACCESS_STATE_WRITE_PERSIST_FLAG), 267 "Didn't expect a persisted cert\n"); 268 269 checkHash(signedCTLWithCTLInnerContent, 270 sizeof(signedCTLWithCTLInnerContent), CALG_SHA1, ctl, CERT_HASH_PROP_ID); 271 272 /* Now that the hash property is set, we should get one property when 273 * enumerating. 274 */ 275 propID = 0; 276 numProps = 0; 277 do { 278 propID = CertEnumCTLContextProperties(ctl, propID); 279 if (propID) 280 numProps++; 281 } while (propID != 0); 282 ok(numProps == 1, "Expected 1 properties, got %d\n", numProps); 283 284 checkHash(signedCTLWithCTLInnerContent, 285 sizeof(signedCTLWithCTLInnerContent), CALG_MD5, ctl, 286 CERT_MD5_HASH_PROP_ID); 287 288 CertFreeCTLContext(ctl); 289 } 290 291 static const BYTE signedCTLWithUsage[] = { 292 0x30,0x82,0x01,0x0f,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x02, 293 0xa0,0x82,0x01,0x00,0x30,0x81,0xfd,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06, 294 0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x30,0x06,0x09, 295 0x2b,0x06,0x01,0x04,0x01,0x82,0x37,0x0a,0x01,0xa0,0x23,0x30,0x21,0x30,0x0a, 296 0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x18,0x0f,0x31,0x36,0x30, 297 0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x02,0x06, 298 0x00,0x31,0x81,0xb5,0x30,0x81,0xb2,0x02,0x01,0x01,0x30,0x1a,0x30,0x15,0x31, 299 0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20, 300 0x4c,0x61,0x6e,0x67,0x00,0x02,0x01,0x01,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48, 301 0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0xa0,0x3b,0x30,0x18,0x06,0x09,0x2a,0x86, 302 0x48,0x86,0xf7,0x0d,0x01,0x09,0x03,0x31,0x0b,0x06,0x09,0x2b,0x06,0x01,0x04, 303 0x01,0x82,0x37,0x0a,0x01,0x30,0x1f,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d, 304 0x01,0x09,0x04,0x31,0x12,0x04,0x10,0xc4,0x3e,0x7e,0xc8,0xf9,0x85,0xf3,0x27, 305 0x7d,0xc0,0x38,0xb2,0x7f,0xc7,0x76,0x85,0x30,0x04,0x06,0x00,0x05,0x00,0x04, 306 0x40,0x90,0x33,0x1b,0xb4,0x88,0x35,0xe6,0xf7,0x7f,0x93,0x05,0xc9,0x1a,0x0e, 307 0x8f,0x21,0xc0,0xaa,0xb3,0xab,0x3e,0x4a,0xa6,0x63,0x74,0xfd,0xef,0x11,0xbd, 308 0x67,0x3a,0x1b,0x07,0x4b,0x88,0x59,0x31,0xd5,0x08,0xf9,0x09,0x2f,0x0b,0x85, 309 0x62,0x5a,0x67,0x3b,0x62,0x7e,0x81,0x31,0xea,0xa4,0x36,0x5f,0x9a,0x92,0xb6, 310 0x66,0xa5,0x00,0x60,0x96 }; 311 static const BYTE signedCTLWithListID1[] = { 312 0x30,0x82,0x01,0x07,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x02, 313 0xa0,0x81,0xf9,0x30,0x81,0xf6,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,0x08, 314 0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x29,0x06,0x09,0x2b, 315 0x06,0x01,0x04,0x01,0x82,0x37,0x0a,0x01,0xa0,0x1c,0x30,0x1a,0x30,0x00,0x04, 316 0x01,0x01,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30, 317 0x30,0x30,0x30,0x5a,0x30,0x02,0x06,0x00,0x31,0x81,0xb5,0x30,0x81,0xb2,0x02, 318 0x01,0x01,0x30,0x1a,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03, 319 0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x02,0x01,0x01, 320 0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0xa0, 321 0x3b,0x30,0x18,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x09,0x03,0x31, 322 0x0b,0x06,0x09,0x2b,0x06,0x01,0x04,0x01,0x82,0x37,0x0a,0x01,0x30,0x1f,0x06, 323 0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x09,0x04,0x31,0x12,0x04,0x10,0xbc, 324 0x13,0xde,0x17,0xc7,0x7c,0x67,0x5b,0xf9,0xa9,0x7c,0xb0,0xd9,0xf2,0x84,0xd5, 325 0x30,0x04,0x06,0x00,0x05,0x00,0x04,0x40,0xff,0xff,0xff,0xff,0xff,0xff,0xff, 326 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff, 327 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff, 328 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff, 329 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff }; 330 static const BYTE signedCTLWithListID2[] = { 331 0x30,0x82,0x01,0x07,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x07,0x02, 332 0xa0,0x81,0xf9,0x30,0x81,0xf6,0x02,0x01,0x01,0x31,0x0e,0x30,0x0c,0x06,0x08, 333 0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0x30,0x29,0x06,0x09,0x2b, 334 0x06,0x01,0x04,0x01,0x82,0x37,0x0a,0x01,0xa0,0x1c,0x30,0x1a,0x30,0x00,0x04, 335 0x01,0x02,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30, 336 0x30,0x30,0x30,0x5a,0x30,0x02,0x06,0x00,0x31,0x81,0xb5,0x30,0x81,0xb2,0x02, 337 0x01,0x01,0x30,0x1a,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03, 338 0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x02,0x01,0x01, 339 0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,0xa0, 340 0x3b,0x30,0x18,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x09,0x03,0x31, 341 0x0b,0x06,0x09,0x2b,0x06,0x01,0x04,0x01,0x82,0x37,0x0a,0x01,0x30,0x1f,0x06, 342 0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x09,0x04,0x31,0x12,0x04,0x10,0x60, 343 0x6b,0x10,0xb6,0xb8,0x74,0xb8,0xf3,0x79,0xd5,0x42,0x15,0x4a,0x60,0x93,0x1f, 344 0x30,0x04,0x06,0x00,0x05,0x00,0x04,0x40,0xff,0xff,0xff,0xff,0xff,0xff,0xff, 345 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff, 346 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff, 347 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff, 348 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff }; 349 350 static void testAddCTLToStore(void) 351 { 352 HCERTSTORE store; 353 BOOL ret; 354 DWORD numCTLs, expectedCTLs; 355 PCCTL_CONTEXT ctl; 356 357 store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0, 358 CERT_STORE_CREATE_NEW_FLAG, NULL); 359 /* Add two CTLs */ 360 ret = CertAddEncodedCTLToStore(store, X509_ASN_ENCODING, 361 signedCTLWithCTLInnerContent, sizeof(signedCTLWithCTLInnerContent), 362 CERT_STORE_ADD_ALWAYS, NULL); 363 ok(ret, "CertAddEncodedCTLToStore failed: %08x\n", GetLastError()); 364 ret = CertAddEncodedCTLToStore(store, X509_ASN_ENCODING, 365 signedCTLWithCTLInnerContentAndBadSig, 366 sizeof(signedCTLWithCTLInnerContentAndBadSig), CERT_STORE_ADD_ALWAYS, 367 NULL); 368 ok(ret, "CertAddEncodedCTLToStore failed: %08x\n", GetLastError()); 369 /* Check that two exist */ 370 numCTLs = 0; 371 ctl = NULL; 372 do { 373 ctl = CertEnumCTLsInStore(store, ctl); 374 if (ctl) 375 numCTLs++; 376 } while (ctl); 377 ok(numCTLs == 2, "expected 2 CTLs, got %d\n", numCTLs); 378 CertCloseStore(store, 0); 379 380 store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0, 381 CERT_STORE_CREATE_NEW_FLAG, NULL); 382 /* Add the two CTLs again. They're identical except for the signature.. */ 383 ret = CertAddEncodedCTLToStore(store, X509_ASN_ENCODING, 384 signedCTLWithCTLInnerContent, sizeof(signedCTLWithCTLInnerContent), 385 CERT_STORE_ADD_NEW, NULL); 386 ok(ret, "CertAddEncodedCTLToStore failed: %08x\n", GetLastError()); 387 /* so adding the second CTL fails. */ 388 SetLastError(0xdeadbeef); 389 ret = CertAddEncodedCTLToStore(store, X509_ASN_ENCODING, 390 signedCTLWithCTLInnerContentAndBadSig, 391 sizeof(signedCTLWithCTLInnerContentAndBadSig), CERT_STORE_ADD_NEW, 392 NULL); 393 ok(!ret && (GetLastError() == CRYPT_E_EXISTS || GetLastError() == OSS_DATA_ERROR), 394 "expected CRYPT_E_EXISTS or OSS_DATA_ERROR, got %d %08x\n", ret, GetLastError()); 395 CertCloseStore(store, 0); 396 397 store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0, 398 CERT_STORE_CREATE_NEW_FLAG, NULL); 399 /* Add two CTLs. These two have different usages, so they're considered 400 * different. 401 */ 402 ret = CertAddEncodedCTLToStore(store, X509_ASN_ENCODING, 403 signedCTLWithCTLInnerContent, sizeof(signedCTLWithCTLInnerContent), 404 CERT_STORE_ADD_NEW, NULL); 405 ok(ret, "CertAddEncodedCTLToStore failed: %08x\n", GetLastError()); 406 expectedCTLs = 1; 407 ret = CertAddEncodedCTLToStore(store, X509_ASN_ENCODING, 408 signedCTLWithUsage, sizeof(signedCTLWithUsage), CERT_STORE_ADD_NEW, 409 NULL); 410 ok(ret || broken(GetLastError() == OSS_DATA_ERROR /* some win98 */), 411 "CertAddEncodedCTLToStore failed: %08x\n", GetLastError()); 412 if (ret) 413 expectedCTLs++; 414 /* Check that two exist */ 415 numCTLs = 0; 416 ctl = NULL; 417 do { 418 ctl = CertEnumCTLsInStore(store, ctl); 419 if (ctl) 420 numCTLs++; 421 } while (ctl); 422 ok(numCTLs == expectedCTLs, "expected %d CTLs, got %d\n", expectedCTLs, 423 numCTLs); 424 CertCloseStore(store, 0); 425 426 store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0, 427 CERT_STORE_CREATE_NEW_FLAG, NULL); 428 /* Add two CTLs. Now they have the same (empty) usages and different list 429 * IDs, so they're different. 430 */ 431 ret = CertAddEncodedCTLToStore(store, X509_ASN_ENCODING, 432 signedCTLWithListID1, sizeof(signedCTLWithListID1), CERT_STORE_ADD_NEW, 433 NULL); 434 if (!ret) 435 { 436 skip("adding a CTL with an empty usage not supported\n"); 437 return; 438 } 439 ok(ret, "CertAddEncodedCTLToStore failed: %08x\n", GetLastError()); 440 ret = CertAddEncodedCTLToStore(store, X509_ASN_ENCODING, 441 signedCTLWithListID2, sizeof(signedCTLWithListID2), CERT_STORE_ADD_NEW, 442 NULL); 443 ok(ret, "CertAddEncodedCTLToStore failed: %08x\n", GetLastError()); 444 /* Check that two exist */ 445 numCTLs = 0; 446 ctl = NULL; 447 do { 448 ctl = CertEnumCTLsInStore(store, ctl); 449 if (ctl) 450 numCTLs++; 451 } while (ctl); 452 ok(numCTLs == 2, "expected 2 CTLs, got %d\n", numCTLs); 453 CertCloseStore(store, 0); 454 } 455 456 START_TEST(ctl) 457 { 458 testCreateCTL(); 459 testDupCTL(); 460 testCTLProperties(); 461 testAddCTLToStore(); 462 } 463