ReactOS 0.4.15-dev-7788-g1ad9096
cert.c
Go to the documentation of this file.
1/*
2 * crypt32 cert functions tests
3 *
4 * Copyright 2005-2006 Juan Lang
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
19 */
20
21#include <stdio.h>
22#include <stdarg.h>
23
24#include <windef.h>
25#include <winbase.h>
26#include <winreg.h>
27#include <winerror.h>
28#include <wincrypt.h>
29
30#include "wine/test.h"
31
33static BOOL (WINAPI *pCertGetValidUsages)(DWORD,PCCERT_CONTEXT*,int*,LPSTR*,DWORD*);
34static BOOL (WINAPI *pCryptAcquireCertificatePrivateKey)(PCCERT_CONTEXT,DWORD,void*,HCRYPTPROV_OR_NCRYPT_KEY_HANDLE*,DWORD*,BOOL*);
35static BOOL (WINAPI *pCryptEncodeObjectEx)(DWORD,LPCSTR,const void*,DWORD,PCRYPT_ENCODE_PARA,void*,DWORD*);
36static BOOL (WINAPI * pCryptVerifyCertificateSignatureEx)
37 (HCRYPTPROV, DWORD, DWORD, void *, DWORD, void *, DWORD, void *);
38
39static BOOL (WINAPI * pCryptAcquireContextA)
41
42static void init_function_pointers(void)
43{
44 HMODULE hCrypt32 = GetModuleHandleA("crypt32.dll");
45 HMODULE hAdvapi32 = GetModuleHandleA("advapi32.dll");
46
47#define GET_PROC(dll, func) \
48 p ## func = (void *)GetProcAddress(dll, #func); \
49 if(!p ## func) \
50 trace("GetProcAddress(%s) failed\n", #func);
51
57
59
60#undef GET_PROC
61}
62
63static BYTE subjectName[] = { 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06,
64 0x03, 0x55, 0x04, 0x03, 0x13, 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61,
65 0x6e, 0x67, 0x00 };
66static BYTE serialNum[] = { 1 };
67static const BYTE bigCert[] = { 0x30, 0x7a, 0x02, 0x01, 0x01, 0x30, 0x02, 0x06,
68 0x00, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13,
69 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x22,
70 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30,
71 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30,
72 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x15, 0x31, 0x13, 0x30,
73 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20,
74 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x07, 0x30, 0x02, 0x06, 0x00, 0x03, 0x01,
75 0x00, 0xa3, 0x16, 0x30, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01,
76 0x01, 0xff, 0x04, 0x08, 0x30, 0x06, 0x01, 0x01, 0xff, 0x02, 0x01, 0x01 };
77static BYTE bigCertHash[] = { 0x6e, 0x30, 0x90, 0x71, 0x5f, 0xd9, 0x23,
78 0x56, 0xeb, 0xae, 0x25, 0x40, 0xe6, 0x22, 0xda, 0x19, 0x26, 0x02, 0xa6, 0x08 };
79
80static const BYTE bigCertWithDifferentSubject[] = { 0x30, 0x7a, 0x02, 0x01, 0x02,
81 0x30, 0x02, 0x06, 0x00, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55,
82 0x04, 0x03, 0x13, 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e, 0x67,
83 0x00, 0x30, 0x22, 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 0x31,
84 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31,
85 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x15,
86 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0a, 0x41, 0x6c,
87 0x65, 0x78, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x07, 0x30, 0x02, 0x06,
88 0x00, 0x03, 0x01, 0x00, 0xa3, 0x16, 0x30, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55,
89 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x08, 0x30, 0x06, 0x01, 0x01, 0xff, 0x02,
90 0x01, 0x01 };
91static const BYTE bigCertWithDifferentIssuer[] = { 0x30, 0x7a, 0x02, 0x01,
92 0x01, 0x30, 0x02, 0x06, 0x00, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03,
93 0x55, 0x04, 0x03, 0x13, 0x0a, 0x41, 0x6c, 0x65, 0x78, 0x20, 0x4c, 0x61, 0x6e,
94 0x67, 0x00, 0x30, 0x22, 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30,
95 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x31, 0x36, 0x30,
96 0x31, 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30,
97 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0a, 0x4a,
98 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x07, 0x30, 0x02,
99 0x06, 0x00, 0x03, 0x01, 0x00, 0xa3, 0x16, 0x30, 0x14, 0x30, 0x12, 0x06, 0x03,
100 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x08, 0x30, 0x06, 0x01, 0x01, 0xff,
101 0x02, 0x01, 0x01 };
102
103static BYTE subjectName2[] = { 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06,
104 0x03, 0x55, 0x04, 0x03, 0x13, 0x0a, 0x41, 0x6c, 0x65, 0x78, 0x20, 0x4c, 0x61,
105 0x6e, 0x67, 0x00 };
106static const BYTE bigCert2[] = { 0x30, 0x7a, 0x02, 0x01, 0x01, 0x30, 0x02, 0x06,
107 0x00, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13,
108 0x0a, 0x41, 0x6c, 0x65, 0x78, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x22,
109 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30,
110 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30,
111 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x15, 0x31, 0x13, 0x30,
112 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0a, 0x41, 0x6c, 0x65, 0x78, 0x20,
113 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x07, 0x30, 0x02, 0x06, 0x00, 0x03, 0x01,
114 0x00, 0xa3, 0x16, 0x30, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01,
115 0x01, 0xff, 0x04, 0x08, 0x30, 0x06, 0x01, 0x01, 0xff, 0x02, 0x01, 0x01 };
116static const BYTE bigCert2WithDifferentSerial[] = { 0x30, 0x7a, 0x02, 0x01,
117 0x02, 0x30, 0x02, 0x06, 0x00, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03,
118 0x55, 0x04, 0x03, 0x13, 0x0a, 0x41, 0x6c, 0x65, 0x78, 0x20, 0x4c, 0x61, 0x6e,
119 0x67, 0x00, 0x30, 0x22, 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30,
120 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x31, 0x36, 0x30,
121 0x31, 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30,
122 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0a, 0x41,
123 0x6c, 0x65, 0x78, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x07, 0x30, 0x02,
124 0x06, 0x00, 0x03, 0x01, 0x00, 0xa3, 0x16, 0x30, 0x14, 0x30, 0x12, 0x06, 0x03,
125 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x08, 0x30, 0x06, 0x01, 0x01, 0xff,
126 0x02, 0x01, 0x01 };
127static BYTE bigCert2Hash[] = { 0x4a, 0x7f, 0x32, 0x1f, 0xcf, 0x3b, 0xc0,
128 0x87, 0x48, 0x2b, 0xa1, 0x86, 0x54, 0x18, 0xe4, 0x3a, 0x0e, 0x53, 0x7e, 0x2b };
129
130static const BYTE certWithUsage[] = { 0x30, 0x81, 0x93, 0x02, 0x01, 0x01, 0x30,
131 0x02, 0x06, 0x00, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04,
132 0x03, 0x13, 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00,
133 0x30, 0x22, 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 0x31, 0x30,
134 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30,
135 0x31, 0x30, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x15, 0x31,
136 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0a, 0x4a, 0x75, 0x61,
137 0x6e, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x07, 0x30, 0x02, 0x06, 0x00,
138 0x03, 0x01, 0x00, 0xa3, 0x2f, 0x30, 0x2d, 0x30, 0x2b, 0x06, 0x03, 0x55, 0x1d,
139 0x25, 0x01, 0x01, 0xff, 0x04, 0x21, 0x30, 0x1f, 0x06, 0x08, 0x2b, 0x06, 0x01,
140 0x05, 0x05, 0x07, 0x03, 0x03, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07,
141 0x03, 0x02, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01 };
142
143static void testAddCert(void)
144{
145 HCERTSTORE store;
148 PCCERT_CONTEXT copyContext;
149 BOOL ret;
150
153 ok(store != NULL, "CertOpenStore failed: %d\n", GetLastError());
154 if (!store)
155 return;
156
157 /* Weird--bad add disposition leads to an access violation in Windows.
158 * Both tests crash on some win9x boxes.
159 */
160 if (0)
161 {
163 sizeof(bigCert), 0, NULL);
166 "Expected STATUS_ACCESS_VIOLATION or E_INVALIDARG, got %08x\n",
167 GetLastError());
169 bigCert, sizeof(bigCert), 0, NULL);
172 "Expected STATUS_ACCESS_VIOLATION or E_INVALIDARG, got %08x\n",
173 GetLastError());
174 }
175
176 /* Weird--can add a cert to the NULL store (does this have special
177 * meaning?)
178 */
179 context = NULL;
182 ok(ret || broken(GetLastError() == OSS_DATA_ERROR /* win98 */),
183 "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
184 if (context)
186 if (!ret && GetLastError() == OSS_DATA_ERROR)
187 {
188 skip("bigCert can't be decoded, skipping tests\n");
189 return;
190 }
191
194 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n",
195 GetLastError());
198 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n",
199 GetLastError());
200 /* This has the same name as bigCert, so finding isn't done by name */
203 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n",
204 GetLastError());
205 ok(context != NULL, "Expected a context\n");
206 if (context)
207 {
209
210 /* Duplicate (AddRef) the context so we can still use it after
211 * deleting it from the store.
212 */
215 /* Set the same hash as bigCert2, and try to readd it */
217 0, &hash);
218 ok(ret, "CertSetCertificateContextProperty failed: %08x\n",
219 GetLastError());
222 /* The failure is a bit odd (CRYPT_E_ASN1_BADTAG), so just check
223 * that it fails.
224 */
225 ok(!ret, "Expected failure\n");
227 }
229 sizeof(bigCert2));
230 ok(context != NULL, "Expected a context\n");
231 if (context)
232 {
233 /* Try to readd bigCert2 to the store */
237 "Expected CRYPT_E_EXISTS, got %08x\n", GetLastError());
239 }
240
241 /* Adding a cert with the same issuer name and serial number (but
242 * different subject) as an existing cert succeeds.
243 */
244 context = NULL;
248 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n",
249 GetLastError());
250 if (context)
252
253 /* Adding a cert with the same subject name and serial number (but
254 * different issuer) as an existing cert succeeds.
255 */
256 context = NULL;
260 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n",
261 GetLastError());
262 if (context)
264
265 /* Adding a cert with the same issuer name and serial number (but
266 * different otherwise) as an existing cert succeeds.
267 */
268 context = NULL;
272 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n",
273 GetLastError());
274 if (context)
276
279 ok(collection != NULL, "CertOpenStore failed: %08x\n", GetLastError());
280 if (collection)
281 {
282 /* Add store to the collection, but disable updates */
284
286 sizeof(bigCert2));
287 ok(context != NULL, "Expected a context\n");
288 if (context)
289 {
290 /* Try to readd bigCert2 to the collection */
294 "Expected CRYPT_E_EXISTS, got %08x\n", GetLastError());
295 /* Replacing an existing certificate context is allowed, even
296 * though updates to the collection aren't..
297 */
300 ok(ret, "CertAddCertificateContextToStore failed: %08x\n",
301 GetLastError());
302 /* use the existing certificate and ask for a copy of the context*/
303 copyContext = NULL;
305 CERT_STORE_ADD_USE_EXISTING, &copyContext);
306 ok(ret, "CertAddCertificateContextToStore failed: %08x\n",
307 GetLastError());
308 ok(copyContext != NULL, "Expected on output a non NULL copyContext\n");
309 if (copyContext)
310 CertFreeCertificateContext(copyContext);
311 /* but adding a new certificate isn't allowed. */
315 "Expected E_ACCESSDENIED, got %08x\n", GetLastError());
317 }
318
320 }
321
322 CertCloseStore(store, 0);
323}
324
325static void checkHash(const BYTE *data, DWORD dataLen, ALG_ID algID,
327{
328 BYTE hash[20] = { 0 }, hashProperty[20];
329 BOOL ret;
330 DWORD size;
331 DWORD dwSizeWithNull;
332
333 memset(hash, 0, sizeof(hash));
334 memset(hashProperty, 0, sizeof(hashProperty));
335 size = sizeof(hash);
336 ret = CryptHashCertificate(0, algID, 0, data, dataLen, hash, &size);
337 ok(ret, "CryptHashCertificate failed: %08x\n", GetLastError());
339 &dwSizeWithNull);
340 ok(ret, "algID %08x, propID %d: CertGetCertificateContextProperty failed: %08x\n",
341 algID, propID, GetLastError());
342 ret = CertGetCertificateContextProperty(context, propID, hashProperty,
343 &size);
344 ok(ret, "CertGetCertificateContextProperty failed: %08x\n",
345 GetLastError());
346 ok(!memcmp(hash, hashProperty, size), "Unexpected hash for property %d\n",
347 propID);
348 ok(size == dwSizeWithNull, "Unexpected length of hash for property: received %d instead of %d\n",
349 dwSizeWithNull,size);
350}
351
352static const CHAR cspNameA[] = "WineCryptTemp";
353static WCHAR cspNameW[] = { 'W','i','n','e','C','r','y','p','t','T','e','m','p',0 };
354static const BYTE v1CertWithPubKey[] = {
3550x30,0x81,0x95,0x02,0x01,0x01,0x30,0x02,0x06,0x00,0x30,0x15,0x31,0x13,0x30,
3560x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,
3570x6e,0x67,0x00,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,
3580x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,
3590x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x15,0x31,0x13,0x30,0x11,
3600x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,
3610x67,0x00,0x30,0x22,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,
3620x01,0x01,0x05,0x00,0x03,0x11,0x00,0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
3630x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,0xa3,0x16,0x30,0x14,0x30,0x12,0x06,
3640x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,0x08,0x30,0x06,0x01,0x01,0xff,0x02,
3650x01,0x01 };
366static const BYTE v1CertWithSubjectKeyId[] = {
3670x30,0x7b,0x02,0x01,0x01,0x30,0x02,0x06,0x00,0x30,0x15,0x31,0x13,0x30,0x11,
3680x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,
3690x67,0x00,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,
3700x30,0x30,0x30,0x30,0x30,0x5a,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,
3710x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x15,0x31,0x13,0x30,0x11,0x06,
3720x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,
3730x00,0x30,0x07,0x30,0x02,0x06,0x00,0x03,0x01,0x00,0xa3,0x17,0x30,0x15,0x30,
3740x13,0x06,0x03,0x55,0x1d,0x0e,0x04,0x0c,0x04,0x0a,0x4a,0x75,0x61,0x6e,0x20,
3750x4c,0x61,0x6e,0x67,0x00 };
376static const BYTE subjectKeyId[] = {
3770x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00 };
378static const BYTE selfSignedCert[] = {
379 0x30, 0x82, 0x01, 0x1f, 0x30, 0x81, 0xce, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02,
380 0x10, 0xeb, 0x0d, 0x57, 0x2a, 0x9c, 0x09, 0xba, 0xa4, 0x4a, 0xb7, 0x25, 0x49,
381 0xd9, 0x3e, 0xb5, 0x73, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1d,
382 0x05, 0x00, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03,
383 0x13, 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30,
384 0x1e, 0x17, 0x0d, 0x30, 0x36, 0x30, 0x36, 0x32, 0x39, 0x30, 0x35, 0x30, 0x30,
385 0x34, 0x36, 0x5a, 0x17, 0x0d, 0x30, 0x37, 0x30, 0x36, 0x32, 0x39, 0x31, 0x31,
386 0x30, 0x30, 0x34, 0x36, 0x5a, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03,
387 0x55, 0x04, 0x03, 0x13, 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e,
388 0x67, 0x00, 0x30, 0x5c, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
389 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x4b, 0x00, 0x30, 0x48, 0x02, 0x41,
390 0x00, 0xe2, 0x54, 0x3a, 0xa7, 0x83, 0xb1, 0x27, 0x14, 0x3e, 0x59, 0xbb, 0xb4,
391 0x53, 0xe6, 0x1f, 0xe7, 0x5d, 0xf1, 0x21, 0x68, 0xad, 0x85, 0x53, 0xdb, 0x6b,
392 0x1e, 0xeb, 0x65, 0x97, 0x03, 0x86, 0x60, 0xde, 0xf3, 0x6c, 0x38, 0x75, 0xe0,
393 0x4c, 0x61, 0xbb, 0xbc, 0x62, 0x17, 0xa9, 0xcd, 0x79, 0x3f, 0x21, 0x4e, 0x96,
394 0xcb, 0x0e, 0xdc, 0x61, 0x94, 0x30, 0x18, 0x10, 0x6b, 0xd0, 0x1c, 0x10, 0x79,
395 0x02, 0x03, 0x01, 0x00, 0x01, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02,
396 0x1d, 0x05, 0x00, 0x03, 0x41, 0x00, 0x25, 0x90, 0x53, 0x34, 0xd9, 0x56, 0x41,
397 0x5e, 0xdb, 0x7e, 0x01, 0x36, 0xec, 0x27, 0x61, 0x5e, 0xb7, 0x4d, 0x90, 0x66,
398 0xa2, 0xe1, 0x9d, 0x58, 0x76, 0xd4, 0x9c, 0xba, 0x2c, 0x84, 0xc6, 0x83, 0x7a,
399 0x22, 0x0d, 0x03, 0x69, 0x32, 0x1a, 0x6d, 0xcb, 0x0c, 0x15, 0xb3, 0x6b, 0xc7,
400 0x0a, 0x8c, 0xb4, 0x5c, 0x34, 0x78, 0xe0, 0x3c, 0x9c, 0xe9, 0xf3, 0x30, 0x9f,
401 0xa8, 0x76, 0x57, 0x92, 0x36 };
402static const BYTE selfSignedSignatureHash[] = { 0x07,0x5a,0x3e,0xfd,0x0d,0xf6,
403 0x88,0xeb,0x00,0x64,0xbd,0xc9,0xd6,0xea,0x0a,0x7c,0xcc,0x24,0xdb,0x5d };
404
405static void testCertProperties(void)
406{
408 bigCert, sizeof(bigCert));
409 DWORD propID, numProps, access, size;
410 BOOL ret;
411 BYTE hash[20] = { 0 }, hashProperty[20];
413 CERT_KEY_CONTEXT keyContext;
414
415 ok(context != NULL || broken(GetLastError() == OSS_DATA_ERROR /* win98 */),
416 "CertCreateCertificateContext failed: %08x\n", GetLastError());
417 if (!context)
418 return;
419
420 /* This crashes
421 propID = CertEnumCertificateContextProperties(NULL, 0);
422 */
423
424 propID = 0;
425 numProps = 0;
426 do {
428 if (propID)
429 numProps++;
430 } while (propID != 0);
431 ok(numProps == 0, "Expected 0 properties, got %d\n", numProps);
432
433 /* Tests with a NULL cert context. Prop ID 0 fails.. */
436 "Expected E_INVALIDARG, got %08x\n", GetLastError());
437 /* while this just crashes.
438 ret = CertSetCertificateContextProperty(NULL,
439 CERT_KEY_PROV_HANDLE_PROP_ID, 0, NULL);
440 */
441
444 "Expected E_INVALIDARG, got %08x\n", GetLastError());
445 /* Can't set the cert property directly, this crashes.
446 ret = CertSetCertificateContextProperty(context,
447 CERT_CERT_PROP_ID, 0, bigCert2);
448 */
449
450 /* These all crash.
451 ret = CertGetCertificateContextProperty(context,
452 CERT_ACCESS_STATE_PROP_ID, 0, NULL);
453 ret = CertGetCertificateContextProperty(context, CERT_HASH_PROP_ID,
454 NULL, NULL);
455 ret = CertGetCertificateContextProperty(context, CERT_HASH_PROP_ID,
456 hashProperty, NULL);
457 */
458 /* A missing prop */
459 size = 0;
463 "Expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
464 /* And, an implicit property */
465 size = sizeof(access);
468 ok(ret, "CertGetCertificateContextProperty failed: %08x\n",
469 GetLastError());
471 "Didn't expect a persisted cert\n");
472 /* Trying to set this "read only" property crashes.
473 access |= CERT_ACCESS_STATE_WRITE_PERSIST_FLAG;
474 ret = CertSetCertificateContextProperty(context,
475 CERT_ACCESS_STATE_PROP_ID, 0, &access);
476 */
477
478 /* Can I set the hash to an invalid hash? */
479 blob.pbData = hash;
480 blob.cbData = sizeof(hash);
482 &blob);
483 ok(ret, "CertSetCertificateContextProperty failed: %08x\n",
484 GetLastError());
485 size = sizeof(hashProperty);
487 hashProperty, &size);
488 ok(ret, "CertGetCertificateContextProperty failed: %08x\n",
489 GetLastError());
490 ok(!memcmp(hashProperty, hash, sizeof(hash)), "Unexpected hash\n");
491 /* Delete the (bogus) hash, and get the real one */
493 NULL);
494 ok(ret, "CertSetCertificateContextProperty failed: %08x\n",
495 GetLastError());
498
499 /* Now that the hash property is set, we should get one property when
500 * enumerating.
501 */
502 propID = 0;
503 numProps = 0;
504 do {
506 if (propID)
507 numProps++;
508 } while (propID != 0);
509 ok(numProps == 1, "Expected 1 properties, got %d\n", numProps);
510
511 /* Check a few other implicit properties */
514
515 /* Getting the signature hash fails with this bogus certificate */
516 size = 0;
519 ok(!ret &&
522 GetLastError() == OSS_DATA_ERROR), /* win9x */
523 "Expected CRYPT_E_ASN1_BADTAG, got %08x\n", GetLastError());
524
525 /* Test key contexts and handles and such */
526 size = 0;
528 NULL, &size);
530 "Expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
531 size = sizeof(CERT_KEY_CONTEXT);
533 NULL, &size);
535 "Expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
537 &keyContext, &size);
539 "Expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
540 /* Key context with an invalid size */
541 keyContext.cbSize = 0;
543 0, &keyContext);
545 "Expected E_INVALIDARG, got %08x\n", GetLastError());
546 size = sizeof(keyContext);
548 &keyContext, &size);
550 "Expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
551 keyContext.cbSize = sizeof(keyContext);
552 keyContext.hCryptProv = 0;
553 keyContext.dwKeySpec = AT_SIGNATURE;
555 0, &keyContext);
556 ok(ret, "CertSetCertificateContextProperty failed: %08x\n", GetLastError());
557 /* Now that that's set, the key prov handle property is also gettable.
558 */
559 size = sizeof(keyContext.hCryptProv);
562 ok(ret, "Expected to get the CERT_KEY_PROV_HANDLE_PROP_ID, got %08x\n",
563 GetLastError());
564 /* Remove the key prov handle property.. */
567 ok(ret, "CertSetCertificateContextProperty failed: %08x\n",
568 GetLastError());
569 /* and the key context's CSP is set to NULL. */
570 size = sizeof(keyContext);
572 CERT_KEY_CONTEXT_PROP_ID, &keyContext, &size);
573 ok(ret, "CertGetCertificateContextProperty failed: %08x\n",
574 GetLastError());
575 ok(keyContext.hCryptProv == 0, "Expected no hCryptProv\n");
576
577 /* According to MSDN the subject key id can be stored as a property,
578 * as a subject key extension, or as the SHA1 hash of the public key,
579 * but this cert has none of them:
580 */
584 "Expected ERROR_INVALID_DATA, got %08x\n", GetLastError());
586 /* This cert does have a public key, but its subject key identifier still
587 * isn't available: */
593 "Expected ERROR_INVALID_DATA, got %08x\n", GetLastError());
595 /* This cert with a subject key extension can have its key identifier
596 * property retrieved:
597 */
602 ok(ret, "CertGetCertificateContextProperty failed: %08x\n", GetLastError());
603 if (ret)
604 {
606
607 if (buf)
608 {
611 ok(ret, "CertGetCertificateContextProperty failed: %08x\n",
612 GetLastError());
613 ok(!memcmp(buf, subjectKeyId, size), "Unexpected subject key id\n");
615 }
616 }
618
621 /* Getting the signature hash of a valid (self-signed) cert succeeds */
622 size = 0;
625 ok(ret, "CertGetCertificateContextProperty failed: %08x\n", GetLastError());
626 ok(size == sizeof(selfSignedSignatureHash), "unexpected size %d\n", size);
628 CERT_SIGNATURE_HASH_PROP_ID, hashProperty, &size);
629 if (ret)
630 ok(!memcmp(hashProperty, selfSignedSignatureHash, size),
631 "unexpected value\n");
633}
634
635static void testCreateCert(void)
636{
637 PCCERT_CONTEXT cert, enumCert;
639 BOOL ret;
640
641 SetLastError(0xdeadbeef);
644 "expected E_INVALIDARG, got %08x\n", GetLastError());
645 SetLastError(0xdeadbeef);
647 sizeof(selfSignedCert));
649 "expected E_INVALIDARG, got %08x\n", GetLastError());
650 SetLastError(0xdeadbeef);
652 ok(!cert &&
654 broken(GetLastError() == OSS_MORE_INPUT /* NT4 */)),
655 "expected CRYPT_E_ASN1_EOD, got %08x\n", GetLastError());
656
659 ok(cert != NULL, "creating cert failed: %08x\n", GetLastError());
660 /* Even in-memory certs are expected to have a store associated with them */
661 ok(cert->hCertStore != NULL, "expected created cert to have a store\n");
662 /* The cert doesn't have the archived property set (which would imply it
663 * doesn't show up in enumerations.)
664 */
665 size = 0;
667 NULL, &size);
669 "expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
670 /* Strangely, enumerating the certs in the store finds none. */
671 enumCert = NULL;
672 count = 0;
673 while ((enumCert = CertEnumCertificatesInStore(cert->hCertStore, enumCert)))
674 count++;
675 ok(!count, "expected 0, got %d\n", count);
677}
678
679static void testDupCert(void)
680{
681 PCCERT_CONTEXT context, dupContext, storeContext, storeContext2, context2;
682 HCERTSTORE store, store2;
683 BOOL ret;
684
687 ok(store != NULL, "CertOpenStore failed: %d\n", GetLastError());
688 if (!store)
689 return;
690
693 ok(ret || broken(GetLastError() == OSS_DATA_ERROR /* win98 */),
694 "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
695 if (!ret && GetLastError() == OSS_DATA_ERROR)
696 {
697 skip("bigCert can't be decoded, skipping tests\n");
698 return;
699 }
700 ok(context != NULL, "Expected a valid cert context\n");
701 if (context)
702 {
703 ok(context->cbCertEncoded == sizeof(bigCert),
704 "Wrong cert size %d\n", context->cbCertEncoded);
705 ok(!memcmp(context->pbCertEncoded, bigCert, sizeof(bigCert)),
706 "Unexpected encoded cert in context\n");
707 ok(context->hCertStore == store, "Unexpected store\n");
708
710 ok(dupContext != NULL, "Expected valid duplicate\n");
711 /* Not only is it a duplicate, it's identical: the address is the
712 * same.
713 */
714 ok(dupContext == context, "Expected identical context addresses\n");
715 CertFreeCertificateContext(dupContext);
717 }
718 CertCloseStore(store, 0);
719
721 ok(context != NULL, "CertCreateCertificateContext failed\n");
722
724 ok(dupContext == context, "context != dupContext\n");
725
726 ret = CertFreeCertificateContext(dupContext);
727 ok(ret, "CertFreeCertificateContext failed\n");
728
730 ok(store != NULL, "CertOpenStore failed: %d\n", GetLastError());
731
733 ok(ret, "CertAddCertificateContextToStore failed\n");
734 ok(storeContext != NULL && storeContext != context, "unexpected storeContext\n");
735 ok(storeContext->hCertStore == store, "unexpected hCertStore\n");
736
737 ok(storeContext->pbCertEncoded != context->pbCertEncoded, "unexpected pbCertEncoded\n");
738 ok(storeContext->cbCertEncoded == context->cbCertEncoded, "unexpected cbCertEncoded\n");
739 ok(storeContext->pCertInfo != context->pCertInfo, "unexpected pCertInfo\n");
740
742 ok(store2 != NULL, "CertOpenStore failed: %d\n", GetLastError());
743
744 ret = CertAddCertificateContextToStore(store2, storeContext, CERT_STORE_ADD_NEW, &storeContext2);
745 ok(ret, "CertAddCertificateContextToStore failed\n");
746 ok(storeContext2 != NULL && storeContext2 != storeContext, "unexpected storeContext\n");
747 ok(storeContext2->hCertStore == store2, "unexpected hCertStore\n");
748
749 ok(storeContext2->pbCertEncoded != storeContext->pbCertEncoded, "unexpected pbCertEncoded\n");
750 ok(storeContext2->cbCertEncoded == storeContext->cbCertEncoded, "unexpected cbCertEncoded\n");
751 ok(storeContext2->pCertInfo != storeContext->pCertInfo, "unexpected pCertInfo\n");
752
753 CertFreeCertificateContext(storeContext2);
754 CertFreeCertificateContext(storeContext);
755
757 ok(context2 != NULL, "CertCreateCertificateContext failed\n");
758
759 ok(context2->hCertStore == context->hCertStore, "Unexpected hCertStore\n");
760
763 ok(ret, "CertFreeCertificateContext failed\n");
764
765 CertCloseStore(store, 0);
766 CertCloseStore(store2, 0);
767
768 SetLastError(0xdeadbeef);
770 ok(context == NULL, "Expected context to be NULL\n");
771
773 ok(ret, "CertFreeCertificateContext failed\n");
774}
775
776static void testLinkCert(void)
777{
778 const CERT_CONTEXT *context, *link;
779 HCERTSTORE store;
780 BOOL ret;
781
783 ok(context != NULL, "CertCreateCertificateContext failed\n");
784
786 ok(store != NULL, "CertOpenStore failed: %d\n", GetLastError());
787
789 ok(ret, "CertAddCertificateContextToStore failed\n");
790 ok(link != NULL && link != context, "unexpected storeContext\n");
791 ok(link->hCertStore == store, "unexpected hCertStore\n");
792
793 ok(link->pbCertEncoded == context->pbCertEncoded, "unexpected pbCertEncoded\n");
794 ok(link->cbCertEncoded == context->cbCertEncoded, "unexpected cbCertEncoded\n");
795 ok(link->pCertInfo == context->pCertInfo, "unexpected pCertInfo\n");
796
799 CertCloseStore(store, 0);
800}
801
802static BYTE subjectName3[] = { 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06,
803 0x03, 0x55, 0x04, 0x03, 0x13, 0x0a, 0x52, 0x6f, 0x62, 0x20, 0x20, 0x4c, 0x61,
804 0x6e, 0x67, 0x00 };
805static const BYTE iTunesCert0[] = {
8060x30,0x82,0x03,0xc4,0x30,0x82,0x03,0x2d,0xa0,0x03,0x02,0x01,0x02,0x02,0x10,
8070x47,0xbf,0x19,0x95,0xdf,0x8d,0x52,0x46,0x43,0xf7,0xdb,0x6d,0x48,0x0d,0x31,
8080xa4,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,
8090x00,0x30,0x81,0x8b,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,
8100x5a,0x41,0x31,0x15,0x30,0x13,0x06,0x03,0x55,0x04,0x08,0x13,0x0c,0x57,0x65,
8110x73,0x74,0x65,0x72,0x6e,0x20,0x43,0x61,0x70,0x65,0x31,0x14,0x30,0x12,0x06,
8120x03,0x55,0x04,0x07,0x13,0x0b,0x44,0x75,0x72,0x62,0x61,0x6e,0x76,0x69,0x6c,
8130x6c,0x65,0x31,0x0f,0x30,0x0d,0x06,0x03,0x55,0x04,0x0a,0x13,0x06,0x54,0x68,
8140x61,0x77,0x74,0x65,0x31,0x1d,0x30,0x1b,0x06,0x03,0x55,0x04,0x0b,0x13,0x14,
8150x54,0x68,0x61,0x77,0x74,0x65,0x20,0x43,0x65,0x72,0x74,0x69,0x66,0x69,0x63,
8160x61,0x74,0x69,0x6f,0x6e,0x31,0x1f,0x30,0x1d,0x06,0x03,0x55,0x04,0x03,0x13,
8170x16,0x54,0x68,0x61,0x77,0x74,0x65,0x20,0x54,0x69,0x6d,0x65,0x73,0x74,0x61,
8180x6d,0x70,0x69,0x6e,0x67,0x20,0x43,0x41,0x30,0x1e,0x17,0x0d,0x30,0x33,0x31,
8190x32,0x30,0x34,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x31,0x33,0x31,
8200x32,0x30,0x33,0x32,0x33,0x35,0x39,0x35,0x39,0x5a,0x30,0x53,0x31,0x0b,0x30,
8210x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x17,0x30,0x15,0x06,
8220x03,0x55,0x04,0x0a,0x13,0x0e,0x56,0x65,0x72,0x69,0x53,0x69,0x67,0x6e,0x2c,
8230x20,0x49,0x6e,0x63,0x2e,0x31,0x2b,0x30,0x29,0x06,0x03,0x55,0x04,0x03,0x13,
8240x22,0x56,0x65,0x72,0x69,0x53,0x69,0x67,0x6e,0x20,0x54,0x69,0x6d,0x65,0x20,
8250x53,0x74,0x61,0x6d,0x70,0x69,0x6e,0x67,0x20,0x53,0x65,0x72,0x76,0x69,0x63,
8260x65,0x73,0x20,0x43,0x41,0x30,0x82,0x01,0x22,0x30,0x0d,0x06,0x09,0x2a,0x86,
8270x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x82,0x01,0x0f,0x00,0x30,
8280x82,0x01,0x0a,0x02,0x82,0x01,0x01,0x00,0xa9,0xca,0xb2,0xa4,0xcc,0xcd,0x20,
8290xaf,0x0a,0x7d,0x89,0xac,0x87,0x75,0xf0,0xb4,0x4e,0xf1,0xdf,0xc1,0x0f,0xbf,
8300x67,0x61,0xbd,0xa3,0x64,0x1c,0xda,0xbb,0xf9,0xca,0x33,0xab,0x84,0x30,0x89,
8310x58,0x7e,0x8c,0xdb,0x6b,0xdd,0x36,0x9e,0x0f,0xbf,0xd1,0xec,0x78,0xf2,0x77,
8320xa6,0x7e,0x6f,0x3c,0xbf,0x93,0xaf,0x0d,0xba,0x68,0xf4,0x6c,0x94,0xca,0xbd,
8330x52,0x2d,0xab,0x48,0x3d,0xf5,0xb6,0xd5,0x5d,0x5f,0x1b,0x02,0x9f,0xfa,0x2f,
8340x6b,0x1e,0xa4,0xf7,0xa3,0x9a,0xa6,0x1a,0xc8,0x02,0xe1,0x7f,0x4c,0x52,0xe3,
8350x0e,0x60,0xec,0x40,0x1c,0x7e,0xb9,0x0d,0xde,0x3f,0xc7,0xb4,0xdf,0x87,0xbd,
8360x5f,0x7a,0x6a,0x31,0x2e,0x03,0x99,0x81,0x13,0xa8,0x47,0x20,0xce,0x31,0x73,
8370x0d,0x57,0x2d,0xcd,0x78,0x34,0x33,0x95,0x12,0x99,0x12,0xb9,0xde,0x68,0x2f,
8380xaa,0xe6,0xe3,0xc2,0x8a,0x8c,0x2a,0xc3,0x8b,0x21,0x87,0x66,0xbd,0x83,0x58,
8390x57,0x6f,0x75,0xbf,0x3c,0xaa,0x26,0x87,0x5d,0xca,0x10,0x15,0x3c,0x9f,0x84,
8400xea,0x54,0xc1,0x0a,0x6e,0xc4,0xfe,0xc5,0x4a,0xdd,0xb9,0x07,0x11,0x97,0x22,
8410x7c,0xdb,0x3e,0x27,0xd1,0x1e,0x78,0xec,0x9f,0x31,0xc9,0xf1,0xe6,0x22,0x19,
8420xdb,0xc4,0xb3,0x47,0x43,0x9a,0x1a,0x5f,0xa0,0x1e,0x90,0xe4,0x5e,0xf5,0xee,
8430x7c,0xf1,0x7d,0xab,0x62,0x01,0x8f,0xf5,0x4d,0x0b,0xde,0xd0,0x22,0x56,0xa8,
8440x95,0xcd,0xae,0x88,0x76,0xae,0xee,0xba,0x0d,0xf3,0xe4,0x4d,0xd9,0xa0,0xfb,
8450x68,0xa0,0xae,0x14,0x3b,0xb3,0x87,0xc1,0xbb,0x02,0x03,0x01,0x00,0x01,0xa3,
8460x81,0xdb,0x30,0x81,0xd8,0x30,0x34,0x06,0x08,0x2b,0x06,0x01,0x05,0x05,0x07,
8470x01,0x01,0x04,0x28,0x30,0x26,0x30,0x24,0x06,0x08,0x2b,0x06,0x01,0x05,0x05,
8480x07,0x30,0x01,0x86,0x18,0x68,0x74,0x74,0x70,0x3a,0x2f,0x2f,0x6f,0x63,0x73,
8490x70,0x2e,0x76,0x65,0x72,0x69,0x73,0x69,0x67,0x6e,0x2e,0x63,0x6f,0x6d,0x30,
8500x12,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,0x08,0x30,0x06,0x01,0x01,
8510xff,0x02,0x01,0x00,0x30,0x41,0x06,0x03,0x55,0x1d,0x1f,0x04,0x3a,0x30,0x38,
8520x30,0x36,0xa0,0x34,0xa0,0x32,0x86,0x30,0x68,0x74,0x74,0x70,0x3a,0x2f,0x2f,
8530x63,0x72,0x6c,0x2e,0x76,0x65,0x72,0x69,0x73,0x69,0x67,0x6e,0x2e,0x63,0x6f,
8540x6d,0x2f,0x54,0x68,0x61,0x77,0x74,0x65,0x54,0x69,0x6d,0x65,0x73,0x74,0x61,
8550x6d,0x70,0x69,0x6e,0x67,0x43,0x41,0x2e,0x63,0x72,0x6c,0x30,0x13,0x06,0x03,
8560x55,0x1d,0x25,0x04,0x0c,0x30,0x0a,0x06,0x08,0x2b,0x06,0x01,0x05,0x05,0x07,
8570x03,0x08,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01,0xff,0x04,0x04,0x03,
8580x02,0x01,0x06,0x30,0x24,0x06,0x03,0x55,0x1d,0x11,0x04,0x1d,0x30,0x1b,0xa4,
8590x19,0x30,0x17,0x31,0x15,0x30,0x13,0x06,0x03,0x55,0x04,0x03,0x13,0x0c,0x54,
8600x53,0x41,0x32,0x30,0x34,0x38,0x2d,0x31,0x2d,0x35,0x33,0x30,0x0d,0x06,0x09,
8610x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x81,0x81,0x00,
8620x4a,0x6b,0xf9,0xea,0x58,0xc2,0x44,0x1c,0x31,0x89,0x79,0x99,0x2b,0x96,0xbf,
8630x82,0xac,0x01,0xd6,0x1c,0x4c,0xcd,0xb0,0x8a,0x58,0x6e,0xdf,0x08,0x29,0xa3,
8640x5e,0xc8,0xca,0x93,0x13,0xe7,0x04,0x52,0x0d,0xef,0x47,0x27,0x2f,0x00,0x38,
8650xb0,0xe4,0xc9,0x93,0x4e,0x9a,0xd4,0x22,0x62,0x15,0xf7,0x3f,0x37,0x21,0x4f,
8660x70,0x31,0x80,0xf1,0x8b,0x38,0x87,0xb3,0xe8,0xe8,0x97,0x00,0xfe,0xcf,0x55,
8670x96,0x4e,0x24,0xd2,0xa9,0x27,0x4e,0x7a,0xae,0xb7,0x61,0x41,0xf3,0x2a,0xce,
8680xe7,0xc9,0xd9,0x5e,0xdd,0xbb,0x2b,0x85,0x3e,0xb5,0x9d,0xb5,0xd9,0xe1,0x57,
8690xff,0xbe,0xb4,0xc5,0x7e,0xf5,0xcf,0x0c,0x9e,0xf0,0x97,0xfe,0x2b,0xd3,0x3b,
8700x52,0x1b,0x1b,0x38,0x27,0xf7,0x3f,0x4a };
871static const BYTE iTunesCert1[] = {
8720x30,0x82,0x03,0xff,0x30,0x82,0x02,0xe7,0xa0,0x03,0x02,0x01,0x02,0x02,0x10,
8730x0d,0xe9,0x2b,0xf0,0xd4,0xd8,0x29,0x88,0x18,0x32,0x05,0x09,0x5e,0x9a,0x76,
8740x88,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,
8750x00,0x30,0x53,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55,
8760x53,0x31,0x17,0x30,0x15,0x06,0x03,0x55,0x04,0x0a,0x13,0x0e,0x56,0x65,0x72,
8770x69,0x53,0x69,0x67,0x6e,0x2c,0x20,0x49,0x6e,0x63,0x2e,0x31,0x2b,0x30,0x29,
8780x06,0x03,0x55,0x04,0x03,0x13,0x22,0x56,0x65,0x72,0x69,0x53,0x69,0x67,0x6e,
8790x20,0x54,0x69,0x6d,0x65,0x20,0x53,0x74,0x61,0x6d,0x70,0x69,0x6e,0x67,0x20,
8800x53,0x65,0x72,0x76,0x69,0x63,0x65,0x73,0x20,0x43,0x41,0x30,0x1e,0x17,0x0d,
8810x30,0x33,0x31,0x32,0x30,0x34,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,
8820x30,0x38,0x31,0x32,0x30,0x33,0x32,0x33,0x35,0x39,0x35,0x39,0x5a,0x30,0x57,
8830x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x17,
8840x30,0x15,0x06,0x03,0x55,0x04,0x0a,0x13,0x0e,0x56,0x65,0x72,0x69,0x53,0x69,
8850x67,0x6e,0x2c,0x20,0x49,0x6e,0x63,0x2e,0x31,0x2f,0x30,0x2d,0x06,0x03,0x55,
8860x04,0x03,0x13,0x26,0x56,0x65,0x72,0x69,0x53,0x69,0x67,0x6e,0x20,0x54,0x69,
8870x6d,0x65,0x20,0x53,0x74,0x61,0x6d,0x70,0x69,0x6e,0x67,0x20,0x53,0x65,0x72,
8880x76,0x69,0x63,0x65,0x73,0x20,0x53,0x69,0x67,0x6e,0x65,0x72,0x30,0x82,0x01,
8890x22,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,
8900x00,0x03,0x82,0x01,0x0f,0x00,0x30,0x82,0x01,0x0a,0x02,0x82,0x01,0x01,0x00,
8910xb2,0x50,0x28,0x48,0xdd,0xd3,0x68,0x7a,0x84,0x18,0x44,0x66,0x75,0x5d,0x7e,
8920xc4,0xb8,0x9f,0x63,0x26,0xff,0x3d,0x43,0x9c,0x7c,0x11,0x38,0x10,0x25,0x55,
8930x73,0xd9,0x75,0x27,0x69,0xfd,0x4e,0xb9,0x20,0x5c,0xd3,0x0a,0xf9,0xa0,0x1b,
8940x2a,0xed,0x55,0x56,0x21,0x61,0xd8,0x1e,0xdb,0xe4,0xbc,0x33,0x6b,0xc7,0xef,
8950xdd,0xa3,0x37,0x65,0x8e,0x1b,0x93,0x0c,0xb6,0x53,0x1e,0x5c,0x7c,0x66,0x35,
8960x5f,0x05,0x8a,0x45,0xfe,0x76,0x4e,0xdf,0x53,0x80,0xa2,0x81,0x20,0x9d,0xae,
8970x88,0x5c,0xa2,0x08,0xf7,0xe5,0x30,0xf9,0xee,0x22,0x37,0x4c,0x42,0x0a,0xce,
8980xdf,0xc6,0x1f,0xc4,0xd6,0x55,0xe9,0x81,0x3f,0xb5,0x52,0xa3,0x2c,0xaa,0x01,
8990x7a,0xf2,0xa2,0xaa,0x8d,0x35,0xfe,0x9f,0xe6,0x5d,0x6a,0x05,0x9f,0x3d,0x6b,
9000xe3,0xbf,0x96,0xc0,0xfe,0xcc,0x60,0xf9,0x40,0xe7,0x07,0xa0,0x44,0xeb,0x81,
9010x51,0x6e,0xa5,0x2a,0xf2,0xb6,0x8a,0x10,0x28,0xed,0x8f,0xdc,0x06,0xa0,0x86,
9020x50,0x9a,0x7b,0x4a,0x08,0x0d,0x30,0x1d,0xca,0x10,0x9e,0x6b,0xf7,0xe9,0x58,
9030xae,0x04,0xa9,0x40,0x99,0xb2,0x28,0xe8,0x8f,0x16,0xac,0x3c,0xe3,0x53,0x6f,
9040x4b,0xd3,0x35,0x9d,0xb5,0x6f,0x64,0x1d,0xb3,0x96,0x2c,0xbb,0x3d,0xe7,0x79,
9050xeb,0x6d,0x7a,0xf9,0x16,0xe6,0x26,0xad,0xaf,0xef,0x99,0x53,0xb7,0x40,0x2c,
9060x95,0xb8,0x79,0xaa,0xfe,0xd4,0x52,0xab,0x29,0x74,0x7e,0x42,0xec,0x39,0x1e,
9070xa2,0x6a,0x16,0xe6,0x59,0xbb,0x24,0x68,0xd8,0x00,0x80,0x43,0x10,0x87,0x80,
9080x6b,0x02,0x03,0x01,0x00,0x01,0xa3,0x81,0xca,0x30,0x81,0xc7,0x30,0x34,0x06,
9090x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x01,0x01,0x04,0x28,0x30,0x26,0x30,0x24,
9100x06,0x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x86,0x18,0x68,0x74,0x74,
9110x70,0x3a,0x2f,0x2f,0x6f,0x63,0x73,0x70,0x2e,0x76,0x65,0x72,0x69,0x73,0x69,
9120x67,0x6e,0x2e,0x63,0x6f,0x6d,0x30,0x0c,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,
9130xff,0x04,0x02,0x30,0x00,0x30,0x33,0x06,0x03,0x55,0x1d,0x1f,0x04,0x2c,0x30,
9140x2a,0x30,0x28,0xa0,0x26,0xa0,0x24,0x86,0x22,0x68,0x74,0x74,0x70,0x3a,0x2f,
9150x2f,0x63,0x72,0x6c,0x2e,0x76,0x65,0x72,0x69,0x73,0x69,0x67,0x6e,0x2e,0x63,
9160x6f,0x6d,0x2f,0x74,0x73,0x73,0x2d,0x63,0x61,0x2e,0x63,0x72,0x6c,0x30,0x16,
9170x06,0x03,0x55,0x1d,0x25,0x01,0x01,0xff,0x04,0x0c,0x30,0x0a,0x06,0x08,0x2b,
9180x06,0x01,0x05,0x05,0x07,0x03,0x08,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,
9190x01,0xff,0x04,0x04,0x03,0x02,0x06,0xc0,0x30,0x24,0x06,0x03,0x55,0x1d,0x11,
9200x04,0x1d,0x30,0x1b,0xa4,0x19,0x30,0x17,0x31,0x15,0x30,0x13,0x06,0x03,0x55,
9210x04,0x03,0x13,0x0c,0x54,0x53,0x41,0x32,0x30,0x34,0x38,0x2d,0x31,0x2d,0x35,
9220x34,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,
9230x00,0x03,0x82,0x01,0x01,0x00,0x87,0x78,0x70,0xda,0x4e,0x52,0x01,0x20,0x5b,
9240xe0,0x79,0xc9,0x82,0x30,0xc4,0xfd,0xb9,0x19,0x96,0xbd,0x91,0x00,0xc3,0xbd,
9250xcd,0xcd,0xc6,0xf4,0x0e,0xd8,0xff,0xf9,0x4d,0xc0,0x33,0x62,0x30,0x11,0xc5,
9260xf5,0x74,0x1b,0xd4,0x92,0xde,0x5f,0x9c,0x20,0x13,0xb1,0x7c,0x45,0xbe,0x50,
9270xcd,0x83,0xe7,0x80,0x17,0x83,0xa7,0x27,0x93,0x67,0x13,0x46,0xfb,0xca,0xb8,
9280x98,0x41,0x03,0xcc,0x9b,0x51,0x5b,0x05,0x8b,0x7f,0xa8,0x6f,0xf3,0x1b,0x50,
9290x1b,0x24,0x2e,0xf2,0x69,0x8d,0x6c,0x22,0xf7,0xbb,0xca,0x16,0x95,0xed,0x0c,
9300x74,0xc0,0x68,0x77,0xd9,0xeb,0x99,0x62,0x87,0xc1,0x73,0x90,0xf8,0x89,0x74,
9310x7a,0x23,0xab,0xa3,0x98,0x7b,0x97,0xb1,0xf7,0x8f,0x29,0x71,0x4d,0x2e,0x75,
9320x1b,0x48,0x41,0xda,0xf0,0xb5,0x0d,0x20,0x54,0xd6,0x77,0xa0,0x97,0x82,0x63,
9330x69,0xfd,0x09,0xcf,0x8a,0xf0,0x75,0xbb,0x09,0x9b,0xd9,0xf9,0x11,0x55,0x26,
9340x9a,0x61,0x32,0xbe,0x7a,0x02,0xb0,0x7b,0x86,0xbe,0xa2,0xc3,0x8b,0x22,0x2c,
9350x78,0xd1,0x35,0x76,0xbc,0x92,0x73,0x5c,0xf9,0xb9,0xe6,0x4c,0x15,0x0a,0x23,
9360xcc,0xe4,0xd2,0xd4,0x34,0x2e,0x49,0x40,0x15,0x3c,0x0f,0x60,0x7a,0x24,0xc6,
9370xa5,0x66,0xef,0x96,0xcf,0x70,0xeb,0x3e,0xe7,0xf4,0x0d,0x7e,0xdc,0xd1,0x7c,
9380xa3,0x76,0x71,0x69,0xc1,0x9c,0x4f,0x47,0x30,0x35,0x21,0xb1,0xa2,0xaf,0x1a,
9390x62,0x3c,0x2b,0xd9,0x8e,0xaa,0x2a,0x07,0x7b,0xd8,0x18,0xb3,0x5c,0x7b,0xe2,
9400x9d,0xa5,0x6f,0xfe,0x3c,0x89,0xad };
941static const BYTE iTunesCert2[] = {
9420x30,0x82,0x04,0xbf,0x30,0x82,0x04,0x28,0xa0,0x03,0x02,0x01,0x02,0x02,0x10,
9430x41,0x91,0xa1,0x5a,0x39,0x78,0xdf,0xcf,0x49,0x65,0x66,0x38,0x1d,0x4c,0x75,
9440xc2,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,
9450x00,0x30,0x5f,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55,
9460x53,0x31,0x17,0x30,0x15,0x06,0x03,0x55,0x04,0x0a,0x13,0x0e,0x56,0x65,0x72,
9470x69,0x53,0x69,0x67,0x6e,0x2c,0x20,0x49,0x6e,0x63,0x2e,0x31,0x37,0x30,0x35,
9480x06,0x03,0x55,0x04,0x0b,0x13,0x2e,0x43,0x6c,0x61,0x73,0x73,0x20,0x33,0x20,
9490x50,0x75,0x62,0x6c,0x69,0x63,0x20,0x50,0x72,0x69,0x6d,0x61,0x72,0x79,0x20,
9500x43,0x65,0x72,0x74,0x69,0x66,0x69,0x63,0x61,0x74,0x69,0x6f,0x6e,0x20,0x41,
9510x75,0x74,0x68,0x6f,0x72,0x69,0x74,0x79,0x30,0x1e,0x17,0x0d,0x30,0x34,0x30,
9520x37,0x31,0x36,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x31,0x34,0x30,
9530x37,0x31,0x35,0x32,0x33,0x35,0x39,0x35,0x39,0x5a,0x30,0x81,0xb4,0x31,0x0b,
9540x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x17,0x30,0x15,
9550x06,0x03,0x55,0x04,0x0a,0x13,0x0e,0x56,0x65,0x72,0x69,0x53,0x69,0x67,0x6e,
9560x2c,0x20,0x49,0x6e,0x63,0x2e,0x31,0x1f,0x30,0x1d,0x06,0x03,0x55,0x04,0x0b,
9570x13,0x16,0x56,0x65,0x72,0x69,0x53,0x69,0x67,0x6e,0x20,0x54,0x72,0x75,0x73,
9580x74,0x20,0x4e,0x65,0x74,0x77,0x6f,0x72,0x6b,0x31,0x3b,0x30,0x39,0x06,0x03,
9590x55,0x04,0x0b,0x13,0x32,0x54,0x65,0x72,0x6d,0x73,0x20,0x6f,0x66,0x20,0x75,
9600x73,0x65,0x20,0x61,0x74,0x20,0x68,0x74,0x74,0x70,0x73,0x3a,0x2f,0x2f,0x77,
9610x77,0x77,0x2e,0x76,0x65,0x72,0x69,0x73,0x69,0x67,0x6e,0x2e,0x63,0x6f,0x6d,
9620x2f,0x72,0x70,0x61,0x20,0x28,0x63,0x29,0x30,0x34,0x31,0x2e,0x30,0x2c,0x06,
9630x03,0x55,0x04,0x03,0x13,0x25,0x56,0x65,0x72,0x69,0x53,0x69,0x67,0x6e,0x20,
9640x43,0x6c,0x61,0x73,0x73,0x20,0x33,0x20,0x43,0x6f,0x64,0x65,0x20,0x53,0x69,
9650x67,0x6e,0x69,0x6e,0x67,0x20,0x32,0x30,0x30,0x34,0x20,0x43,0x41,0x30,0x82,
9660x01,0x22,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,
9670x05,0x00,0x03,0x82,0x01,0x0f,0x00,0x30,0x82,0x01,0x0a,0x02,0x82,0x01,0x01,
9680x00,0xbe,0xbc,0xee,0xbc,0x7e,0xef,0x83,0xeb,0xe0,0x37,0x4f,0xfb,0x03,0x10,
9690x38,0xbe,0x08,0xd2,0x8c,0x7d,0x9d,0xfa,0x92,0x7f,0x19,0x0c,0xc2,0x6b,0xee,
9700x42,0x52,0x8c,0xde,0xd3,0x1c,0x48,0x13,0x25,0xea,0xc1,0x63,0x7a,0xf9,0x51,
9710x65,0xee,0xd3,0xaa,0x3b,0xf5,0xf0,0x94,0x9c,0x2b,0xfb,0xf2,0x66,0xd4,0x24,
9720xda,0xf7,0xf5,0x9f,0x6e,0x19,0x39,0x36,0xbc,0xd0,0xa3,0x76,0x08,0x1e,0x22,
9730x27,0x24,0x6c,0x38,0x91,0x27,0xe2,0x84,0x49,0xae,0x1b,0x8a,0xa1,0xfd,0x25,
9740x82,0x2c,0x10,0x30,0xe8,0x71,0xab,0x28,0xe8,0x77,0x4a,0x51,0xf1,0xec,0xcd,
9750xf8,0xf0,0x54,0xd4,0x6f,0xc0,0xe3,0x6d,0x0a,0x8f,0xd9,0xd8,0x64,0x8d,0x63,
9760xb2,0x2d,0x4e,0x27,0xf6,0x85,0x0e,0xfe,0x6d,0xe3,0x29,0x99,0xe2,0x85,0x47,
9770x7c,0x2d,0x86,0x7f,0xe8,0x57,0x8f,0xad,0x67,0xc2,0x33,0x32,0x91,0x13,0x20,
9780xfc,0xa9,0x23,0x14,0x9a,0x6d,0xc2,0x84,0x4b,0x76,0x68,0x04,0xd5,0x71,0x2c,
9790x5d,0x21,0xfa,0x88,0x0d,0x26,0xfd,0x1f,0x2d,0x91,0x2b,0xe7,0x01,0x55,0x4d,
9800xf2,0x6d,0x35,0x28,0x82,0xdf,0xd9,0x6b,0x5c,0xb6,0xd6,0xd9,0xaa,0x81,0xfd,
9810x5f,0xcd,0x83,0xba,0x63,0x9d,0xd0,0x22,0xfc,0xa9,0x3b,0x42,0x69,0xb2,0x8e,
9820x3a,0xb5,0xbc,0xb4,0x9e,0x0f,0x5e,0xc4,0xea,0x2c,0x82,0x8b,0x28,0xfd,0x53,
9830x08,0x96,0xdd,0xb5,0x01,0x20,0xd1,0xf9,0xa5,0x18,0xe7,0xc0,0xee,0x51,0x70,
9840x37,0xe1,0xb6,0x05,0x48,0x52,0x48,0x6f,0x38,0xea,0xc3,0xe8,0x6c,0x7b,0x44,
9850x84,0xbb,0x02,0x03,0x01,0x00,0x01,0xa3,0x82,0x01,0xa0,0x30,0x82,0x01,0x9c,
9860x30,0x12,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,0x08,0x30,0x06,0x01,
9870x01,0xff,0x02,0x01,0x00,0x30,0x44,0x06,0x03,0x55,0x1d,0x20,0x04,0x3d,0x30,
9880x3b,0x30,0x39,0x06,0x0b,0x60,0x86,0x48,0x01,0x86,0xf8,0x45,0x01,0x07,0x17,
9890x03,0x30,0x2a,0x30,0x28,0x06,0x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x02,0x01,
9900x16,0x1c,0x68,0x74,0x74,0x70,0x73,0x3a,0x2f,0x2f,0x77,0x77,0x77,0x2e,0x76,
9910x65,0x72,0x69,0x73,0x69,0x67,0x6e,0x2e,0x63,0x6f,0x6d,0x2f,0x72,0x70,0x61,
9920x30,0x31,0x06,0x03,0x55,0x1d,0x1f,0x04,0x2a,0x30,0x28,0x30,0x26,0xa0,0x24,
9930xa0,0x22,0x86,0x20,0x68,0x74,0x74,0x70,0x3a,0x2f,0x2f,0x63,0x72,0x6c,0x2e,
9940x76,0x65,0x72,0x69,0x73,0x69,0x67,0x6e,0x2e,0x63,0x6f,0x6d,0x2f,0x70,0x63,
9950x61,0x33,0x2e,0x63,0x72,0x6c,0x30,0x1d,0x06,0x03,0x55,0x1d,0x25,0x04,0x16,
9960x30,0x14,0x06,0x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x03,0x02,0x06,0x08,0x2b,
9970x06,0x01,0x05,0x05,0x07,0x03,0x03,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,
9980x01,0xff,0x04,0x04,0x03,0x02,0x01,0x06,0x30,0x11,0x06,0x09,0x60,0x86,0x48,
9990x01,0x86,0xf8,0x42,0x01,0x01,0x04,0x04,0x03,0x02,0x00,0x01,0x30,0x29,0x06,
10000x03,0x55,0x1d,0x11,0x04,0x22,0x30,0x20,0xa4,0x1e,0x30,0x1c,0x31,0x1a,0x30,
10010x18,0x06,0x03,0x55,0x04,0x03,0x13,0x11,0x43,0x6c,0x61,0x73,0x73,0x33,0x43,
10020x41,0x32,0x30,0x34,0x38,0x2d,0x31,0x2d,0x34,0x33,0x30,0x1d,0x06,0x03,0x55,
10030x1d,0x0e,0x04,0x16,0x04,0x14,0x08,0xf5,0x51,0xe8,0xfb,0xfe,0x3d,0x3d,0x64,
10040x36,0x7c,0x68,0xcf,0x5b,0x78,0xa8,0xdf,0xb9,0xc5,0x37,0x30,0x81,0x80,0x06,
10050x03,0x55,0x1d,0x23,0x04,0x79,0x30,0x77,0xa1,0x63,0xa4,0x61,0x30,0x5f,0x31,
10060x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x17,0x30,
10070x15,0x06,0x03,0x55,0x04,0x0a,0x13,0x0e,0x56,0x65,0x72,0x69,0x53,0x69,0x67,
10080x6e,0x2c,0x20,0x49,0x6e,0x63,0x2e,0x31,0x37,0x30,0x35,0x06,0x03,0x55,0x04,
10090x0b,0x13,0x2e,0x43,0x6c,0x61,0x73,0x73,0x20,0x33,0x20,0x50,0x75,0x62,0x6c,
10100x69,0x63,0x20,0x50,0x72,0x69,0x6d,0x61,0x72,0x79,0x20,0x43,0x65,0x72,0x74,
10110x69,0x66,0x69,0x63,0x61,0x74,0x69,0x6f,0x6e,0x20,0x41,0x75,0x74,0x68,0x6f,
10120x72,0x69,0x74,0x79,0x82,0x10,0x70,0xba,0xe4,0x1d,0x10,0xd9,0x29,0x34,0xb6,
10130x38,0xca,0x7b,0x03,0xcc,0xba,0xbf,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,
10140xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x81,0x81,0x00,0xae,0x3a,0x17,0xb8,
10150x4a,0x7b,0x55,0xfa,0x64,0x55,0xec,0x40,0xa4,0xed,0x49,0x41,0x90,0x99,0x9c,
10160x89,0xbc,0xaf,0x2e,0x1d,0xca,0x78,0x23,0xf9,0x1c,0x19,0x0f,0x7f,0xeb,0x68,
10170xbc,0x32,0xd9,0x88,0x38,0xde,0xdc,0x3f,0xd3,0x89,0xb4,0x3f,0xb1,0x82,0x96,
10180xf1,0xa4,0x5a,0xba,0xed,0x2e,0x26,0xd3,0xde,0x7c,0x01,0x6e,0x00,0x0a,0x00,
10190xa4,0x06,0x92,0x11,0x48,0x09,0x40,0xf9,0x1c,0x18,0x79,0x67,0x23,0x24,0xe0,
10200xbb,0xd5,0xe1,0x50,0xae,0x1b,0xf5,0x0e,0xdd,0xe0,0x2e,0x81,0xcd,0x80,0xa3,
10210x6c,0x52,0x4f,0x91,0x75,0x55,0x8a,0xba,0x22,0xf2,0xd2,0xea,0x41,0x75,0x88,
10220x2f,0x63,0x55,0x7d,0x1e,0x54,0x5a,0x95,0x59,0xca,0xd9,0x34,0x81,0xc0,0x5f,
10230x5e,0xf6,0x7a,0xb5 };
1024static const BYTE iTunesCert3[] = {
10250x30,0x82,0x04,0xf1,0x30,0x82,0x03,0xd9,0xa0,0x03,0x02,0x01,0x02,0x02,0x10,
10260x0f,0x1a,0xa0,0xe0,0x9b,0x9b,0x61,0xa6,0xb6,0xfe,0x40,0xd2,0xdf,0x6a,0xf6,
10270x8d,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,
10280x00,0x30,0x81,0xb4,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,
10290x55,0x53,0x31,0x17,0x30,0x15,0x06,0x03,0x55,0x04,0x0a,0x13,0x0e,0x56,0x65,
10300x72,0x69,0x53,0x69,0x67,0x6e,0x2c,0x20,0x49,0x6e,0x63,0x2e,0x31,0x1f,0x30,
10310x1d,0x06,0x03,0x55,0x04,0x0b,0x13,0x16,0x56,0x65,0x72,0x69,0x53,0x69,0x67,
10320x6e,0x20,0x54,0x72,0x75,0x73,0x74,0x20,0x4e,0x65,0x74,0x77,0x6f,0x72,0x6b,
10330x31,0x3b,0x30,0x39,0x06,0x03,0x55,0x04,0x0b,0x13,0x32,0x54,0x65,0x72,0x6d,
10340x73,0x20,0x6f,0x66,0x20,0x75,0x73,0x65,0x20,0x61,0x74,0x20,0x68,0x74,0x74,
10350x70,0x73,0x3a,0x2f,0x2f,0x77,0x77,0x77,0x2e,0x76,0x65,0x72,0x69,0x73,0x69,
10360x67,0x6e,0x2e,0x63,0x6f,0x6d,0x2f,0x72,0x70,0x61,0x20,0x28,0x63,0x29,0x30,
10370x34,0x31,0x2e,0x30,0x2c,0x06,0x03,0x55,0x04,0x03,0x13,0x25,0x56,0x65,0x72,
10380x69,0x53,0x69,0x67,0x6e,0x20,0x43,0x6c,0x61,0x73,0x73,0x20,0x33,0x20,0x43,
10390x6f,0x64,0x65,0x20,0x53,0x69,0x67,0x6e,0x69,0x6e,0x67,0x20,0x32,0x30,0x30,
10400x34,0x20,0x43,0x41,0x30,0x1e,0x17,0x0d,0x30,0x36,0x30,0x31,0x31,0x37,0x30,
10410x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x38,0x30,0x31,0x32,0x32,0x32,
10420x33,0x35,0x39,0x35,0x39,0x5a,0x30,0x81,0xb4,0x31,0x0b,0x30,0x09,0x06,0x03,
10430x55,0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,
10440x08,0x13,0x0a,0x43,0x61,0x6c,0x69,0x66,0x6f,0x72,0x6e,0x69,0x61,0x31,0x12,
10450x30,0x10,0x06,0x03,0x55,0x04,0x07,0x13,0x09,0x43,0x75,0x70,0x65,0x72,0x74,
10460x69,0x6e,0x6f,0x31,0x1d,0x30,0x1b,0x06,0x03,0x55,0x04,0x0a,0x14,0x14,0x41,
10470x70,0x70,0x6c,0x65,0x20,0x43,0x6f,0x6d,0x70,0x75,0x74,0x65,0x72,0x2c,0x20,
10480x49,0x6e,0x63,0x2e,0x31,0x3e,0x30,0x3c,0x06,0x03,0x55,0x04,0x0b,0x13,0x35,
10490x44,0x69,0x67,0x69,0x74,0x61,0x6c,0x20,0x49,0x44,0x20,0x43,0x6c,0x61,0x73,
10500x73,0x20,0x33,0x20,0x2d,0x20,0x4d,0x69,0x63,0x72,0x6f,0x73,0x6f,0x66,0x74,
10510x20,0x53,0x6f,0x66,0x74,0x77,0x61,0x72,0x65,0x20,0x56,0x61,0x6c,0x69,0x64,
10520x61,0x74,0x69,0x6f,0x6e,0x20,0x76,0x32,0x31,0x1d,0x30,0x1b,0x06,0x03,0x55,
10530x04,0x03,0x14,0x14,0x41,0x70,0x70,0x6c,0x65,0x20,0x43,0x6f,0x6d,0x70,0x75,
10540x74,0x65,0x72,0x2c,0x20,0x49,0x6e,0x63,0x2e,0x30,0x81,0x9f,0x30,0x0d,0x06,
10550x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,
10560x00,0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xd3,0xab,0x3b,0x7f,0xec,0x48,0x84,
10570xce,0xa8,0x1a,0x12,0xf3,0x3c,0x87,0xcb,0x24,0x58,0x96,0x02,0x87,0x66,0x49,
10580xeb,0x89,0xee,0x79,0x44,0x70,0x8d,0xe7,0xd4,0x1f,0x30,0x92,0xc0,0x9c,0x35,
10590x78,0xc0,0xaf,0x1c,0xb6,0x28,0xd3,0xe0,0xe0,0x9d,0xd3,0x49,0x76,0x73,0x57,
10600x19,0x4d,0x8d,0x70,0x85,0x64,0x4d,0x1d,0xc6,0x02,0x3e,0xe5,0x2c,0x66,0x07,
10610xd2,0x27,0x4b,0xd6,0xc8,0x3c,0x93,0xb6,0x15,0x0c,0xde,0x5b,0xd7,0x93,0xdd,
10620xbe,0x85,0x62,0x34,0x17,0x8a,0x05,0x60,0xf0,0x8a,0x1c,0x5a,0x40,0x21,0x8d,
10630x51,0x6c,0xb0,0x62,0xd8,0xb5,0xd4,0xf9,0xb1,0xd0,0x58,0x7a,0x7a,0x82,0x55,
10640xb3,0xf9,0x53,0x71,0xde,0xd2,0xc9,0x37,0x8c,0xf6,0x5a,0x1f,0x2d,0xcd,0x7c,
10650x67,0x02,0x03,0x01,0x00,0x01,0xa3,0x82,0x01,0x7f,0x30,0x82,0x01,0x7b,0x30,
10660x09,0x06,0x03,0x55,0x1d,0x13,0x04,0x02,0x30,0x00,0x30,0x0e,0x06,0x03,0x55,
10670x1d,0x0f,0x01,0x01,0xff,0x04,0x04,0x03,0x02,0x07,0x80,0x30,0x40,0x06,0x03,
10680x55,0x1d,0x1f,0x04,0x39,0x30,0x37,0x30,0x35,0xa0,0x33,0xa0,0x31,0x86,0x2f,
10690x68,0x74,0x74,0x70,0x3a,0x2f,0x2f,0x43,0x53,0x43,0x33,0x2d,0x32,0x30,0x30,
10700x34,0x2d,0x63,0x72,0x6c,0x2e,0x76,0x65,0x72,0x69,0x73,0x69,0x67,0x6e,0x2e,
10710x63,0x6f,0x6d,0x2f,0x43,0x53,0x43,0x33,0x2d,0x32,0x30,0x30,0x34,0x2e,0x63,
10720x72,0x6c,0x30,0x44,0x06,0x03,0x55,0x1d,0x20,0x04,0x3d,0x30,0x3b,0x30,0x39,
10730x06,0x0b,0x60,0x86,0x48,0x01,0x86,0xf8,0x45,0x01,0x07,0x17,0x03,0x30,0x2a,
10740x30,0x28,0x06,0x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x02,0x01,0x16,0x1c,0x68,
10750x74,0x74,0x70,0x73,0x3a,0x2f,0x2f,0x77,0x77,0x77,0x2e,0x76,0x65,0x72,0x69,
10760x73,0x69,0x67,0x6e,0x2e,0x63,0x6f,0x6d,0x2f,0x72,0x70,0x61,0x30,0x13,0x06,
10770x03,0x55,0x1d,0x25,0x04,0x0c,0x30,0x0a,0x06,0x08,0x2b,0x06,0x01,0x05,0x05,
10780x07,0x03,0x03,0x30,0x75,0x06,0x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x01,0x01,
10790x04,0x69,0x30,0x67,0x30,0x24,0x06,0x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x30,
10800x01,0x86,0x18,0x68,0x74,0x74,0x70,0x3a,0x2f,0x2f,0x6f,0x63,0x73,0x70,0x2e,
10810x76,0x65,0x72,0x69,0x73,0x69,0x67,0x6e,0x2e,0x63,0x6f,0x6d,0x30,0x3f,0x06,
10820x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x30,0x02,0x86,0x33,0x68,0x74,0x74,0x70,
10830x3a,0x2f,0x2f,0x43,0x53,0x43,0x33,0x2d,0x32,0x30,0x30,0x34,0x2d,0x61,0x69,
10840x61,0x2e,0x76,0x65,0x72,0x69,0x73,0x69,0x67,0x6e,0x2e,0x63,0x6f,0x6d,0x2f,
10850x43,0x53,0x43,0x33,0x2d,0x32,0x30,0x30,0x34,0x2d,0x61,0x69,0x61,0x2e,0x63,
10860x65,0x72,0x30,0x1f,0x06,0x03,0x55,0x1d,0x23,0x04,0x18,0x30,0x16,0x80,0x14,
10870x08,0xf5,0x51,0xe8,0xfb,0xfe,0x3d,0x3d,0x64,0x36,0x7c,0x68,0xcf,0x5b,0x78,
10880xa8,0xdf,0xb9,0xc5,0x37,0x30,0x11,0x06,0x09,0x60,0x86,0x48,0x01,0x86,0xf8,
10890x42,0x01,0x01,0x04,0x04,0x03,0x02,0x04,0x10,0x30,0x16,0x06,0x0a,0x2b,0x06,
10900x01,0x04,0x01,0x82,0x37,0x02,0x01,0x1b,0x04,0x08,0x30,0x06,0x01,0x01,0x00,
10910x01,0x01,0xff,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,
10920x05,0x05,0x00,0x03,0x82,0x01,0x01,0x00,0x6a,0xa6,0x06,0xd0,0x33,0x18,0x64,
10930xe2,0x69,0x82,0xee,0x6e,0x36,0x9e,0x9d,0x9a,0x0e,0x18,0xa8,0xac,0x9d,0x10,
10940xed,0x01,0x3c,0xb9,0x61,0x04,0x62,0xf3,0x85,0x8f,0xcc,0x4f,0x2c,0x66,0x35,
10950x54,0x25,0x45,0x8d,0x95,0x1c,0xd2,0x33,0xbe,0x2e,0xdd,0x7f,0x74,0xaf,0x03,
10960x7b,0x86,0x63,0xb0,0xc9,0xe6,0xbd,0xc7,0x8e,0xde,0x03,0x18,0x98,0x82,0xc3,
10970xbb,0xf8,0x15,0x99,0x1a,0xa9,0xdd,0xb9,0x5d,0xb9,0xbd,0x53,0x95,0x25,0x76,
10980xfb,0x5c,0x53,0x90,0xea,0x01,0x0a,0xa0,0xb1,0xbf,0x09,0x1b,0x97,0x8f,0x40,
10990xfa,0x85,0x12,0x74,0x01,0xdb,0xf6,0xdb,0x09,0xd6,0x5f,0x4f,0xd7,0x17,0xb4,
11000xbf,0x9e,0x2f,0x86,0x52,0x5d,0x70,0x24,0x52,0x32,0x1e,0xa5,0x1d,0x39,0x8b,
11010x66,0xf6,0xba,0x9b,0x69,0x8e,0x12,0x60,0xdb,0xb6,0xcf,0xe6,0x0d,0xd6,0x1c,
11020x8f,0xd4,0x5b,0x4b,0x00,0xde,0x21,0x93,0xfb,0x6e,0xc7,0x3d,0xb4,0x66,0x0d,
11030x29,0x0c,0x4e,0xe9,0x3f,0x94,0xd6,0xd6,0xdc,0xec,0xf8,0x53,0x3b,0x62,0xd5,
11040x97,0x50,0x53,0x84,0x17,0xfe,0xe2,0xed,0x4c,0x23,0x0a,0x49,0xce,0x5b,0xe9,
11050x70,0x31,0xc1,0x04,0x02,0x02,0x6c,0xb8,0x52,0xcd,0xc7,0x4e,0x70,0xb4,0x13,
11060xd7,0xe0,0x92,0xba,0x44,0x1a,0x10,0x4c,0x6e,0x45,0xc6,0x86,0x04,0xc6,0x64,
11070xd3,0x9c,0x6e,0xc1,0x9c,0xac,0x74,0x3d,0x77,0x06,0x5e,0x28,0x28,0x5c,0xf5,
11080xe0,0x9c,0x19,0xd8,0xba,0x74,0x81,0x2d,0x67,0x77,0x93,0x8d,0xbf,0xd2,0x52,
11090x00,0xe6,0xa5,0x38,0x4e,0x2e,0x73,0x66,0x7a };
1110static BYTE iTunesIssuer[] = {
11110x30,0x81,0xb4,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,
11120x13,0x02,0x55,0x53,0x31,0x17,0x30,0x15,0x06,0x03,0x55,0x04,
11130x0a,0x13,0x0e,0x56,0x65,0x72,0x69,0x53,0x69,0x67,0x6e,0x2c,
11140x20,0x49,0x6e,0x63,0x2e,0x31,0x1f,0x30,0x1d,0x06,0x03,0x55,
11150x04,0x0b,0x13,0x16,0x56,0x65,0x72,0x69,0x53,0x69,0x67,0x6e,
11160x20,0x54,0x72,0x75,0x73,0x74,0x20,0x4e,0x65,0x74,0x77,0x6f,
11170x72,0x6b,0x31,0x3b,0x30,0x39,0x06,0x03,0x55,0x04,0x0b,0x13,
11180x32,0x54,0x65,0x72,0x6d,0x73,0x20,0x6f,0x66,0x20,0x75,0x73,
11190x65,0x20,0x61,0x74,0x20,0x68,0x74,0x74,0x70,0x73,0x3a,0x2f,
11200x2f,0x77,0x77,0x77,0x2e,0x76,0x65,0x72,0x69,0x73,0x69,0x67,
11210x6e,0x2e,0x63,0x6f,0x6d,0x2f,0x72,0x70,0x61,0x20,0x28,0x63,
11220x29,0x30,0x34,0x31,0x2e,0x30,0x2c,0x06,0x03,0x55,0x04,0x03,
11230x13,0x25,0x56,0x65,0x72,0x69,0x53,0x69,0x67,0x6e,0x20,0x43,
11240x6c,0x61,0x73,0x73,0x20,0x33,0x20,0x43,0x6f,0x64,0x65,0x20,
11250x53,0x69,0x67,0x6e,0x69,0x6e,0x67,0x20,0x32,0x30,0x30,0x34,
11260x20,0x43,0x41 };
11280x8d,0xf6,0x6a,0xdf,0xd2,0x40,0xfe,0xb6,0xa6,0x61,0x9b,0x9b,
11290xe0,0xa0,0x1a,0x0f };
1130
1131static void testFindCert(void)
1132{
1133 HCERTSTORE store;
1134 PCCERT_CONTEXT context = NULL, subject;
1135 BOOL ret;
1136 CERT_INFO certInfo = { 0 };
1138 BYTE otherSerialNumber[] = { 2 };
1139 DWORD count;
1140 static const WCHAR juan[] = { 'j','u','a','n',0 };
1141 static const WCHAR lang[] = { 'L','A','N','G',0 };
1142 static const WCHAR malcolm[] = { 'm','a','l','c','o','l','m',0 };
1143
1146 ok(store != NULL, "CertOpenStore failed: %d\n", GetLastError());
1147 if (!store)
1148 return;
1149
1152 ok(ret || broken(GetLastError() == OSS_DATA_ERROR /* win98 */),
1153 "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
1154 if (!ret && GetLastError() == OSS_DATA_ERROR)
1155 {
1156 skip("bigCert can't be decoded, skipping tests\n");
1157 return;
1158 }
1161 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n",
1162 GetLastError());
1163 /* This has the same name as bigCert */
1166 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n",
1167 GetLastError());
1168
1169 /* Crashes
1170 context = CertFindCertificateInStore(NULL, 0, 0, 0, NULL, NULL);
1171 */
1172
1173 /* Check first cert's there, by issuer */
1174 certInfo.Subject.pbData = subjectName;
1175 certInfo.Subject.cbData = sizeof(subjectName);
1176 certInfo.SerialNumber.pbData = serialNum;
1177 certInfo.SerialNumber.cbData = sizeof(serialNum);
1179 CERT_FIND_ISSUER_NAME, &certInfo.Subject, NULL);
1180 ok(context != NULL, "CertFindCertificateInStore failed: %08x\n",
1181 GetLastError());
1182 if (context)
1183 {
1186 ok(context != NULL, "Expected more than one cert\n");
1187 if (context)
1188 {
1190 0, CERT_FIND_ISSUER_NAME, &certInfo.Subject, context);
1191 ok(context == NULL, "Expected precisely two certs\n");
1192 }
1193 }
1194
1195 /* Check second cert's there as well, by subject name */
1196 certInfo.Subject.pbData = subjectName2;
1197 certInfo.Subject.cbData = sizeof(subjectName2);
1199 CERT_FIND_SUBJECT_NAME, &certInfo.Subject, NULL);
1200 ok(context != NULL, "CertFindCertificateInStore failed: %08x\n",
1201 GetLastError());
1202 if (context)
1203 {
1206 ok(context == NULL, "Expected one cert only\n");
1207 }
1208
1209 /* Strange but true: searching for the subject cert requires you to set
1210 * the issuer, not the subject
1211 */
1213 CERT_FIND_SUBJECT_CERT, &certInfo, NULL);
1214 ok(context == NULL, "Expected no certificate\n");
1215 certInfo.Subject.pbData = NULL;
1216 certInfo.Subject.cbData = 0;
1217 certInfo.Issuer.pbData = subjectName2;
1218 certInfo.Issuer.cbData = sizeof(subjectName2);
1220 CERT_FIND_SUBJECT_CERT, &certInfo, NULL);
1221 ok(context != NULL, "CertFindCertificateInStore failed: %08x\n",
1222 GetLastError());
1223 if (context)
1224 {
1226 CERT_FIND_SUBJECT_CERT, &certInfo, context);
1227 ok(context == NULL, "Expected one cert only\n");
1228 }
1229 /* A non-matching serial number will not match. */
1230 certInfo.SerialNumber.pbData = otherSerialNumber;
1231 certInfo.SerialNumber.cbData = sizeof(otherSerialNumber);
1233 CERT_FIND_SUBJECT_CERT, &certInfo, NULL);
1234 ok(context == NULL, "Expected no match\n");
1235 /* No serial number will not match */
1236 certInfo.SerialNumber.cbData = 0;
1238 CERT_FIND_SUBJECT_CERT, &certInfo, NULL);
1239 ok(context == NULL, "Expected no match\n");
1240 /* A serial number still won't match if the name doesn't */
1241 certInfo.SerialNumber.pbData = serialNum;
1242 certInfo.SerialNumber.cbData = sizeof(serialNum);
1243 certInfo.Issuer.pbData = subjectName3;
1244 certInfo.Issuer.cbData = sizeof(subjectName3);
1246 CERT_FIND_SUBJECT_CERT, &certInfo, NULL);
1247 ok(context == NULL, "Expected no match\n");
1248
1249 /* The nice thing about hashes, they're unique */
1250 blob.pbData = bigCertHash;
1251 blob.cbData = sizeof(bigCertHash);
1254 ok(context != NULL, "CertFindCertificateInStore failed: %08x\n",
1255 GetLastError());
1256 if (context)
1257 {
1259 CERT_FIND_SHA1_HASH, &certInfo.Subject, context);
1260 ok(context == NULL, "Expected one cert only\n");
1261 }
1262
1263 /* Searching for NULL string matches any context. */
1264 count = 0;
1265 context = NULL;
1266 do {
1269 if (context)
1270 count++;
1271 } while (context);
1272 ok(count == 3, "expected 3 contexts\n");
1273 count = 0;
1274 context = NULL;
1275 do {
1278 if (context)
1279 count++;
1280 } while (context);
1281 ok(count == 2, "expected 2 contexts\n");
1282 count = 0;
1283 context = NULL;
1284 do {
1287 if (context)
1288 count++;
1289 } while (context);
1290 ok(count == 3, "expected 3 contexts\n");
1291 SetLastError(0xdeadbeef);
1293 CERT_FIND_ISSUER_STR, malcolm, NULL);
1294 ok(!context, "expected no certs\n");
1296 "expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
1297
1298 CertCloseStore(store, 0);
1299
1300 /* Another subject cert search, using iTunes's certs */
1305 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n",
1306 GetLastError());
1309 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n",
1310 GetLastError());
1313 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n",
1314 GetLastError());
1316 iTunesCert3, sizeof(iTunesCert3), CERT_STORE_ADD_NEW, &subject);
1317 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n",
1318 GetLastError());
1319
1320 /* The certInfo's issuer does not match any subject, but the serial
1321 * number does match a cert whose issuer matches certInfo's issuer.
1322 * This yields a match.
1323 */
1324 certInfo.SerialNumber.cbData = sizeof(iTunesSerialNum);
1326 certInfo.Issuer.cbData = sizeof(iTunesIssuer);
1327 certInfo.Issuer.pbData = iTunesIssuer;
1329 CERT_FIND_SUBJECT_CERT, &certInfo, NULL);
1330 ok(context != NULL, "Expected a match\n");
1331 if (context)
1332 {
1333 ret = CertCompareCertificateName(context->dwCertEncodingType,
1334 &certInfo.Issuer, &context->pCertInfo->Subject);
1335 ok(!ret, "Expected subject name not to match\n");
1336 ret = CertCompareCertificateName(context->dwCertEncodingType,
1337 &certInfo.Issuer, &context->pCertInfo->Issuer);
1338 ok(ret, "Expected issuer name to match\n");
1340 &context->pCertInfo->SerialNumber);
1341 ok(ret, "Expected serial number to match\n");
1343 CERT_FIND_SUBJECT_CERT, &certInfo, context);
1344 ok(context == NULL, "Expected one cert only\n");
1345 }
1346
1348 CERT_FIND_ISSUER_OF, subject, NULL);
1349 ok(context != NULL, "Expected an issuer\n");
1350 if (context)
1351 {
1354
1355 ok(!none, "Expected no parent of issuer\n");
1357 }
1359 CertCloseStore(store, 0);
1360}
1361
1362static void testGetSubjectCert(void)
1363{
1364 HCERTSTORE store;
1365 PCCERT_CONTEXT context1, context2;
1366 CERT_INFO info = { 0 };
1367 BOOL ret;
1368
1371 ok(store != NULL, "CertOpenStore failed: %d\n", GetLastError());
1372 if (!store)
1373 return;
1374
1377 ok(ret || broken(GetLastError() == OSS_DATA_ERROR /* win98 */),
1378 "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
1379 if (!ret && GetLastError() == OSS_DATA_ERROR)
1380 {
1381 skip("bigCert can't be decoded, skipping tests\n");
1382 return;
1383 }
1385 bigCert2, sizeof(bigCert2), CERT_STORE_ADD_NEW, &context1);
1386 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n",
1387 GetLastError());
1388 ok(context1 != NULL, "Expected a context\n");
1391 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n",
1392 GetLastError());
1393
1395 NULL);
1396 ok(!context2 && GetLastError() == E_INVALIDARG,
1397 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1399 &info);
1400 ok(!context2 && GetLastError() == CRYPT_E_NOT_FOUND,
1401 "Expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
1402 info.SerialNumber.cbData = sizeof(serialNum);
1403 info.SerialNumber.pbData = serialNum;
1405 &info);
1406 ok(!context2 && GetLastError() == CRYPT_E_NOT_FOUND,
1407 "Expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
1408 info.Issuer.cbData = sizeof(subjectName2);
1409 info.Issuer.pbData = subjectName2;
1411 &info);
1412 ok(context2 != NULL,
1413 "CertGetSubjectCertificateFromStore failed: %08x\n", GetLastError());
1414 /* Not only should this find a context, but it should be the same
1415 * (same address) as context1.
1416 */
1417 ok(context1 == context2, "Expected identical context addresses\n");
1419
1421 CertCloseStore(store, 0);
1422}
1423
1424/* This expires in 1970 or so */
1425static const BYTE expiredCert[] = { 0x30, 0x82, 0x01, 0x33, 0x30, 0x81, 0xe2,
1426 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x10, 0xc4, 0xd7, 0x7f, 0x0e, 0x6f, 0xa6,
1427 0x8c, 0xaa, 0x47, 0x47, 0x40, 0xe7, 0xb7, 0x0b, 0x4a, 0x7f, 0x30, 0x09, 0x06,
1428 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1d, 0x05, 0x00, 0x30, 0x1f, 0x31, 0x1d, 0x30,
1429 0x1b, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x14, 0x61, 0x72, 0x69, 0x63, 0x40,
1430 0x63, 0x6f, 0x64, 0x65, 0x77, 0x65, 0x61, 0x76, 0x65, 0x72, 0x73, 0x2e, 0x63,
1431 0x6f, 0x6d, 0x30, 0x1e, 0x17, 0x0d, 0x36, 0x39, 0x30, 0x31, 0x30, 0x31, 0x30,
1432 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x17, 0x0d, 0x37, 0x30, 0x30, 0x31, 0x30,
1433 0x31, 0x30, 0x36, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x1f, 0x31, 0x1d, 0x30,
1434 0x1b, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x14, 0x61, 0x72, 0x69, 0x63, 0x40,
1435 0x63, 0x6f, 0x64, 0x65, 0x77, 0x65, 0x61, 0x76, 0x65, 0x72, 0x73, 0x2e, 0x63,
1436 0x6f, 0x6d, 0x30, 0x5c, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
1437 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x4b, 0x00, 0x30, 0x48, 0x02, 0x41,
1438 0x00, 0xa1, 0xaf, 0x4a, 0xea, 0xa7, 0x83, 0x57, 0xc0, 0x37, 0x33, 0x7e, 0x29,
1439 0x5e, 0x0d, 0xfc, 0x44, 0x74, 0x3a, 0x1d, 0xc3, 0x1b, 0x1d, 0x96, 0xed, 0x4e,
1440 0xf4, 0x1b, 0x98, 0xec, 0x69, 0x1b, 0x04, 0xea, 0x25, 0xcf, 0xb3, 0x2a, 0xf5,
1441 0xd9, 0x22, 0xd9, 0x8d, 0x08, 0x39, 0x81, 0xc6, 0xe0, 0x4f, 0x12, 0x37, 0x2a,
1442 0x3f, 0x80, 0xa6, 0x6c, 0x67, 0x43, 0x3a, 0xdd, 0x95, 0x0c, 0xbb, 0x2f, 0x6b,
1443 0x02, 0x03, 0x01, 0x00, 0x01, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02,
1444 0x1d, 0x05, 0x00, 0x03, 0x41, 0x00, 0x8f, 0xa2, 0x5b, 0xd6, 0xdf, 0x34, 0xd0,
1445 0xa2, 0xa7, 0x47, 0xf1, 0x13, 0x79, 0xd3, 0xf3, 0x39, 0xbd, 0x4e, 0x2b, 0xa3,
1446 0xf4, 0x63, 0x37, 0xac, 0x5a, 0x0c, 0x5e, 0x4d, 0x0d, 0x54, 0x87, 0x4f, 0x31,
1447 0xfb, 0xa0, 0xce, 0x8f, 0x9a, 0x2f, 0x4d, 0x48, 0xc6, 0x84, 0x8d, 0xf5, 0x70,
1448 0x74, 0x17, 0xa5, 0xf3, 0x66, 0x47, 0x06, 0xd6, 0x64, 0x45, 0xbc, 0x52, 0xef,
1449 0x49, 0xe5, 0xf9, 0x65, 0xf3 };
1450
1451/* This expires in 2036 or so */
1452static const BYTE childOfExpired[] = { 0x30, 0x81, 0xcc, 0x30, 0x78, 0xa0,
1453 0x03, 0x02, 0x01, 0x02, 0x02, 0x01, 0x01, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86,
1454 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x1f, 0x31, 0x1d,
1455 0x30, 0x1b, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x14, 0x61, 0x72, 0x69, 0x63,
1456 0x40, 0x63, 0x6f, 0x64, 0x65, 0x77, 0x65, 0x61, 0x76, 0x65, 0x72, 0x73, 0x2e,
1457 0x63, 0x6f, 0x6d, 0x30, 0x1e, 0x17, 0x0d, 0x30, 0x36, 0x30, 0x35, 0x30, 0x35,
1458 0x31, 0x37, 0x31, 0x32, 0x34, 0x39, 0x5a, 0x17, 0x0d, 0x33, 0x36, 0x30, 0x35,
1459 0x30, 0x35, 0x31, 0x37, 0x31, 0x32, 0x34, 0x39, 0x5a, 0x30, 0x15, 0x31, 0x13,
1460 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0a, 0x4a, 0x75, 0x61, 0x6e,
1461 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x07, 0x30, 0x02, 0x06, 0x00, 0x03,
1462 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
1463 0x01, 0x05, 0x05, 0x00, 0x03, 0x41, 0x00, 0x20, 0x3b, 0xdb, 0x4d, 0x67, 0x50,
1464 0xec, 0x73, 0x9d, 0xf9, 0x85, 0x5d, 0x18, 0xe9, 0xb4, 0x98, 0xe3, 0x31, 0xb7,
1465 0x03, 0x0b, 0xc0, 0x39, 0x93, 0x56, 0x81, 0x0a, 0xfc, 0x78, 0xa8, 0x29, 0x42,
1466 0x5f, 0x69, 0xfb, 0xbc, 0x5b, 0xf2, 0xa6, 0x2a, 0xbe, 0x91, 0x2c, 0xfc, 0x89,
1467 0x69, 0x15, 0x18, 0x58, 0xe5, 0x02, 0x75, 0xf7, 0x2a, 0xb6, 0xa9, 0xfb, 0x47,
1468 0x6a, 0x6e, 0x0a, 0x9b, 0xe9, 0xdc };
1469/* chain10_0 -+
1470 * +-> chain7_1
1471 * chain10_1 -+
1472 * A chain with two issuers, only one of whose dates is valid.
1473 */
1474static const BYTE chain10_0[] = {
14750x30,0x82,0x01,0x9b,0x30,0x82,0x01,0x08,0xa0,0x03,0x02,0x01,0x02,0x02,0x10,
14760x4a,0x30,0x3a,0x42,0xa2,0x5a,0xb3,0x93,0x4d,0x94,0x06,0xad,0x6d,0x1c,0x34,
14770xe6,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31,
14780x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31,
14790x30,0x1e,0x17,0x0d,0x30,0x36,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,
14800x30,0x5a,0x17,0x0d,0x30,0x36,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35,
14810x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,
14820x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,
14830x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89,
14840x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82,
14850x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34,
14860x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7,
14870x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91,
14880xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5,
14890x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd,
14900x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c,
14910xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35,
14920x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01,
14930x00,0x01,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x03,0x81,
14940x81,0x00,0x85,0x6e,0x35,0x2f,0x2c,0x51,0x4f,0xd6,0x2a,0xe4,0x9e,0xd0,0x4b,
14950xe6,0x90,0xfd,0xf7,0x20,0xad,0x76,0x3f,0x93,0xea,0x7f,0x0d,0x1f,0xb3,0x8e,
14960xfd,0xe0,0xe1,0xd6,0xd7,0x9c,0x7d,0x46,0x6b,0x15,0x5c,0xe6,0xc9,0x62,0x3b,
14970x70,0x4a,0x4b,0xb2,0x82,0xe3,0x55,0x0c,0xc4,0x90,0x44,0x06,0x6c,0x86,0x1c,
14980x6d,0x47,0x12,0xda,0x33,0x95,0x5d,0x98,0x43,0xcb,0x7c,0xfa,0x2b,0xee,0xc4,
14990x2d,0xc8,0x95,0x33,0x89,0x08,0x3f,0x9f,0x87,0xea,0x20,0x04,0xaf,0x58,0x4b,
15000x9d,0xc0,0x7c,0x0a,0x1b,0x05,0x31,0x3b,0xbb,0x13,0x58,0x2e,0x3f,0x61,0x6b,
15010x10,0xb4,0xeb,0xb9,0x1a,0x30,0xfd,0xea,0xca,0x29,0x99,0x5f,0x42,0x2b,0x00,
15020xb0,0x08,0xc3,0xf0,0xb6,0xd6,0x6b,0xf9,0x35,0x95 };
1503static const BYTE chain10_1[] = {
15040x30,0x82,0x01,0x9b,0x30,0x82,0x01,0x08,0xa0,0x03,0x02,0x01,0x02,0x02,0x10,
15050xbf,0x99,0x4f,0x14,0x03,0x77,0x44,0xb8,0x49,0x02,0x70,0xa1,0xb8,0x9c,0xa7,
15060x24,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31,
15070x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31,
15080x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,
15090x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35,
15100x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,
15110x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,
15120x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89,
15130x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82,
15140x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34,
15150x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7,
15160x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91,
15170xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5,
15180x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd,
15190x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c,
15200xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35,
15210x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01,
15220x00,0x01,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x03,0x81,
15230x81,0x00,0xa8,0xec,0x8c,0x34,0xe7,0x2c,0xdf,0x75,0x87,0xc4,0xf7,0xda,0x71,
15240x72,0x29,0xb2,0x48,0xa8,0x2a,0xec,0x7b,0x7d,0x19,0xb9,0x5f,0x1d,0xd9,0x91,
15250x2b,0xc4,0x28,0x7e,0xd6,0xb5,0x91,0x69,0xa5,0x8a,0x1a,0x1f,0x97,0x98,0x46,
15260x9d,0xdf,0x12,0xf6,0x45,0x62,0xad,0x60,0xb6,0xba,0xb0,0xfd,0xf5,0x9f,0xc6,
15270x98,0x05,0x4f,0x4d,0x48,0xdc,0xee,0x69,0xbe,0xb8,0xc4,0xc4,0xd7,0x1b,0xb1,
15280x1f,0x64,0xd6,0x45,0xa7,0xdb,0xb3,0x87,0x63,0x0f,0x54,0xe1,0x3a,0x6b,0x57,
15290x36,0xd7,0x68,0x65,0xcf,0xda,0x57,0x8d,0xcd,0x84,0x75,0x47,0x26,0x2c,0xef,
15300x1e,0x8f,0xc7,0x3b,0xee,0x5d,0x03,0xa6,0xdf,0x3a,0x20,0xb2,0xcc,0xc9,0x09,
15310x2c,0xfe,0x2b,0x79,0xb0,0xca,0x2c,0x9a,0x81,0x6b };
1532static const BYTE chain7_1[] = {
15330x30,0x82,0x01,0x93,0x30,0x81,0xfd,0xa0,0x03,0x02,0x01,0x02,0x02,0x01,0x01,
15340x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,
15350x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,
15360x72,0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,
15370x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,
15380x35,0x39,0x35,0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,
15390x03,0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,
15400x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,
15410x30,0x81,0x89,0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5,0x33,
15420x0e,0x67,0x5f,0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6,0xdc,
15430xb6,0x17,0x8e,0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7,0x48,
15440x9f,0x6e,0xfe,0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b,0x47,
15450xd1,0x57,0x71,0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b,0x05,
15460x72,0xa7,0x87,0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc,0x6a,
15470x80,0x83,0x68,0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85,0x85,
15480xb5,0x46,0x36,0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2,0xd3,
15490x51,0x9a,0x22,0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72,0xa3,
15500x02,0x03,0x01,0x00,0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,
15510x01,0x01,0x05,0x05,0x00,0x03,0x81,0x81,0x00,0x9f,0x69,0xfd,0x26,0xd5,0x4b,
15520xe0,0xab,0x12,0x21,0xb9,0xfc,0xf7,0xe0,0x0c,0x09,0x94,0xad,0x27,0xd7,0x9d,
15530xa3,0xcc,0x46,0x2a,0x25,0x9a,0x24,0xa7,0x31,0x58,0x78,0xf5,0xfc,0x30,0xe1,
15540x6d,0xfd,0x59,0xab,0xbe,0x69,0xa0,0xea,0xe3,0x7d,0x7a,0x7b,0xe5,0x85,0xeb,
15550x86,0x6a,0x84,0x3c,0x96,0x01,0x1a,0x70,0xa7,0xb8,0xcb,0xf2,0x11,0xe7,0x52,
15560x9c,0x58,0x2d,0xac,0x63,0xce,0x72,0x4b,0xad,0x62,0xa8,0x1d,0x75,0x96,0xe2,
15570x27,0xf5,0x6f,0xba,0x91,0xf8,0xf1,0xb0,0xbf,0x90,0x24,0x6d,0xba,0x5d,0xd7,
15580x39,0x63,0x3b,0x7c,0x04,0x5d,0x89,0x9d,0x1c,0xf2,0xf7,0xcc,0xdf,0x6e,0x8a,
15590x43,0xa9,0xdd,0x86,0x05,0xa2,0xf3,0x22,0x2d,0x1e,0x70,0xa1,0x59,0xd7,0xa5,
15600x94,0x7d };
1561
1562static void testGetIssuerCert(void)
1563{
1564 BOOL ret;
1566 DWORD flags = 0xffffffff, size;
1567 CERT_NAME_BLOB certsubject;
1568 BYTE *certencoded;
1569 WCHAR rootW[] = {'R', 'O', 'O', 'T', '\0'},
1570 certname[] = {'C', 'N', '=', 'd', 'u', 'm', 'm', 'y', ',', ' ', 'T', '=', 'T', 'e', 's', 't', '\0'};
1573
1574 ok(store != NULL, "CertOpenStore failed: %08x\n", GetLastError());
1575
1578 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n",
1579 GetLastError());
1580
1583 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n",
1584 GetLastError());
1585
1586 /* These crash:
1587 parent = CertGetIssuerCertificateFromStore(NULL, NULL, NULL, NULL);
1588 parent = CertGetIssuerCertificateFromStore(store, NULL, NULL, NULL);
1589 */
1592 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1595 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1598 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1599 /* Confusing: the caller cannot set either of the
1600 * CERT_STORE_NO_*_FLAGs, as these are not checks,
1601 * they're results:
1602 */
1606 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1607 /* Perform no checks */
1608 flags = 0;
1610 ok(parent != NULL, "CertGetIssuerCertificateFromStore failed: %08x\n",
1611 GetLastError());
1612 if (parent)
1614 /* Check revocation and signature only */
1617 ok(parent != NULL, "CertGetIssuerCertificateFromStore failed: %08x\n",
1618 GetLastError());
1619 /* Confusing: CERT_STORE_REVOCATION_FLAG succeeds when there is no CRL by
1620 * setting CERT_STORE_NO_CRL_FLAG.
1621 */
1623 "Expected CERT_STORE_REVOCATION_FLAG | CERT_STORE_NO_CRL_FLAG, got %08x\n",
1624 flags);
1625 if (parent)
1627 /* Checking time validity is not productive, because while most Windows
1628 * versions return 0 (time valid) because the child is not expired,
1629 * Windows 2003 SP1 returns that it is expired. Thus the range of
1630 * possibilities is covered, and a test verifies nothing.
1631 */
1632
1634 CertCloseStore(store, 0);
1635
1636 flags = 0;
1639 /* With only the child certificate, no issuer will be found */
1642 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
1644 ok(parent == NULL, "Expected no issuer\n");
1645 ok(GetLastError() == CRYPT_E_NOT_FOUND, "Expected CRYPT_E_NOT_FOUND, got %08X\n", GetLastError());
1646 /* Adding an issuer allows one (and only one) issuer to be found */
1649 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
1651 ok(parent == cert1, "Expected cert1 to be the issuer\n");
1653 ok(parent == NULL, "Expected only one issuer\n");
1654 ok(GetLastError() == CRYPT_E_NOT_FOUND, "Expected CRYPT_E_NOT_FOUND, got %08X\n", GetLastError());
1655 /* Adding a second issuer allows two issuers to be found - and the second
1656 * issuer is found before the first, implying certs are added to the head
1657 * of a list.
1658 */
1661 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
1663 ok(parent == cert2, "Expected cert2 to be the first issuer\n");
1665 ok(parent == cert1, "Expected cert1 to be the second issuer\n");
1667 ok(parent == NULL, "Expected no more than two issuers\n");
1668 ok(GetLastError() == CRYPT_E_NOT_FOUND, "Expected CRYPT_E_NOT_FOUND, got %08X\n", GetLastError());
1672 CertCloseStore(store, 0);
1673
1674 /* Repeat the test, reversing the order in which issuers are added,
1675 * to show it's order-dependent.
1676 */
1679 /* With only the child certificate, no issuer will be found */
1682 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
1684 ok(parent == NULL, "Expected no issuer\n");
1685 ok(GetLastError() == CRYPT_E_NOT_FOUND, "Expected CRYPT_E_NOT_FOUND, got %08X\n", GetLastError());
1686 /* Adding an issuer allows one (and only one) issuer to be found */
1689 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
1691 ok(parent == cert1, "Expected cert1 to be the issuer\n");
1693 ok(parent == NULL, "Expected only one issuer\n");
1694 ok(GetLastError() == CRYPT_E_NOT_FOUND, "Expected CRYPT_E_NOT_FOUND, got %08X\n", GetLastError());
1695 /* Adding a second issuer allows two issuers to be found - and the second
1696 * issuer is found before the first, implying certs are added to the head
1697 * of a list.
1698 */
1701 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
1703 ok(parent == cert2, "Expected cert2 to be the first issuer\n");
1705 ok(parent == cert1, "Expected cert1 to be the second issuer\n");
1707 ok(parent == NULL, "Expected no more than two issuers\n");
1708 ok(GetLastError() == CRYPT_E_NOT_FOUND, "Expected CRYPT_E_NOT_FOUND, got %08X\n", GetLastError());
1709
1710 /* Self-sign a certificate, add to the store and test getting the issuer */
1711 size = 0;
1713 "CertStrToName should have worked\n");
1714 certencoded = HeapAlloc(GetProcessHeap(), 0, size);
1715 ok(CertStrToNameW(X509_ASN_ENCODING, certname, CERT_X500_NAME_STR, NULL, certencoded, &size, NULL),
1716 "CertStrToName should have worked\n");
1717 certsubject.pbData = certencoded;
1718 certsubject.cbData = size;
1719 cert3 = CertCreateSelfSignCertificate(0, &certsubject, 0, NULL, NULL, NULL, NULL, NULL);
1720 ok(cert3 != NULL, "CertCreateSelfSignCertificate should have worked\n");
1722 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError());
1724 cert3 = CertEnumCertificatesInStore(store, NULL);
1725 ok(cert3 != NULL, "CertEnumCertificatesInStore should have worked\n");
1726 SetLastError(0xdeadbeef);
1727 flags = 0;
1729 ok(!parent, "Expected NULL\n");
1731 "Expected CRYPT_E_SELF_SIGNED, got %08X\n", GetLastError());
1735 CertCloseStore(store, 0);
1736 HeapFree(GetProcessHeap(), 0, certencoded);
1737
1738 /* Test root storage self-signed certificate */
1740 ok(store != NULL, "CertOpenStore failed: %08x\n", GetLastError());
1741 flags = 0;
1743 ok(cert1 != NULL, "CertEnumCertificatesInStore should have worked\n");
1744 SetLastError(0xdeadbeef);
1746 ok(!parent, "Expected NULL\n");
1748 "Expected CRYPT_E_SELF_SIGNED, got %08X\n", GetLastError());
1749 CertCloseStore(store, 0);
1750}
1751
1752static void testCryptHashCert(void)
1753{
1754 static const BYTE emptyHash[] = { 0xda, 0x39, 0xa3, 0xee, 0x5e, 0x6b, 0x4b,
1755 0x0d, 0x32, 0x55, 0xbf, 0xef, 0x95, 0x60, 0x18, 0x90, 0xaf, 0xd8, 0x07,
1756 0x09 };
1757 static const BYTE knownHash[] = { 0xae, 0x9d, 0xbf, 0x6d, 0xf5, 0x46, 0xee,
1758 0x8b, 0xc5, 0x7a, 0x13, 0xba, 0xc2, 0xb1, 0x04, 0xf2, 0xbf, 0x52, 0xa8,
1759 0xa2 };
1760 static const BYTE toHash[] = "abcdefghijklmnopqrstuvwxyz0123456789.,;!?:";
1761 BOOL ret;
1762 BYTE hash[20];
1763 DWORD hashLen = sizeof(hash);
1764
1765 /* NULL buffer and nonzero length crashes
1766 ret = CryptHashCertificate(0, 0, 0, NULL, size, hash, &hashLen);
1767 empty hash length also crashes
1768 ret = CryptHashCertificate(0, 0, 0, buf, size, hash, NULL);
1769 */
1770 /* Test empty hash */
1771 ret = CryptHashCertificate(0, 0, 0, toHash, sizeof(toHash), NULL,
1772 &hashLen);
1773 ok(ret, "CryptHashCertificate failed: %08x\n", GetLastError());
1774 ok(hashLen == sizeof(hash), "Got unexpected size of hash %d\n", hashLen);
1775 /* Test with empty buffer */
1776 ret = CryptHashCertificate(0, 0, 0, NULL, 0, hash, &hashLen);
1777 ok(ret, "CryptHashCertificate failed: %08x\n", GetLastError());
1778 ok(!memcmp(hash, emptyHash, sizeof(emptyHash)),
1779 "Unexpected hash of nothing\n");
1780 /* Test a known value */
1781 ret = CryptHashCertificate(0, 0, 0, toHash, sizeof(toHash), hash,
1782 &hashLen);
1783 ok(ret, "CryptHashCertificate failed: %08x\n", GetLastError());
1784 ok(!memcmp(hash, knownHash, sizeof(knownHash)), "Unexpected hash\n");
1785}
1786
1787static void verifySig(HCRYPTPROV csp, const BYTE *toSign, size_t toSignLen,
1788 const BYTE *sig, unsigned int sigLen)
1789{
1791 BOOL ret = CryptCreateHash(csp, CALG_SHA1, 0, 0, &hash);
1792
1793 ok(ret, "CryptCreateHash failed: %08x\n", GetLastError());
1794 if (ret)
1795 {
1796 BYTE mySig[64];
1797 DWORD mySigSize = sizeof(mySig);
1798
1799 ret = CryptHashData(hash, toSign, toSignLen, 0);
1800 ok(ret, "CryptHashData failed: %08x\n", GetLastError());
1801 /* use the A variant so the test can run on Win9x */
1802 ret = CryptSignHashA(hash, AT_SIGNATURE, NULL, 0, mySig, &mySigSize);
1803 ok(ret, "CryptSignHash failed: %08x\n", GetLastError());
1804 if (ret)
1805 {
1806 ok(mySigSize == sigLen, "Expected sig length %d, got %d\n",
1807 sigLen, mySigSize);
1808 ok(!memcmp(mySig, sig, sigLen), "Unexpected signature\n");
1809 }
1811 }
1812}
1813
1814/* Tests signing the certificate described by toBeSigned with the CSP passed in,
1815 * using the algorithm with OID sigOID. The CSP is assumed to be empty, and a
1816 * keyset named AT_SIGNATURE will be added to it. The signature will be stored
1817 * in sig. sigLen should be at least 64 bytes.
1818 */
1819static void testSignCert(HCRYPTPROV csp, const CRYPT_DATA_BLOB *toBeSigned,
1820 LPCSTR sigOID, BYTE *sig, DWORD *sigLen)
1821{
1822 BOOL ret;
1823 DWORD size = 0;
1824 CRYPT_ALGORITHM_IDENTIFIER algoID = { NULL, { 0, NULL } };
1825 HCRYPTKEY key;
1826
1827 /* These all crash
1828 ret = CryptSignCertificate(0, 0, 0, NULL, 0, NULL, NULL, NULL, NULL);
1829 ret = CryptSignCertificate(0, 0, 0, NULL, 0, NULL, NULL, NULL, &size);
1830 ret = CryptSignCertificate(0, 0, 0, toBeSigned->pbData, toBeSigned->cbData,
1831 NULL, NULL, NULL, &size);
1832 */
1833 ret = CryptSignCertificate(0, 0, 0, toBeSigned->pbData, toBeSigned->cbData,
1834 &algoID, NULL, NULL, &size);
1835 ok(!ret && GetLastError() == NTE_BAD_ALGID,
1836 "Expected NTE_BAD_ALGID, got %08x\n", GetLastError());
1837 algoID.pszObjId = (LPSTR)sigOID;
1838 ret = CryptSignCertificate(0, 0, 0, toBeSigned->pbData, toBeSigned->cbData,
1839 &algoID, NULL, NULL, &size);
1840 ok(!ret &&
1842 "Expected ERROR_INVALID_PARAMETER or NTE_BAD_ALGID, got %08x\n",
1843 GetLastError());
1844 ret = CryptSignCertificate(0, AT_SIGNATURE, 0, toBeSigned->pbData,
1845 toBeSigned->cbData, &algoID, NULL, NULL, &size);
1846 ok(!ret &&
1848 "Expected ERROR_INVALID_PARAMETER or NTE_BAD_ALGID, got %08x\n",
1849 GetLastError());
1850
1851 /* No keys exist in the new CSP yet.. */
1852 ret = CryptSignCertificate(csp, AT_SIGNATURE, 0, toBeSigned->pbData,
1853 toBeSigned->cbData, &algoID, NULL, NULL, &size);
1855 NTE_NO_KEY), "Expected NTE_BAD_KEYSET or NTE_NO_KEY, got %08x\n",
1856 GetLastError());
1857 ret = CryptGenKey(csp, AT_SIGNATURE, 0, &key);
1858 ok(ret, "CryptGenKey failed: %08x\n", GetLastError());
1859 if (ret)
1860 {
1861 ret = CryptSignCertificate(csp, AT_SIGNATURE, 0, toBeSigned->pbData,
1862 toBeSigned->cbData, &algoID, NULL, NULL, &size);
1863 ok(ret, "CryptSignCertificate failed: %08x\n", GetLastError());
1864 ok(size <= *sigLen, "Expected size <= %d, got %d\n", *sigLen, size);
1865 if (ret)
1866 {
1867 ret = CryptSignCertificate(csp, AT_SIGNATURE, 0, toBeSigned->pbData,
1868 toBeSigned->cbData, &algoID, NULL, sig, &size);
1869 ok(ret, "CryptSignCertificate failed: %08x\n", GetLastError());
1870 if (ret)
1871 {
1872 *sigLen = size;
1873 verifySig(csp, toBeSigned->pbData, toBeSigned->cbData, sig,
1874 size);
1875 }
1876 }
1878 }
1879}
1880
1881static void testVerifyCertSig(HCRYPTPROV csp, const CRYPT_DATA_BLOB *toBeSigned,
1882 LPCSTR sigOID, const BYTE *sig, DWORD sigLen)
1883{
1885 LPBYTE cert = NULL;
1886 DWORD size = 0;
1887 BOOL ret;
1888
1889 if (!pCryptEncodeObjectEx)
1890 {
1891 win_skip("no CryptEncodeObjectEx support\n");
1892 return;
1893 }
1896 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
1899 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
1901 NULL);
1902 ok(!ret && (GetLastError() == CRYPT_E_ASN1_EOD ||
1904 "Expected CRYPT_E_ASN1_EOD or OSS_BAD_ARG, got %08x\n", GetLastError());
1905 info.ToBeSigned.cbData = toBeSigned->cbData;
1906 info.ToBeSigned.pbData = toBeSigned->pbData;
1907 info.SignatureAlgorithm.pszObjId = (LPSTR)sigOID;
1908 info.SignatureAlgorithm.Parameters.cbData = 0;
1909 info.Signature.cbData = sigLen;
1910 info.Signature.pbData = (BYTE *)sig;
1911 info.Signature.cUnusedBits = 0;
1912 ret = pCryptEncodeObjectEx(X509_ASN_ENCODING, X509_CERT, &info,
1914 ok(ret, "CryptEncodeObjectEx failed: %08x\n", GetLastError());
1915 if (cert)
1916 {
1917 PCERT_PUBLIC_KEY_INFO pubKeyInfo = NULL;
1918 DWORD pubKeySize;
1919
1920 if (0)
1921 {
1922 /* Crashes prior to Vista */
1924 cert, size, NULL);
1925 }
1927 (LPSTR)sigOID, 0, NULL, NULL, &pubKeySize);
1928 pubKeyInfo = HeapAlloc(GetProcessHeap(), 0, pubKeySize);
1929 if (pubKeyInfo)
1930 {
1932 X509_ASN_ENCODING, (LPSTR)sigOID, 0, NULL, pubKeyInfo,
1933 &pubKeySize);
1934 ok(ret, "CryptExportKey failed: %08x\n", GetLastError());
1935 if (ret)
1936 {
1938 cert, size, pubKeyInfo);
1939 ok(ret, "CryptVerifyCertificateSignature failed: %08x\n",
1940 GetLastError());
1941 }
1942 HeapFree(GetProcessHeap(), 0, pubKeyInfo);
1943 }
1944 LocalFree(cert);
1945 }
1946}
1947
1948static void testVerifyCertSigEx(HCRYPTPROV csp, const CRYPT_DATA_BLOB *toBeSigned,
1949 LPCSTR sigOID, const BYTE *sig, DWORD sigLen)
1950{
1952 LPBYTE cert = NULL;
1953 DWORD size = 0;
1954 BOOL ret;
1955
1956 if (!pCryptVerifyCertificateSignatureEx)
1957 {
1958 win_skip("no CryptVerifyCertificateSignatureEx support\n");
1959 return;
1960 }
1961 if (!pCryptEncodeObjectEx)
1962 {
1963 win_skip("no CryptEncodeObjectEx support\n");
1964 return;
1965 }
1966 ret = pCryptVerifyCertificateSignatureEx(0, 0, 0, NULL, 0, NULL, 0, NULL);
1968 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1969 ret = pCryptVerifyCertificateSignatureEx(csp, 0, 0, NULL, 0, NULL, 0, NULL);
1971 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1972 ret = pCryptVerifyCertificateSignatureEx(csp, X509_ASN_ENCODING, 0, NULL, 0,
1973 NULL, 0, NULL);
1975 "Expected E_INVALIDARG, got %08x\n", GetLastError());
1976 /* This crashes
1977 ret = pCryptVerifyCertificateSignatureEx(csp, X509_ASN_ENCODING,
1978 CRYPT_VERIFY_CERT_SIGN_SUBJECT_BLOB, NULL, 0, NULL, 0, NULL);
1979 */
1980 info.ToBeSigned.cbData = toBeSigned->cbData;
1981 info.ToBeSigned.pbData = toBeSigned->pbData;
1982 info.SignatureAlgorithm.pszObjId = (LPSTR)sigOID;
1983 info.SignatureAlgorithm.Parameters.cbData = 0;
1984 info.Signature.cbData = sigLen;
1985 info.Signature.pbData = (BYTE *)sig;
1986 info.Signature.cUnusedBits = 0;
1987 ret = pCryptEncodeObjectEx(X509_ASN_ENCODING, X509_CERT, &info,
1989 ok(ret, "CryptEncodeObjectEx failed: %08x\n", GetLastError());
1990 if (cert)
1991 {
1992 CRYPT_DATA_BLOB certBlob = { 0, NULL };
1993 PCERT_PUBLIC_KEY_INFO pubKeyInfo = NULL;
1994
1995 ret = pCryptVerifyCertificateSignatureEx(csp, X509_ASN_ENCODING,
1996 CRYPT_VERIFY_CERT_SIGN_SUBJECT_BLOB, &certBlob, 0, NULL, 0, NULL);
1998 "Expected CRYPT_E_ASN1_EOD, got %08x\n", GetLastError());
1999 certBlob.cbData = 1;
2000 certBlob.pbData = (void *)0xdeadbeef;
2001 ret = pCryptVerifyCertificateSignatureEx(csp, X509_ASN_ENCODING,
2002 CRYPT_VERIFY_CERT_SIGN_SUBJECT_BLOB, &certBlob, 0, NULL, 0, NULL);
2004 GetLastError() == CRYPT_E_ASN1_EOD /* Win9x */ ||
2005 GetLastError() == CRYPT_E_ASN1_BADTAG /* Win98 */),
2006 "Expected STATUS_ACCESS_VIOLATION, CRYPT_E_ASN1_EOD, OR CRYPT_E_ASN1_BADTAG, got %08x\n",
2007 GetLastError());
2008
2009 certBlob.cbData = size;
2010 certBlob.pbData = cert;
2011 ret = pCryptVerifyCertificateSignatureEx(csp, X509_ASN_ENCODING,
2012 CRYPT_VERIFY_CERT_SIGN_SUBJECT_BLOB, &certBlob, 0, NULL, 0, NULL);
2014 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2015 ret = pCryptVerifyCertificateSignatureEx(csp, X509_ASN_ENCODING,
2019 "Expected E_INVALIDARG, got %08x\n", GetLastError());
2020 /* This crashes
2021 ret = pCryptVerifyCertificateSignatureEx(csp, X509_ASN_ENCODING,
2022 CRYPT_VERIFY_CERT_SIGN_SUBJECT_BLOB, &certBlob,
2023 CRYPT_VERIFY_CERT_SIGN_ISSUER_PUBKEY, NULL, 0, NULL);
2024 */
2026 (LPSTR)sigOID, 0, NULL, NULL, &size);
2027 pubKeyInfo = HeapAlloc(GetProcessHeap(), 0, size);
2028 if (pubKeyInfo)
2029 {
2031 X509_ASN_ENCODING, (LPSTR)sigOID, 0, NULL, pubKeyInfo, &size);
2032 ok(ret, "CryptExportKey failed: %08x\n", GetLastError());
2033 if (ret)
2034 {
2035 ret = pCryptVerifyCertificateSignatureEx(csp, X509_ASN_ENCODING,
2038 ok(ret, "CryptVerifyCertificateSignatureEx failed: %08x\n",
2039 GetLastError());
2040 }
2041 HeapFree(GetProcessHeap(), 0, pubKeyInfo);
2042 }
2043 LocalFree(cert);
2044 }
2045}
2046
2047static BYTE emptyCert[] = { 0x30, 0x00 };
2048
2049static void testCertSigs(void)
2050{
2051 HCRYPTPROV csp;
2052 CRYPT_DATA_BLOB toBeSigned = { sizeof(emptyCert), emptyCert };
2053 BOOL ret;
2054 BYTE sig[64];
2055 DWORD sigSize = sizeof(sig);
2056
2057 /* Just in case a previous run failed, delete this thing */
2058 pCryptAcquireContextA(&csp, cspNameA, MS_DEF_PROV_A, PROV_RSA_FULL,
2060 ret = pCryptAcquireContextA(&csp, cspNameA, MS_DEF_PROV_A, PROV_RSA_FULL,
2062 ok(ret, "CryptAcquireContext failed: %08x\n", GetLastError());
2063
2064 testSignCert(csp, &toBeSigned, szOID_RSA_SHA1RSA, sig, &sigSize);
2065 testVerifyCertSig(csp, &toBeSigned, szOID_RSA_SHA1RSA, sig, sigSize);
2066 testVerifyCertSigEx(csp, &toBeSigned, szOID_RSA_SHA1RSA, sig, sigSize);
2067
2068 CryptReleaseContext(csp, 0);
2069 ret = pCryptAcquireContextA(&csp, cspNameA, MS_DEF_PROV_A, PROV_RSA_FULL,
2071 ok(ret, "CryptAcquireContext failed: %08x\n", GetLastError());
2072}
2073
2074static const BYTE md5SignedEmptyCert[] = {
20750x30,0x56,0x30,0x33,0x02,0x00,0x30,0x02,0x06,0x00,0x30,0x22,0x18,0x0f,0x31,0x36,
20760x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x18,0x0f,0x31,
20770x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x07,
20780x30,0x02,0x06,0x00,0x03,0x01,0x00,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,
20790x0d,0x02,0x05,0x05,0x00,0x03,0x11,0x00,0xfb,0x0f,0x66,0x82,0x66,0xd9,0xe5,0xf8,
20800xd8,0xa2,0x55,0x2b,0xe1,0xa5,0xd9,0x04 };
20820x30,0x54,0x30,0x33,0x02,0x00,0x30,0x02,0x06,0x00,0x30,0x22,0x18,0x0f,0x31,0x36,
20830x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x18,0x0f,0x31,
20840x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x07,
20850x30,0x02,0x06,0x00,0x03,0x01,0x00,0x30,0x0a,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,
20860x0d,0x02,0x05,0x03,0x11,0x00,0x04,0xd9,0xa5,0xe1,0x2b,0x55,0xa2,0xd8,0xf8,0xe5,
20870xd9,0x66,0x82,0x66,0x0f,0xfb };
2088
2089static void testSignAndEncodeCert(void)
2090{
2091 static char oid_rsa_md5rsa[] = szOID_RSA_MD5RSA;
2092 static char oid_rsa_md5[] = szOID_RSA_MD5;
2093 BOOL ret;
2094 DWORD size;
2095 CRYPT_ALGORITHM_IDENTIFIER algID = { 0 };
2096 CERT_INFO info = { 0 };
2097
2098 /* Crash
2099 ret = CryptSignAndEncodeCertificate(0, 0, 0, NULL, NULL, NULL, NULL, NULL,
2100 NULL);
2101 ret = CryptSignAndEncodeCertificate(0, 0, 0, NULL, NULL, NULL, NULL, NULL,
2102 &size);
2103 */
2104 ret = CryptSignAndEncodeCertificate(0, 0, 0, NULL, NULL, &algID, NULL, NULL,
2105 &size);
2107 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
2109 &algID, NULL, NULL, &size);
2111 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
2113 &algID, NULL, NULL, &size);
2115 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
2116 /* Crashes on some win9x boxes */
2117 if (0)
2118 {
2122 "Expected STATUS_ACCESS_VIOLATION, got %08x\n", GetLastError());
2123 }
2124 /* Crashes
2125 ret = CryptSignAndEncodeCertificate(0, 0, X509_ASN_ENCODING,
2126 X509_CERT_TO_BE_SIGNED, &info, NULL, NULL, NULL, &size);
2127 */
2129 X509_CERT_TO_BE_SIGNED, &info, &algID, NULL, NULL, &size);
2130 ok(!ret &&
2132 GetLastError() == OSS_BAD_PTR), /* win9x */
2133 "Expected NTE_BAD_ALGID, got %08x\n", GetLastError());
2134 algID.pszObjId = oid_rsa_md5rsa;
2136 X509_CERT_TO_BE_SIGNED, &info, &algID, NULL, NULL, &size);
2137 ok(!ret &&
2140 GetLastError() == OSS_BAD_PTR), /* Win9x */
2141 "Expected ERROR_INVALID_PARAMETER or NTE_BAD_ALGID, got %08x\n",
2142 GetLastError());
2143 algID.pszObjId = oid_rsa_md5;
2145 X509_CERT_TO_BE_SIGNED, &info, &algID, NULL, NULL, &size);
2146 /* oid_rsa_md5 not present in some win2k */
2147 if (ret)
2148 {
2150
2151 if (buf)
2152 {
2154 X509_CERT_TO_BE_SIGNED, &info, &algID, NULL, buf, &size);
2155 ok(ret, "CryptSignAndEncodeCertificate failed: %08x\n",
2156 GetLastError());
2157 /* Tricky: because the NULL parameters may either be omitted or
2158 * included as an asn.1-encoded NULL (0x05,0x00), two different
2159 * values are allowed.
2160 */
2161 ok(size == sizeof(md5SignedEmptyCert) ||
2162 size == sizeof(md5SignedEmptyCertNoNull), "Unexpected size %d\n",
2163 size);
2164 if (size == sizeof(md5SignedEmptyCert))
2166 "Unexpected value\n");
2167 else if (size == sizeof(md5SignedEmptyCertNoNull))
2169 "Unexpected value\n");
2171 }
2172 }
2173}
2174
2175static void testCreateSelfSignCert(void)
2176{
2179 HCRYPTPROV csp;
2180 BOOL ret;
2181 HCRYPTKEY key;
2183
2184 if (!pCertCreateSelfSignCertificate)
2185 {
2186 win_skip("CertCreateSelfSignCertificate() is not available\n");
2187 return;
2188 }
2189
2190 /* This crashes:
2191 context = pCertCreateSelfSignCertificate(0, NULL, 0, NULL, NULL, NULL, NULL,
2192 NULL);
2193 * Calling this with no first parameter creates a new key container, which
2194 * lasts beyond the test, so I don't test that. Nb: the generated key
2195 * name is a GUID.
2196 context = pCertCreateSelfSignCertificate(0, &name, 0, NULL, NULL, NULL, NULL,
2197 NULL);
2198 */
2199
2200 /* Acquire a CSP */
2201 pCryptAcquireContextA(&csp, cspNameA, MS_DEF_PROV_A, PROV_RSA_FULL,
2203 ret = pCryptAcquireContextA(&csp, cspNameA, MS_DEF_PROV_A, PROV_RSA_FULL,
2205 ok(ret, "CryptAcquireContext failed: %08x\n", GetLastError());
2206
2207 context = pCertCreateSelfSignCertificate(csp, &name, 0, NULL, NULL, NULL,
2208 NULL, NULL);
2210 "Expected NTE_NO_KEY, got %08x\n", GetLastError());
2211 ret = CryptGenKey(csp, AT_SIGNATURE, 0, &key);
2212 ok(ret, "CryptGenKey failed: %08x\n", GetLastError());
2213 if (ret)
2214 {
2215 context = pCertCreateSelfSignCertificate(csp, &name, 0, NULL, NULL, NULL,
2216 NULL, NULL);
2217 ok(context != NULL, "CertCreateSelfSignCertificate failed: %08x\n",
2218 GetLastError());
2219 if (context)
2220 {
2221 DWORD size = 0;
2222
2223 /* The context must have a key provider info property */
2226 ok(ret && size, "Expected non-zero key provider info\n");
2227 if (size)
2228 {
2230
2231 if (pInfo)
2232 {
2235 ok(ret, "CertGetCertificateContextProperty failed: %08x\n",
2236 GetLastError());
2237 if (ret)
2238 {
2239 /* Sanity-check the key provider */
2241 "Unexpected key container\n");
2243 "Unexpected provider\n");
2244 ok(pInfo->dwKeySpec == AT_SIGNATURE,
2245 "Expected AT_SIGNATURE, got %d\n", pInfo->dwKeySpec);
2246 }
2247 HeapFree(GetProcessHeap(), 0, pInfo);
2248 }
2249 }
2250
2252 }
2253
2255 }
2256
2257 CryptReleaseContext(csp, 0);
2258 ret = pCryptAcquireContextA(&csp, cspNameA, MS_DEF_PROV_A, PROV_RSA_FULL,
2260 ok(ret, "CryptAcquireContext failed: %08x\n", GetLastError());
2261
2262 /* Do the same test with a CSP, AT_KEYEXCHANGE and key info */
2263 pCryptAcquireContextA(&csp, cspNameA, MS_DEF_PROV_A, PROV_RSA_FULL,
2265 ret = pCryptAcquireContextA(&csp, cspNameA, MS_DEF_PROV_A, PROV_RSA_FULL,
2267 ok(ret, "CryptAcquireContext failed: %08x\n", GetLastError());
2268 ret = CryptGenKey(csp, AT_SIGNATURE, 0, &key);
2269 ok(ret, "CryptGenKey failed: %08x\n", GetLastError());
2270
2271 memset(&info,0,sizeof(info));
2272 info.dwProvType = PROV_RSA_FULL;
2273 info.dwKeySpec = AT_KEYEXCHANGE;
2274 info.pwszProvName = (LPWSTR) MS_DEF_PROV_W;
2275 info.pwszContainerName = cspNameW;
2276 /* This should fail because the CSP doesn't have the specified key. */
2277 SetLastError(0xdeadbeef);
2278 context = pCertCreateSelfSignCertificate(csp, &name, 0, &info, NULL, NULL,
2279 NULL, NULL);
2280 ok(context == NULL, "expected failure\n");
2281 if (context != NULL)
2283 else
2284 ok(GetLastError() == NTE_NO_KEY, "expected NTE_NO_KEY, got %08x\n",
2285 GetLastError());
2286 /* Again, with a CSP, AT_SIGNATURE and key info */
2287 info.dwKeySpec = AT_SIGNATURE;
2288 SetLastError(0xdeadbeef);
2289 context = pCertCreateSelfSignCertificate(csp, &name, 0, &info, NULL, NULL,
2290 NULL, NULL);
2291 ok(context != NULL,
2292 "CertCreateSelfSignCertificate failed: %08x\n", GetLastError());
2293 if (context)
2294 {
2295 DWORD size = 0;
2296
2297 /* The context must have a key provider info property */
2300 ok(ret && size, "Expected non-zero key provider info\n");
2301 if (size)
2302 {
2304
2305 if (pInfo)
2306 {
2309 ok(ret, "CertGetCertificateContextProperty failed: %08x\n",
2310 GetLastError());
2311 if (ret)
2312 {
2313 /* Sanity-check the key provider */
2315 "Unexpected key container\n");
2317 "Unexpected provider\n");
2318 ok(pInfo->dwKeySpec == AT_SIGNATURE,
2319 "Expected AT_SIGNATURE, got %d\n", pInfo->dwKeySpec);
2320 }
2321 HeapFree(GetProcessHeap(), 0, pInfo);
2322 }
2323 }
2324
2326 }
2328
2329 CryptReleaseContext(csp, 0);
2330 ret = pCryptAcquireContextA(&csp, cspNameA, MS_DEF_PROV_A, PROV_RSA_FULL,
2332 ok(ret, "CryptAcquireContext failed: %08x\n", GetLastError());
2333
2334 /* Do the same test with no CSP, AT_KEYEXCHANGE and key info */
2335 info.dwKeySpec = AT_KEYEXCHANGE;
2336 context = pCertCreateSelfSignCertificate(0, &name, 0, &info, NULL, NULL,
2337 NULL, NULL);
2338 ok(context != NULL, "CertCreateSelfSignCertificate failed: %08x\n",
2339 GetLastError());
2340 if (context)
2341 {
2342 DWORD size = 0;
2343
2344 /* The context must have a key provider info property */
2347 ok(ret && size, "Expected non-zero key provider info\n");
2348 if (size)
2349 {
2351
2352 if (pInfo)
2353 {
2356 ok(ret, "CertGetCertificateContextProperty failed: %08x\n",
2357 GetLastError());
2358 if (ret)
2359 {
2360 /* Sanity-check the key provider */
2362 "Unexpected key container\n");
2364 "Unexpected provider\n");
2365 ok(pInfo->dwKeySpec == AT_KEYEXCHANGE,
2366 "Expected AT_KEYEXCHANGE, got %d\n", pInfo->dwKeySpec);
2367 }
2368 HeapFree(GetProcessHeap(), 0, pInfo);
2369 }
2370 }
2371
2373 }
2374
2375 pCryptAcquireContextA(&csp, cspNameA, MS_DEF_PROV_A, PROV_RSA_FULL,
2377
2378 /* Acquire a CSP and generate an AT_KEYEXCHANGE key in it. */
2379 pCryptAcquireContextA(&csp, cspNameA, MS_DEF_PROV_A, PROV_RSA_FULL,
2381 ret = pCryptAcquireContextA(&csp, cspNameA, MS_DEF_PROV_A, PROV_RSA_FULL,
2383 ok(ret, "CryptAcquireContext failed: %08x\n", GetLastError());
2384
2385 context = pCertCreateSelfSignCertificate(csp, &name, 0, NULL, NULL, NULL,
2386 NULL, NULL);
2388 "Expected NTE_NO_KEY, got %08x\n", GetLastError());
2389 ret = CryptGenKey(csp, AT_KEYEXCHANGE, 0, &key);
2390 ok(ret, "CryptGenKey failed: %08x\n", GetLastError());
2392
2393 memset(&info,0,sizeof(info));
2394 info.dwProvType = PROV_RSA_FULL;
2395 info.dwKeySpec = AT_SIGNATURE;
2396 info.pwszProvName = (LPWSTR) MS_DEF_PROV_W;
2397 info.pwszContainerName = cspNameW;
2398 /* This should fail because the CSP doesn't have the specified key. */
2399 SetLastError(0xdeadbeef);
2400 context = pCertCreateSelfSignCertificate(csp, &name, 0, &info, NULL, NULL,
2401 NULL, NULL);
2402 ok(context == NULL, "expected failure\n");
2403 if (context != NULL)
2405 else
2406 ok(GetLastError() == NTE_NO_KEY, "expected NTE_NO_KEY, got %08x\n",
2407 GetLastError());
2408 /* Again, with a CSP, AT_KEYEXCHANGE and key info. This succeeds because the
2409 * CSP has an AT_KEYEXCHANGE key in it.
2410 */
2411 info.dwKeySpec = AT_KEYEXCHANGE;
2412 SetLastError(0xdeadbeef);
2413 context = pCertCreateSelfSignCertificate(csp, &name, 0, &info, NULL, NULL,
2414 NULL, NULL);
2415 ok(context != NULL,
2416 "CertCreateSelfSignCertificate failed: %08x\n", GetLastError());
2417 if (context)
2418 {
2419 DWORD size = 0;
2420
2421 /* The context must have a key provider info property */
2424 ok(ret && size, "Expected non-zero key provider info\n");
2425 if (size)
2426 {
2428
2429 if (pInfo)
2430 {
2433 ok(ret, "CertGetCertificateContextProperty failed: %08x\n",
2434 GetLastError());
2435 if (ret)
2436 {
2437 /* Sanity-check the key provider */
2439 "Unexpected key container\n");
2441 "Unexpected provider\n");
2442 ok(pInfo->dwKeySpec == AT_KEYEXCHANGE,
2443 "Expected AT_KEYEXCHANGE, got %d\n", pInfo->dwKeySpec);
2444 }
2445 HeapFree(GetProcessHeap(), 0, pInfo);
2446 }
2447 }
2448
2450 }
2451
2452 CryptReleaseContext(csp, 0);
2453 ret = pCryptAcquireContextA(&csp, cspNameA, MS_DEF_PROV_A, PROV_RSA_FULL,
2455 ok(ret, "CryptAcquireContext failed: %08x\n", GetLastError());
2456
2457}
2458
2459static void testIntendedKeyUsage(void)
2460{
2461 BOOL ret;
2462 CERT_INFO info = { 0 };
2463 static char oid_key_usage[] = szOID_KEY_USAGE;
2464 /* A couple "key usages". Really they're just encoded bits which aren't
2465 * necessarily restricted to the defined key usage values.
2466 */
2467 static BYTE usage1[] = { 0x03,0x03,0x00,0xff,0xff };
2468 static BYTE usage2[] = { 0x03,0x03,0x01,0xff,0xfe };
2469 static const BYTE expected_usage1[] = { 0xff,0xff,0x00,0x00 };
2470 static const BYTE expected_usage2[] = { 0xff,0xfe,0x00,0x00 };
2471 CERT_EXTENSION ext = { oid_key_usage, TRUE, { sizeof(usage1), usage1 } };
2472 BYTE usage_bytes[4];
2473
2474 if (0)
2475 {
2476 /* Crash */
2478 }
2480 ok(!ret, "expected failure\n");
2481 ret = CertGetIntendedKeyUsage(0, &info, usage_bytes, sizeof(usage_bytes));
2482 ok(!ret, "expected failure\n");
2484 ok(!ret, "expected failure\n");
2486 sizeof(usage_bytes));
2487 ok(!ret, "expected failure\n");
2488 info.cExtension = 1;
2489 info.rgExtension = &ext;
2491 ok(!ret, "expected failure\n");
2492 /* The unused bytes are filled with 0. */
2494 sizeof(usage_bytes));
2495 ok(ret, "CertGetIntendedKeyUsage failed: %08x\n", GetLastError());
2496 ok(!memcmp(usage_bytes, expected_usage1, sizeof(expected_usage1)),
2497 "unexpected value\n");
2498 /* The usage bytes are copied in big-endian order. */
2499 ext.Value.cbData = sizeof(usage2);
2500 ext.Value.pbData = usage2;
2502 sizeof(usage_bytes));
2503 ok(ret, "CertGetIntendedKeyUsage failed: %08x\n", GetLastError());
2504 ok(!memcmp(usage_bytes, expected_usage2, sizeof(expected_usage2)),
2505 "unexpected value\n");
2506}
2507
2510
2511static void testKeyUsage(void)
2512{
2513 BOOL ret;
2515 DWORD size;
2516
2517 /* Test base cases */
2520 "Expected ERROR_INVALID_PARAMETER, got %08x\n", GetLastError());
2521 size = 1;
2524 "Expected ERROR_INVALID_PARAMETER, got %08x\n", GetLastError());
2525 size = 0;
2528 "Expected ERROR_INVALID_PARAMETER, got %08x\n", GetLastError());
2529 /* These crash
2530 ret = CertSetEnhancedKeyUsage(NULL, NULL);
2531 usage.cUsageIdentifier = 0;
2532 ret = CertSetEnhancedKeyUsage(NULL, &usage);
2533 */
2534 /* Test with a cert with no enhanced key usage extension */
2536 sizeof(bigCert));
2537 ok(context != NULL, "CertCreateCertificateContext failed: %08x\n",
2538 GetLastError());
2539 if (context)
2540 {
2541 static const char oid[] = "1.2.3.4";
2542 BYTE buf[sizeof(CERT_ENHKEY_USAGE) + 2 * (sizeof(LPSTR) + sizeof(oid))];
2544
2547 "Expected ERROR_INVALID_PARAMETER, got %08x\n", GetLastError());
2548 size = 1;
2550 if (ret)
2551 {
2552 /* Windows 2000, ME, or later: even though it succeeded, we expect
2553 * CRYPT_E_NOT_FOUND, which indicates there is no enhanced key
2554 * usage set for this cert (which implies it's valid for all uses.)
2555 */
2557 "Expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
2558 ok(size == sizeof(CERT_ENHKEY_USAGE), "Wrong size %d\n", size);
2559 ret = CertGetEnhancedKeyUsage(context, 0, pUsage, &size);
2560 ok(ret, "CertGetEnhancedKeyUsage failed: %08x\n", GetLastError());
2561 ok(pUsage->cUsageIdentifier == 0, "Expected 0 usages, got %d\n",
2562 pUsage->cUsageIdentifier);
2563 }
2564 else
2565 {
2566 /* Windows NT, 95, or 98: it fails, and the last error is
2567 * CRYPT_E_NOT_FOUND.
2568 */
2570 "Expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
2571 }
2572 /* I can add a usage identifier when no key usage has been set */
2574 ok(ret, "CertAddEnhancedKeyUsageIdentifier failed: %08x\n",
2575 GetLastError());
2576 size = sizeof(buf);
2579 ok(ret && GetLastError() == 0,
2580 "CertGetEnhancedKeyUsage failed: %08x\n", GetLastError());
2581 ok(pUsage->cUsageIdentifier == 1, "Expected 1 usage, got %d\n",
2582 pUsage->cUsageIdentifier);
2583 if (pUsage->cUsageIdentifier)
2584 ok(!strcmp(pUsage->rgpszUsageIdentifier[0], oid),
2585 "Expected %s, got %s\n", oid, pUsage->rgpszUsageIdentifier[0]);
2586 /* Now set an empty key usage */
2587 pUsage->cUsageIdentifier = 0;
2589 ok(ret, "CertSetEnhancedKeyUsage failed: %08x\n", GetLastError());
2590 /* Shouldn't find it in the cert */
2591 size = sizeof(buf);
2595 "Expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
2596 /* Should find it as an extended property */
2599 ok(ret && GetLastError() == 0,
2600 "CertGetEnhancedKeyUsage failed: %08x\n", GetLastError());
2601 ok(pUsage->cUsageIdentifier == 0, "Expected 0 usages, got %d\n",
2602 pUsage->cUsageIdentifier);
2603 /* Should find it as either */
2604 ret = CertGetEnhancedKeyUsage(context, 0, pUsage, &size);
2605 ok(ret && GetLastError() == 0,
2606 "CertGetEnhancedKeyUsage failed: %08x\n", GetLastError());
2607 ok(pUsage->cUsageIdentifier == 0, "Expected 0 usages, got %d\n",
2608 pUsage->cUsageIdentifier);
2609 /* Add a usage identifier */
2611 ok(ret, "CertAddEnhancedKeyUsageIdentifier failed: %08x\n",
2612 GetLastError());
2613 size = sizeof(buf);
2614 ret = CertGetEnhancedKeyUsage(context, 0, pUsage, &size);
2615 ok(ret && GetLastError() == 0,
2616 "CertGetEnhancedKeyUsage failed: %08x\n", GetLastError());
2617 ok(pUsage->cUsageIdentifier == 1, "Expected 1 identifier, got %d\n",
2618 pUsage->cUsageIdentifier);
2619 if (pUsage->cUsageIdentifier)
2620 ok(!strcmp(pUsage->rgpszUsageIdentifier[0], oid),
2621 "Expected %s, got %s\n", oid, pUsage->rgpszUsageIdentifier[0]);
2622 /* Re-adding the same usage identifier succeeds, though it only adds
2623 * a duplicate usage identifier on versions prior to Vista
2624 */
2626 ok(ret, "CertAddEnhancedKeyUsageIdentifier failed: %08x\n",
2627 GetLastError());
2628 size = sizeof(buf);
2629 ret = CertGetEnhancedKeyUsage(context, 0, pUsage, &size);
2630 ok(ret && GetLastError() == 0,
2631 "CertGetEnhancedKeyUsage failed: %08x\n", GetLastError());
2632 ok(pUsage->cUsageIdentifier == 1 || pUsage->cUsageIdentifier == 2,
2633 "Expected 1 or 2 identifiers, got %d\n", pUsage->cUsageIdentifier);
2634 if (pUsage->cUsageIdentifier)
2635 ok(!strcmp(pUsage->rgpszUsageIdentifier[0], oid),
2636 "Expected %s, got %s\n", oid, pUsage->rgpszUsageIdentifier[0]);
2637 if (pUsage->cUsageIdentifier >= 2)
2638 ok(!strcmp(pUsage->rgpszUsageIdentifier[1], oid),
2639 "Expected %s, got %s\n", oid, pUsage->rgpszUsageIdentifier[1]);
2640 /* Now set a NULL extended property--this deletes the property. */
2642 ok(ret, "CertSetEnhancedKeyUsage failed: %08x\n", GetLastError());
2643 SetLastError(0xbaadcafe);
2644 size = sizeof(buf);
2645 ret = CertGetEnhancedKeyUsage(context, 0, pUsage, &size);
2646 ok(ret || broken(!ret && GetLastError() == CRYPT_E_NOT_FOUND /* NT4 */),
2647 "CertGetEnhancedKeyUsage failed: %08x\n", GetLastError());
2649 "Expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
2650
2652 }
2653 /* Now test with a cert with an enhanced key usage extension */
2655 sizeof(certWithUsage));
2656 ok(context != NULL, "CertCreateCertificateContext failed: %08x\n",
2657 GetLastError());
2658 if (context)
2659 {
2660 LPBYTE buf = NULL;
2661 DWORD bufSize = 0, i;
2662
2663 /* The size may depend on what flags are used to query it, so I
2664 * realloc the buffer for each test.
2665 */
2668 ok(ret, "CertGetEnhancedKeyUsage failed: %08x\n", GetLastError());
2670 if (buf)
2671 {
2673
2674 /* Should find it in the cert */
2675 size = bufSize;
2678 ok(ret && GetLastError() == 0,
2679 "CertGetEnhancedKeyUsage failed: %08x\n", GetLastError());
2680 ok(pUsage->cUsageIdentifier == 3, "Expected 3 usages, got %d\n",
2681 pUsage->cUsageIdentifier);
2682 for (i = 0; i < pUsage->cUsageIdentifier; i++)
2684 "Expected %s, got %s\n", keyUsages[i],
2685 pUsage->rgpszUsageIdentifier[i]);
2687 }
2689 ok(ret, "CertGetEnhancedKeyUsage failed: %08x\n", GetLastError());
2691 if (buf)
2692 {
2694
2695 /* Should find it as either */
2696 size = bufSize;
2697 ret = CertGetEnhancedKeyUsage(context, 0, pUsage, &size);
2698 /* In Windows, GetLastError returns CRYPT_E_NOT_FOUND not found
2699 * here, even though the return is successful and the usage id
2700 * count is positive. I don't enforce that here.
2701 */
2702 ok(ret,
2703 "CertGetEnhancedKeyUsage failed: %08x\n", GetLastError());
2704 ok(pUsage->cUsageIdentifier == 3, "Expected 3 usages, got %d\n",
2705 pUsage->cUsageIdentifier);
2706 for (i = 0; i < pUsage->cUsageIdentifier; i++)
2708 "Expected %s, got %s\n", keyUsages[i],
2709 pUsage->rgpszUsageIdentifier[i]);
2711 }
2712 /* Shouldn't find it as an extended property */
2716 "Expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
2717 /* Adding a usage identifier overrides the cert's usage!? */
2719 ok(ret, "CertAddEnhancedKeyUsageIdentifier failed: %08x\n",
2720 GetLastError());
2722 ok(ret, "CertGetEnhancedKeyUsage failed: %08x\n", GetLastError());
2724 if (buf)
2725 {
2727
2728 /* Should find it as either */
2729 size = bufSize;
2730 ret = CertGetEnhancedKeyUsage(context, 0, pUsage, &size);
2731 ok(ret,
2732 "CertGetEnhancedKeyUsage failed: %08x\n", GetLastError());
2733 ok(pUsage->cUsageIdentifier == 1, "Expected 1 usage, got %d\n",
2734 pUsage->cUsageIdentifier);
2736 "Expected %s, got %s\n", szOID_RSA_RSA,
2737 pUsage->rgpszUsageIdentifier[0]);
2739 }
2740 /* But querying the cert directly returns its usage */
2743 ok(ret, "CertGetEnhancedKeyUsage failed: %08x\n", GetLastError());
2745 if (buf)
2746 {
2748
2749 size = bufSize;
2752 ok(ret,
2753 "CertGetEnhancedKeyUsage failed: %08x\n", GetLastError());
2754 ok(pUsage->cUsageIdentifier == 3, "Expected 3 usages, got %d\n",
2755 pUsage->cUsageIdentifier);
2756 for (i = 0; i < pUsage->cUsageIdentifier; i++)
2758 "Expected %s, got %s\n", keyUsages[i],
2759 pUsage->rgpszUsageIdentifier[i]);
2761 }
2762 /* And removing the only usage identifier in the extended property
2763 * results in the cert's key usage being found.
2764 */
2766 ok(ret, "CertRemoveEnhancedKeyUsage failed: %08x\n", GetLastError());
2768 ok(ret, "CertGetEnhancedKeyUsage failed: %08x\n", GetLastError());
2770 if (buf)
2771 {
2773
2774 /* Should find it as either */
2775 size = bufSize;
2776 ret = CertGetEnhancedKeyUsage(context, 0, pUsage, &size);
2777 ok(ret,
2778 "CertGetEnhancedKeyUsage failed: %08x\n", GetLastError());
2779 ok(pUsage->cUsageIdentifier == 3, "Expected 3 usages, got %d\n",
2780 pUsage->cUsageIdentifier);
2781 for (i = 0; i < pUsage->cUsageIdentifier; i++)
2783 "Expected %s, got %s\n", keyUsages[i],
2784 pUsage->rgpszUsageIdentifier[i]);
2786 }
2787
2789 }
2790}
2791
2792static const BYTE cert2WithUsage[] = {
27930x30,0x81,0x89,0x02,0x01,0x01,0x30,0x02,0x06,0x00,0x30,0x15,0x31,0x13,0x30,
27940x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,
27950x6e,0x67,0x00,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,
27960x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,
27970x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x15,0x31,0x13,0x30,0x11,
27980x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,
27990x67,0x00,0x30,0x07,0x30,0x02,0x06,0x00,0x03,0x01,0x00,0xa3,0x25,0x30,0x23,
28000x30,0x21,0x06,0x03,0x55,0x1d,0x25,0x01,0x01,0xff,0x04,0x17,0x30,0x15,0x06,
28010x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x03,0x02,0x06,0x09,0x2a,0x86,0x48,0x86,
28020xf7,0x0d,0x01,0x01,0x01 };
2803
2804static void testGetValidUsages(void)
2805{
2806 static const LPCSTR expectedOIDs[] = {
2807 "1.3.6.1.5.5.7.3.3",
2808 "1.3.6.1.5.5.7.3.2",
2809 "1.2.840.113549.1.1.1",
2810 };
2811 static const LPCSTR expectedOIDs2[] = {
2812 "1.3.6.1.5.5.7.3.2",
2813 "1.2.840.113549.1.1.1",
2814 };
2815 BOOL ret;
2816 int numOIDs;
2817 DWORD size;
2818 LPSTR *oids = NULL;
2819 PCCERT_CONTEXT contexts[3];
2820
2821 if (!pCertGetValidUsages)
2822 {
2823 win_skip("CertGetValidUsages() is not available\n");
2824 return;
2825 }
2826
2827 /* Crash
2828 ret = pCertGetValidUsages(0, NULL, NULL, NULL, NULL);
2829 ret = pCertGetValidUsages(0, NULL, NULL, NULL, &size);
2830 */
2831 contexts[0] = NULL;
2832 numOIDs = size = 0xdeadbeef;
2833 SetLastError(0xdeadbeef);
2834 ret = pCertGetValidUsages(1, &contexts[0], &numOIDs, NULL, &size);
2835 ok(ret, "CertGetValidUsages failed: %d\n", GetLastError());
2836 ok(numOIDs == -1, "Expected -1, got %d\n", numOIDs);
2837 ok(size == 0, "Expected size 0, got %d\n", size);
2839 sizeof(bigCert));
2841 sizeof(certWithUsage));
2844 numOIDs = size = 0xdeadbeef;
2845 ret = pCertGetValidUsages(0, NULL, &numOIDs, NULL, &size);
2846 ok(ret, "CertGetValidUsages failed: %08x\n", GetLastError());
2847 ok(numOIDs == -1, "Expected -1, got %d\n", numOIDs);
2848 ok(size == 0, "Expected size 0, got %d\n", size);
2849 numOIDs = size = 0xdeadbeef;
2850 ret = pCertGetValidUsages(1, contexts, &numOIDs, NULL, &size);
2851 ok(ret, "CertGetValidUsages failed: %08x\n", GetLastError());
2852 ok(numOIDs == -1, "Expected -1, got %d\n", numOIDs);
2853 ok(size == 0, "Expected size 0, got %d\n", size);
2854 ret = pCertGetValidUsages(1, &contexts[1], &numOIDs, NULL, &size);
2855 ok(ret, "CertGetValidUsages failed: %08x\n", GetLastError());
2856 ok(numOIDs == 3, "Expected 3, got %d\n", numOIDs);
2857 ok(size, "Expected non-zero size\n");
2858 oids = HeapAlloc(GetProcessHeap(), 0, size);
2859 if (oids)
2860 {
2861 int i;
2862 DWORD smallSize = 1;
2863
2864 SetLastError(0xdeadbeef);
2865 ret = pCertGetValidUsages(1, &contexts[1], &numOIDs, oids, &smallSize);
2867 "Expected ERROR_MORE_DATA, got %d\n", GetLastError());
2868 ret = pCertGetValidUsages(1, &contexts[1], &numOIDs, oids, &size);
2869 ok(ret, "CertGetValidUsages failed: %08x\n", GetLastError());
2870 for (i = 0; i < numOIDs; i++)
2871 ok(!lstrcmpA(oids[i], expectedOIDs[i]), "unexpected OID %s\n",
2872 oids[i]);
2873 HeapFree(GetProcessHeap(), 0, oids);
2874 }
2875 numOIDs = 0xdeadbeef;
2876 /* Oddly enough, this crashes when the number of contexts is not 1:
2877 ret = pCertGetValidUsages(2, contexts, &numOIDs, NULL, &size);
2878 * but setting size to 0 allows it to succeed:
2879 */
2880 size = 0;
2881 ret = pCertGetValidUsages(2, contexts, &numOIDs, NULL, &size);
2882 ok(ret, "CertGetValidUsages failed: %08x\n", GetLastError());
2883 ok(numOIDs == 3, "Expected 3, got %d\n", numOIDs);
2884 ok(size, "Expected non-zero size\n");
2885 oids = HeapAlloc(GetProcessHeap(), 0, size);
2886 if (oids)
2887 {
2888 int i;
2889
2890 ret = pCertGetValidUsages(1, &contexts[1], &numOIDs, oids, &size);
2891 ok(ret, "CertGetValidUsages failed: %08x\n", GetLastError());
2892 for (i = 0; i < numOIDs; i++)
2893 ok(!lstrcmpA(oids[i], expectedOIDs[i]), "unexpected OID %s\n",
2894 oids[i]);
2895 HeapFree(GetProcessHeap(), 0, oids);
2896 }
2897 numOIDs = 0xdeadbeef;
2898 size = 0;
2899 ret = pCertGetValidUsages(1, &contexts[2], &numOIDs, NULL, &size);
2900 ok(ret, "CertGetValidUsages failed: %08x\n", GetLastError());
2901 ok(numOIDs == 2, "Expected 2, got %d\n", numOIDs);
2902 ok(size, "Expected non-zero size\n");
2903 oids = HeapAlloc(GetProcessHeap(), 0, size);
2904 if (oids)
2905 {
2906 int i;
2907
2908 ret = pCertGetValidUsages(1, &contexts[2], &numOIDs, oids, &size);
2909 ok(ret, "CertGetValidUsages failed: %08x\n", GetLastError());
2910 for (i = 0; i < numOIDs; i++)
2911 ok(!lstrcmpA(oids[i], expectedOIDs2[i]), "unexpected OID %s\n",
2912 oids[i]);
2913 HeapFree(GetProcessHeap(), 0, oids);
2914 }
2915 numOIDs = 0xdeadbeef;
2916 size = 0;
2917 ret = pCertGetValidUsages(3, contexts, &numOIDs, NULL, &size);
2918 ok(ret, "CertGetValidUsages failed: %08x\n", GetLastError());
2919 ok(numOIDs == 2, "Expected 2, got %d\n", numOIDs);
2920 ok(size, "Expected non-zero size\n");
2921 oids = HeapAlloc(GetProcessHeap(), 0, size);
2922 if (oids)
2923 {
2924 int i;
2925
2926 ret = pCertGetValidUsages(3, contexts, &numOIDs, oids, &size);
2927 ok(ret, "CertGetValidUsages failed: %08x\n", GetLastError());
2928 for (i = 0; i < numOIDs; i++)
2929 ok(!lstrcmpA(oids[i], expectedOIDs2[i]), "unexpected OID %s\n",
2930 oids[i]);
2931 HeapFree(GetProcessHeap(), 0, oids);
2932 }
2933 CertFreeCertificateContext(contexts[0]);
2934 CertFreeCertificateContext(contexts[1]);
2935 CertFreeCertificateContext(contexts[2]);
2936}
2937
2938static BYTE cn[] = {
29390x30,0x14,0x31,0x12,0x30,0x10,0x06,0x03,0x55,0x04,0x03,0x13,0x09,0x4a,0x75,
29400x61,0x6e,0x20,0x4c,0x61,0x6e,0x67 };
29420x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x20,0x4a,
29430x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67 };
29450x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,
29460x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x20 };
29480x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,
29490x61,0x6e,0x20,0x20,0x4c,0x61,0x6e,0x67 };
2950static BYTE cnThenO[] = {
29510x30,0x2d,0x31,0x2b,0x30,0x10,0x06,0x03,0x55,0x04,0x03,0x13,0x09,0x4a,0x75,
29520x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x30,0x17,0x06,0x03,0x55,0x04,0x0a,0x13,
29530x10,0x54,0x68,0x65,0x20,0x57,0x69,0x6e,0x65,0x20,0x50,0x72,0x6f,0x6a,0x65,
29540x63,0x74 };
2955static BYTE oThenCN[] = {
29560x30,0x2d,0x31,0x2b,0x30,0x10,0x06,0x03,0x55,0x04,0x0a,0x13,0x09,0x4a,0x75,
29570x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x30,0x17,0x06,0x03,0x55,0x04,0x03,0x13,
29580x10,0x54,0x68,0x65,0x20,0x57,0x69,0x6e,0x65,0x20,0x50,0x72,0x6f,0x6a,0x65,
29590x63,0x74 };
2960
2961static void testCompareCertName(void)
2962{
2963 static BYTE bogus[] = { 1, 2, 3, 4 };
2964 static BYTE bogusPrime[] = { 0, 1, 2, 3, 4 };
2965 static BYTE emptyPrime[] = { 0x30, 0x00, 0x01 };
2966 BOOL ret;
2967 CERT_NAME_BLOB blob1, blob2;
2968
2969 /* crashes
2970 ret = CertCompareCertificateName(0, NULL, NULL);
2971 */
2972 /* An empty name checks against itself.. */
2973 blob1.pbData = emptyCert;
2974 blob1.cbData = sizeof(emptyCert);
2975 ret = CertCompareCertificateName(0, &blob1, &blob1);
2976 ok(ret, "CertCompareCertificateName failed: %08x\n", GetLastError());
2977 /* It doesn't have to be a valid encoded name.. */
2978 blob1.pbData = bogus;
2979 blob1.cbData = sizeof(bogus);
2980 ret = CertCompareCertificateName(0, &blob1, &blob1);
2981 ok(ret, "CertCompareCertificateName failed: %08x\n", GetLastError());
2982 /* Leading zeroes matter.. */
2983 blob2.pbData = bogusPrime;
2984 blob2.cbData = sizeof(bogusPrime);
2985 ret = CertCompareCertificateName(0, &blob1, &blob2);
2986 ok(!ret, "Expected failure\n");
2987 /* As do trailing extra bytes. */
2988 blob2.pbData = emptyPrime;
2989 blob2.cbData = sizeof(emptyPrime);
2990 ret = CertCompareCertificateName(0, &blob1, &blob2);
2991 ok(!ret, "Expected failure\n");
2992 /* Tests to show that CertCompareCertificateName doesn't decode the name
2993 * to remove spaces, or to do an order-independent comparison.
2994 */
2995 /* Compare CN="Juan Lang" with CN=" Juan Lang" */
2996 blob1.pbData = cn;
2997 blob1.cbData = sizeof(cn);
2998 blob2.pbData = cnWithLeadingSpace;
2999 blob2.cbData = sizeof(cnWithLeadingSpace);
3000 ret = CertCompareCertificateName(0, &blob1, &blob2);
3001 ok(!ret, "Expected failure\n");
3003 ok(!ret, "Expected failure\n");
3004 /* Compare CN="Juan Lang" with CN="Juan Lang " */
3006 blob2.cbData = sizeof(cnWithTrailingSpace);
3007 ret = CertCompareCertificateName(0, &blob1, &blob2);
3008 ok(!ret, "Expected failure\n");
3010 ok(!ret, "Expected failure\n");
3011 /* Compare CN="Juan Lang" with CN="Juan Lang" */
3013 blob2.cbData = sizeof(cnWithIntermediateSpace);
3014 ret = CertCompareCertificateName(0, &blob1, &blob2);
3015 ok(!ret, "Expected failure\n");
3017 ok(!ret, "Expected failure\n");
3018 /* Compare 'CN="Juan Lang", O="The Wine Project"' with
3019 * 'O="The Wine Project", CN="Juan Lang"'
3020 */
3021 blob1.pbData = cnThenO;
3022 blob1.cbData = sizeof(cnThenO);
3023 blob2.pbData = oThenCN;
3024 blob2.cbData = sizeof(oThenCN);
3025 ret = CertCompareCertificateName(0, &blob1, &blob2);
3026 ok(!ret, "Expected failure\n");
3028 ok(!ret, "Expected failure\n");
3029}
3030
3032{
3033 static char oid_1_2_3[] = "1.2.3";
3034 static char oid_common_name[] = szOID_COMMON_NAME;
3035 static char oid_organization[] = szOID_ORGANIZATION_NAME;
3036 static char juan[] = "Juan Lang";
3037 static char juan_with_leading_space[] = " Juan Lang";
3038 static char juan_with_intermediate_space[] = "Juan Lang";
3039 static char juan_with_trailing_space[] = "Juan Lang ";
3040 static char juan_lower_case[] = "juan lang";
3041 static WCHAR juanW[] = { 'J','u','a','n',' ','L','a','n','g',0 };
3042 static char the_wine_project[] = "The Wine Project";
3043 BOOL ret;
3046 CERT_RDN rdn = { 0, NULL };
3047
3048 name.cbData = sizeof(cn);
3049 name.pbData = cn;
3050 if (0)
3051 {
3052 /* Crash */
3055 }
3056 SetLastError(0xdeadbeef);
3059 "expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
3061 ok(ret, "CertIsRDNAttrsInCertificateName failed: %08x\n", GetLastError());
3062 attr[0].pszObjId = oid_1_2_3;
3063 rdn.rgRDNAttr = attr;
3064 rdn.cRDNAttr = 1;
3065 SetLastError(0xdeadbeef);
3068 "expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
3069 attr[0].pszObjId = oid_common_name;
3070 attr[0].dwValueType = CERT_RDN_PRINTABLE_STRING;
3071 attr[0].Value.cbData = strlen(juan);
3072 attr[0].Value.pbData = (BYTE *)juan;
3074 ok(ret, "CertIsRDNAttrsInCertificateName failed: %08x\n", GetLastError());
3075 /* Again, spaces are not removed for name comparison. */
3076 attr[0].Value.cbData = strlen(juan_with_leading_space);
3077 attr[0].Value.pbData = (BYTE *)juan_with_leading_space;
3078 SetLastError(0xdeadbeef);
3081 "expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
3082 attr[0].Value.cbData = strlen(juan_with_intermediate_space);
3083 attr[0].Value.pbData = (BYTE *)juan_with_intermediate_space;
3084 SetLastError(0xdeadbeef);
3087 "expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
3088 attr[0].Value.cbData = strlen(juan_with_trailing_space);
3089 attr[0].Value.pbData = (BYTE *)juan_with_trailing_space;
3090 SetLastError(0xdeadbeef);
3093 "expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
3094 /* The lower case name isn't matched unless a case insensitive match is
3095 * specified.
3096 */
3097 attr[0].Value.cbData = strlen(juan_lower_case);
3098 attr[0].Value.pbData = (BYTE *)juan_lower_case;
3099 SetLastError(0xdeadbeef);
3102 "expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
3105 ok(ret ||
3106 broken(!ret && GetLastError() == CRYPT_E_NO_MATCH), /* Older crypt32 */
3107 "CertIsRDNAttrsInCertificateName failed: %08x\n", GetLastError());
3108 /* The values don't match unless they have the same RDN type */
3109 attr[0].dwValueType = CERT_RDN_UNICODE_STRING;
3110 attr[0].Value.cbData = lstrlenW(juanW) * sizeof(WCHAR);
3111 attr[0].Value.pbData = (BYTE *)juanW;
3112 SetLastError(0xdeadbeef);
3115 "expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
3116 SetLastError(0xdeadbeef);
3120 "expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
3121 attr[0].dwValueType = CERT_RDN_IA5_STRING;
3122 attr[0].Value.cbData = strlen(juan);
3123 attr[0].Value.pbData = (BYTE *)juan;
3124 SetLastError(0xdeadbeef);
3127 "expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
3128 /* All attributes must be present */
3129 attr[0].dwValueType = CERT_RDN_PRINTABLE_STRING;
3130 attr[0].Value.cbData = strlen(juan);
3131 attr[0].Value.pbData = (BYTE *)juan;
3132 attr[1].pszObjId = oid_organization;
3133 attr[1].dwValueType = CERT_RDN_PRINTABLE_STRING;
3134 attr[1].Value.cbData = strlen(the_wine_project);
3135 attr[1].Value.pbData = (BYTE *)the_wine_project;
3136 rdn.cRDNAttr = 2;
3137 SetLastError(0xdeadbeef);
3140 "expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
3141 /* Order also matters */
3142 name.pbData = cnThenO;
3143 name.cbData = sizeof(cnThenO);
3145 ok(ret, "CertIsRDNAttrsInCertificateName failed: %08x\n", GetLastError());
3146 name.pbData = oThenCN;
3147 name.cbData = sizeof(oThenCN);
3148 SetLastError(0xdeadbeef);
3151 "expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
3152}
3153
3154static BYTE int1[] = { 0x88, 0xff, 0xff, 0xff };
3155static BYTE int2[] = { 0x88, 0xff };
3156static BYTE int3[] = { 0x23, 0xff };
3157static BYTE int4[] = { 0x7f, 0x00 };
3158static BYTE int5[] = { 0x7f };
3159static BYTE int6[] = { 0x80, 0x00, 0x00, 0x00 };
3160static BYTE int7[] = { 0x80, 0x00 };
3161
3162static struct IntBlobTest
3163{
3167} intBlobs[] = {
3168 { { sizeof(int1), int1 }, { sizeof(int2), int2 }, TRUE },
3169 { { sizeof(int3), int3 }, { sizeof(int3), int3 }, TRUE },
3170 { { sizeof(int4), int4 }, { sizeof(int5), int5 }, TRUE },
3171 { { sizeof(int6), int6 }, { sizeof(int7), int7 }, TRUE },
3172 { { sizeof(int1), int1 }, { sizeof(int7), int7 }, FALSE },
3174
3175static void testCompareIntegerBlob(void)
3176{
3177 DWORD i;
3178 BOOL ret;
3179
3180 for (i = 0; i < ARRAY_SIZE(intBlobs); i++)
3181 {
3182 ret = CertCompareIntegerBlob(&intBlobs[i].blob1, &intBlobs[i].blob2);
3183 ok(ret == intBlobs[i].areEqual,
3184 "%d: expected blobs %s compare\n", i, intBlobs[i].areEqual ?
3185 "to" : "not to");
3186 }
3187}
3188
3190{
3191 BOOL ret;
3192 CERT_PUBLIC_KEY_INFO info1 = { { 0 } }, info2 = { { 0 } };
3193 static CHAR oid_rsa_rsa[] = szOID_RSA_RSA;
3194 static CHAR oid_rsa_sha1rsa[] = szOID_RSA_SHA1RSA;
3195 static CHAR oid_x957_dsa[] = szOID_X957_DSA;
3196 static BYTE bits1[] = { 1, 0 };
3197 static BYTE bits2[] = { 0 };
3198 static BYTE bits3[] = { 1 };
3199 static BYTE bits4[] = { 0x30,8, 2,1,0x81, 2,3,1,0,1 }; /* ASN_SEQUENCE */
3200 static BYTE bits5[] = { 0x30,9, 2,2,0,0x81, 2,3,1,0,1 }; /* ASN_SEQUENCE */
3201 static BYTE bits6[] = { 0x30,9, 2,2,0,0x82, 2,3,1,0,1 }; /* ASN_SEQUENCE */
3202 static BYTE bits7[] = { 0x04,8, 2,1,0x81, 2,3,1,0,1 }; /* ASN_OCTETSTRING */
3203 static BYTE bits8[] = { 0x04,9, 2,2,0,0x81, 2,3,1,0,1 }; /* ASN_OCTETSTRING */
3204 static BYTE bits9[] = { 0x04,9, 2,2,0,0x82, 2,3,1,0,1 }; /* ASN_OCTETSTRING */
3205
3206 /* crashes
3207 ret = CertComparePublicKeyInfo(0, NULL, NULL);
3208 */
3209 /* Empty public keys compare */
3210 ret = CertComparePublicKeyInfo(0, &info1, &info2);
3211 ok(ret, "CertComparePublicKeyInfo failed: %08x\n", GetLastError());
3213 ok(ret, "CertComparePublicKeyInfo failed: %08x\n", GetLastError());
3214
3215 /* Different OIDs appear to compare */
3216 info1.Algorithm.pszObjId = oid_rsa_rsa;
3217 info2.Algorithm.pszObjId = oid_rsa_sha1rsa;
3218 ret = CertComparePublicKeyInfo(0, &info1, &info2);
3219 ok(ret, "CertComparePublicKeyInfo failed: %08x\n", GetLastError());
3221 ok(ret, "CertComparePublicKeyInfo failed: %08x\n", GetLastError());
3222
3223 info2.Algorithm.pszObjId = oid_x957_dsa;
3224 ret = CertComparePublicKeyInfo(0, &info1, &info2);
3225 ok(ret, "CertComparePublicKeyInfo failed: %08x\n", GetLastError());
3227 ok(ret, "CertComparePublicKeyInfo failed: %08x\n", GetLastError());
3228
3229 info1.PublicKey.cbData = sizeof(bits1);
3230 info1.PublicKey.pbData = bits1;
3231 info1.PublicKey.cUnusedBits = 0;
3232 info2.PublicKey.cbData = sizeof(bits1);
3233 info2.PublicKey.pbData = bits1;
3234 info2.PublicKey.cUnusedBits = 0;
3235 ret = CertComparePublicKeyInfo(0, &info1, &info2);
3236 ok(ret, "CertComparePublicKeyInfo failed: %08x\n", GetLastError());
3238 ok(ret, "CertComparePublicKeyInfo failed: %08x\n", GetLastError());
3239
3240 info2.Algorithm.pszObjId = oid_rsa_rsa;
3241 info1.PublicKey.cbData = sizeof(bits4);
3242 info1.PublicKey.pbData = bits4;
3243 info1.PublicKey.cUnusedBits = 0;
3244 info2.PublicKey.cbData = sizeof(bits5);
3245 info2.PublicKey.pbData = bits5;
3246 info2.PublicKey.cUnusedBits = 0;
3247 ret = CertComparePublicKeyInfo(0, &info1, &info2);
3248 ok(!ret, "CertComparePublicKeyInfo: as raw binary: keys should be unequal\n");
3250 ok(ret, "CertComparePublicKeyInfo: as ASN.1 encoded: keys should be equal\n");
3251
3252 info1.PublicKey.cUnusedBits = 1;
3253 info2.PublicKey.cUnusedBits = 5;
3255 ok(ret, "CertComparePublicKeyInfo: ASN.1 encoding should ignore cUnusedBits\n");
3256 info1.PublicKey.cUnusedBits = 0;
3257 info2.PublicKey.cUnusedBits = 0;
3258 info1.PublicKey.cbData--; /* kill one byte, make ASN.1 encoded data invalid */
3260 ok(!ret, "CertComparePublicKeyInfo: comparing bad ASN.1 encoded key should fail\n");
3261 /* Even though they compare in their used bits, these do not compare */
3262 info1.PublicKey.cbData = sizeof(bits2);
3263 info1.PublicKey.pbData = bits2;
3264 info1.PublicKey.cUnusedBits = 0;
3265 info2.PublicKey.cbData = sizeof(bits3);
3266 info2.PublicKey.pbData = bits3;
3267 info2.PublicKey.cUnusedBits = 1;
3268 ret = CertComparePublicKeyInfo(0, &info1, &info2);
3269 /* Simple (non-comparing) case */
3270 ok(!ret, "Expected keys not to compare\n");
3272 ok(!ret, "Expected keys not to compare\n");
3273
3274 info2.PublicKey.cbData = sizeof(bits1);
3275 info2.PublicKey.pbData = bits1;
3276 info2.PublicKey.cUnusedBits = 0;
3277 ret = CertComparePublicKeyInfo(0, &info1, &info2);
3278 ok(!ret, "Expected keys not to compare\n");
3280 ok(!ret, "Expected keys not to compare\n");
3281
3282 info1.PublicKey.cbData = sizeof(bits7);
3283 info1.PublicKey.pbData = bits7;
3284 info1.PublicKey.cUnusedBits = 0;
3285 info2.PublicKey.cbData = sizeof(bits8);
3286 info2.PublicKey.pbData = bits8;
3287 info2.PublicKey.cUnusedBits = 0;
3288 ret = CertComparePublicKeyInfo(0, &info1, &info2);
3289 ok(!ret, "CertComparePublicKeyInfo: as raw binary: keys should be unequal\n");
3291 ok(!ret, "CertComparePublicKeyInfo: as ASN.1 encoded: keys should be unequal\n");
3292
3293 ret = CertComparePublicKeyInfo(0, &info1, &info1);
3294 ok(ret, "CertComparePublicKeyInfo: as raw binary: keys should be equal\n");
3296 ok(ret, "CertComparePublicKeyInfo: as ASN.1 encoded: keys should be equal\n");
3297 info1.PublicKey.cbData--; /* kill one byte, make ASN.1 encoded data invalid */
3299 ok(ret, "CertComparePublicKeyInfo: as ASN.1 encoded: keys should be equal\n");
3300
3301 /* ASN.1 encoded non-comparing case */
3302 info1.PublicKey.cbData = sizeof(bits5);
3303 info1.PublicKey.pbData = bits5;
3304 info1.PublicKey.cUnusedBits = 0;
3305 info2.PublicKey.cbData = sizeof(bits6);
3306 info2.PublicKey.pbData = bits6;
3307 info2.PublicKey.cUnusedBits = 0;
3309 ok(!ret, "CertComparePublicKeyInfo: different keys should be unequal\n");
3310
3311 /* ASN.1 encoded non-comparing case */
3312 info1.PublicKey.cbData = sizeof(bits8);
3313 info1.PublicKey.pbData = bits8;
3314 info1.PublicKey.cUnusedBits = 0;
3315 info2.PublicKey.cbData = sizeof(bits9);
3316 info2.PublicKey.pbData = bits9;
3317 info2.PublicKey.cUnusedBits = 0;
3319 ok(!ret, "CertComparePublicKeyInfo: different keys should be unequal\n");
3320}
3321
3322static void testHashPublicKeyInfo(void)
3323{
3324 BOOL ret;
3325 CERT_PUBLIC_KEY_INFO info = { { 0 } };
3326 DWORD len;
3327
3328 /* Crash
3329 ret = CryptHashPublicKeyInfo(0, 0, 0, 0, NULL, NULL, NULL);
3330 ret = CryptHashPublicKeyInfo(0, 0, 0, 0, &info, NULL, NULL);
3331 */
3332 ret = CryptHashPublicKeyInfo(0, 0, 0, 0, NULL, NULL, &len);
3334 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
3335 /* Crashes on some win9x boxes */
3336 if (0)
3337 {
3340 "Expected STATUS_ACCESS_VIOLATION, got %08x\n", GetLastError());
3341 }
3343 ok(ret ||
3344 broken(!ret), /* win9x */
3345 "CryptHashPublicKeyInfo failed: %08x\n", GetLastError());
3346 if (ret)
3347 {
3348 ok(len == 16, "Expected hash size 16, got %d\n", len);
3349 if (len == 16)
3350 {
3351 static const BYTE emptyHash[] = { 0xb8,0x51,0x3a,0x31,0x0e,0x9f,0x40,
3352 0x36,0x9c,0x92,0x45,0x1b,0x9d,0xc8,0xf9,0xf6 };
3353 BYTE buf[16];
3354
3356 &len);
3357 ok(ret, "CryptHashPublicKeyInfo failed: %08x\n", GetLastError());
3358 ok(!memcmp(buf, emptyHash, len), "Unexpected hash\n");
3359 }
3360 }
3361}
3362
3363static const BYTE md5SignedEmptyCertHash[] = { 0xfb,0x0f,0x66,0x82,0x66,0xd9,
3364 0xe5,0xf8,0xd8,0xa2,0x55,0x2b,0xe1,0xa5,0xd9,0x04 };
3365
3366static void testHashToBeSigned(void)
3367{
3368 BOOL ret;
3369 DWORD size;
3370 BYTE hash[16];
3371
3372 /* Crash */
3373 if (0)
3374 {
3375 CryptHashToBeSigned(0, 0, NULL, 0, NULL, NULL);
3376 }
3377 SetLastError(0xdeadbeef);
3378 ret = CryptHashToBeSigned(0, 0, NULL, 0, NULL, &size);
3380 "expected ERROR_FILE_NOT_FOUND, got %d\n", GetLastError());
3381 SetLastError(0xdeadbeef);
3383 ok(!ret &&
3385 GetLastError() == OSS_BAD_ARG), /* win9x */
3386 "expected CRYPT_E_ASN1_EOD, got %08x\n", GetLastError());
3387 /* Can't sign anything: has to be asn.1 encoded, at least */
3388 SetLastError(0xdeadbeef);
3390 NULL, &size);
3391 ok(!ret &&
3393 GetLastError() == OSS_MORE_INPUT), /* win9x */
3394 "expected CRYPT_E_ASN1_BADTAG, got %08x\n", GetLastError());
3395 /* Can't be empty, either */
3396 SetLastError(0xdeadbeef);
3398 sizeof(emptyCert), NULL, &size);
3399 ok(!ret &&
3401 GetLastError() == OSS_DATA_ERROR), /* win9x */
3402 "expected CRYPT_E_ASN1_CORRUPT, got %08x\n", GetLastError());
3403 /* Signing a cert works */
3405 sizeof(md5SignedEmptyCert), NULL, &size);
3406 ok(ret ||
3407 broken(!ret), /* win9x */
3408 "CryptHashToBeSigned failed: %08x\n", GetLastError());
3409 if (ret)
3410 {
3411 ok(size == sizeof(md5SignedEmptyCertHash), "unexpected size %d\n", size);
3412 }
3413
3415 sizeof(md5SignedEmptyCert), hash, &size);
3416 ok(ret || broken(!ret && GetLastError() == NTE_BAD_ALGID) /* NT4 */,
3417 "CryptHashToBeSigned failed: %08x\n", GetLastError());
3418
3419 ok(!memcmp(hash, md5SignedEmptyCertHash, size), "unexpected value\n");
3420}
3421
3422static void testCompareCert(void)
3423{
3424 CERT_INFO info1 = { 0 }, info2 = { 0 };
3425 BOOL ret;
3426
3427 /* Crashes */
3428 if (0)
3430
3431 /* Certs with the same issuer and serial number are equal, even if they
3432 * differ in other respects (like subject).
3433 */
3435 info1.SerialNumber.cbData = sizeof(serialNum);
3436 info1.Issuer.pbData = subjectName;
3437 info1.Issuer.cbData = sizeof(subjectName);
3438 info1.Subject.pbData = subjectName2;
3439 info1.Subject.cbData = sizeof(subjectName2);
3440 info2.SerialNumber.pbData = serialNum;
3441 info2.SerialNumber.cbData = sizeof(serialNum);
3442 info2.Issuer.pbData = subjectName;
3443 info2.Issuer.cbData = sizeof(subjectName);
3444 info2.Subject.pbData = subjectName;
3445 info2.Subject.cbData = sizeof(subjectName);
3446 ret = CertCompareCertificate(X509_ASN_ENCODING, &info1, &info2);
3447 ok(ret, "Expected certs to be equal\n");
3448
3449 info2.Issuer.pbData = subjectName2;
3450 info2.Issuer.cbData = sizeof(subjectName2);
3451 ret = CertCompareCertificate(X509_ASN_ENCODING, &info1, &info2);
3452 ok(!ret, "Expected certs not to be equal\n");
3453}
3454
3455static void testVerifySubjectCert(void)
3456{
3457 BOOL ret;
3458 DWORD flags;
3459 PCCERT_CONTEXT context1, context2;
3460
3461 /* Crashes
3462 ret = CertVerifySubjectCertificateContext(NULL, NULL, NULL);
3463 */
3464 flags = 0;
3466 ok(ret, "CertVerifySubjectCertificateContext failed; %08x\n",
3467 GetLastError());
3471 "Expected E_INVALIDARG, got %08x\n", GetLastError());
3472
3473 flags = 0;
3475 sizeof(bigCert));
3477 ok(ret, "CertVerifySubjectCertificateContext failed; %08x\n",
3478 GetLastError());
3480 ok(ret, "CertVerifySubjectCertificateContext failed; %08x\n",
3481 GetLastError());
3482 ret = CertVerifySubjectCertificateContext(context1, context1, &flags);
3483 ok(ret, "CertVerifySubjectCertificateContext failed; %08x\n",
3484 GetLastError());
3485
3488 SetLastError(0xdeadbeef);
3489 ret = CertVerifySubjectCertificateContext(context1, context2, &flags);
3490 ok(ret, "CertVerifySubjectCertificateContext failed; %08x\n",
3491 GetLastError());
3493 ret = CertVerifySubjectCertificateContext(context1, context2, &flags);
3494 ok(ret, "CertVerifySubjectCertificateContext failed; %08x\n",
3495 GetLastError());
3497 "Expected CERT_STORE_REVOCATION_FLAG | CERT_STORE_NO_CRL_FLAG, got %08x\n",
3498 flags);
3500 ret = CertVerifySubjectCertificateContext(context1, context2, &flags);
3501 ok(ret, "CertVerifySubjectCertificateContext failed; %08x\n",
3502 GetLastError());
3504 "Expected CERT_STORE_SIGNATURE_FLAG, got %08x\n", flags);
3506
3508}
3509
35110x30,0x82,0x01,0xdf,0x30,0x82,0x01,0x4c,0xa0,0x03,0x02,0x01,0x02,0x02,0x10,
35120x5b,0xc7,0x0b,0x27,0x99,0xbb,0x2e,0x99,0x47,0x9d,0x45,0x4e,0x7c,0x1a,0xca,
35130xe8,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31,
35140x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31,
35150x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,
35160x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35,
35170x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,
35180x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,
35190x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89,
35200x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82,
35210x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34,
35220x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7,
35230x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91,
35240xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5,
35250x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd,
35260x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c,
35270xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35,
35280x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01,
35290x00,0x01,0xa3,0x42,0x30,0x40,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01,
35300xff,0x04,0x04,0x03,0x02,0x00,0x06,0x30,0x0f,0x06,0x03,0x55,0x1d,0x13,0x01,
35310x01,0xff,0x04,0x05,0x30,0x03,0x01,0x01,0xff,0x30,0x1d,0x06,0x03,0x55,0x1d,
35320x0e,0x04,0x16,0x04,0x14,0x14,0x8c,0x16,0xbb,0xbe,0x70,0xa2,0x28,0x89,0xa0,
35330x58,0xff,0x98,0xbd,0xa8,0x24,0x2b,0x8a,0xe9,0x9a,0x30,0x09,0x06,0x05,0x2b,
35340x0e,0x03,0x02,0x1d,0x05,0x00,0x03,0x81,0x81,0x00,0x74,0xcb,0x21,0xfd,0x2d,
35350x25,0xdc,0xa5,0xaa,0xa1,0x26,0xdc,0x8b,0x40,0x11,0x64,0xae,0x5c,0x71,0x3c,
35360x28,0xbc,0xf9,0xb3,0xcb,0xa5,0x94,0xb2,0x8d,0x4c,0x23,0x2b,0x9b,0xde,0x2c,
35370x4c,0x30,0x04,0xc6,0x88,0x10,0x2f,0x53,0xfd,0x6c,0x82,0xf1,0x13,0xfb,0xda,
35380x27,0x75,0x25,0x48,0xe4,0x72,0x09,0x2a,0xee,0xb4,0x1e,0xc9,0x55,0xf5,0xf7,
35390x82,0x91,0xd8,0x4b,0xe4,0x3a,0xfe,0x97,0x87,0xdf,0xfb,0x15,0x5a,0x12,0x3e,
35400x12,0xe6,0xad,0x40,0x0b,0xcf,0xee,0x1a,0x44,0xe0,0x83,0xb2,0x67,0x94,0xd4,
35410x2e,0x7c,0xf2,0x06,0x9d,0xb3,0x3b,0x7e,0x2f,0xda,0x25,0x66,0x7e,0xa7,0x1f,
35420x45,0xd4,0xf5,0xe3,0xdf,0x2a,0xf1,0x18,0x28,0x20,0xb5,0xf8,0xf5,0x8d,0x7a,
35430x2e,0x84,0xee };
3544static const BYTE eeCert[] = {
35450x30,0x82,0x01,0xb9,0x30,0x82,0x01,0x22,0xa0,0x03,0x02,0x01,0x02,0x02,0x01,
35460x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,
35470x00,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,
35480x65,0x72,0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x35,0x30,0x31,0x30,
35490x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x30,0x30,0x31,0x30,
35500x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,
35510x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9f,0x30,0x0d,0x06,
35520x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,
35530x00,0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5,
35540x33,0x0e,0x67,0x5f,0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6,
35550xdc,0xb6,0x17,0x8e,0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7,
35560x48,0x9f,0x6e,0xfe,0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b,
35570x47,0xd1,0x57,0x71,0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b,
35580x05,0x72,0xa7,0x87,0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc,
35590x6a,0x80,0x83,0x68,0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85,
35600x85,0xb5,0x46,0x36,0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2,
35610xd3,0x51,0x9a,0x22,0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72,
35620xa3,0x02,0x03,0x01,0x00,0x01,0xa3,0x23,0x30,0x21,0x30,0x1f,0x06,0x03,0x55,
35630x1d,0x23,0x04,0x18,0x30,0x18,0x80,0x14,0x14,0x8c,0x16,0xbb,0xbe,0x70,0xa2,
35640x28,0x89,0xa0,0x58,0xff,0x98,0xbd,0xa8,0x24,0x2b,0x8a,0xe9,0x9a,0x30,0x0d,
35650x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x81,
35660x81,0x00,0x8a,0x49,0xa9,0x86,0x5e,0xc9,0x33,0x7e,0xfd,0xab,0x64,0x1f,0x6d,
35670x00,0xd7,0x9b,0xec,0xd1,0x5b,0x38,0xcc,0xd6,0xf3,0xf2,0xb4,0x75,0x70,0x00,
35680x82,0x9d,0x37,0x58,0xe1,0xcd,0x2c,0x61,0xb3,0x28,0xe7,0x8a,0x00,0xbe,0x6e,
35690xca,0xe8,0x55,0xd5,0xad,0x3a,0xea,0xaf,0x13,0x20,0x1c,0x44,0xfc,0xb4,0xf9,
35700x29,0x2b,0xdc,0x8a,0x2d,0x1b,0x27,0x9e,0xb9,0x3b,0x4a,0x71,0x9d,0x47,0x7d,
35710xf7,0x92,0x6b,0x21,0x7f,0xfa,0x88,0x79,0x94,0x33,0xf6,0xdd,0x92,0x04,0x92,
35720xd6,0x5e,0x0a,0x74,0xf2,0x85,0xa6,0xd5,0x3c,0x28,0xc0,0x89,0x5d,0xda,0xf3,
35730xa6,0x01,0xc2,0xe9,0xa3,0xc1,0xb7,0x21,0x08,0xba,0x18,0x07,0x45,0xeb,0x77,
35740x7d,0xcd,0xc6,0xe7,0x2a,0x7b,0x46,0xd2,0x3d,0xb5 };
3575static const BYTE rootSignedCRL[] = {
35760x30,0x82,0x01,0x1f,0x30,0x81,0x89,0x02,0x01,0x01,0x30,0x0d,0x06,0x09,0x2a,
35770x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x30,0x10,0x31,0x0e,0x30,
35780x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31,0x17,0x0d,
35790x30,0x37,0x30,0x39,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,
35800x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35,0x39,0x5a,0x30,0x14,
35810x30,0x12,0x02,0x01,0x01,0x17,0x0d,0x30,0x37,0x30,0x39,0x30,0x31,0x30,0x30,
35820x30,0x30,0x30,0x30,0x5a,0xa0,0x2f,0x30,0x2d,0x30,0x0a,0x06,0x03,0x55,0x1d,
35830x14,0x04,0x03,0x02,0x01,0x01,0x30,0x1f,0x06,0x03,0x55,0x1d,0x23,0x04,0x18,
35840x30,0x18,0x80,0x14,0x14,0x8c,0x16,0xbb,0xbe,0x70,0xa2,0x28,0x89,0xa0,0x58,
35850xff,0x98,0xbd,0xa8,0x24,0x2b,0x8a,0xe9,0x9a,0x30,0x0d,0x06,0x09,0x2a,0x86,
35860x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x81,0x81,0x00,0xa3,0xcf,
35870x17,0x5d,0x7a,0x08,0xab,0x11,0x1a,0xbd,0x5c,0xde,0x9a,0x22,0x92,0x38,0xe6,
35880x96,0xcc,0xb1,0xc5,0x42,0x86,0xa6,0xae,0xad,0xa3,0x1a,0x2b,0xa0,0xb0,0x65,
35890xaa,0x9c,0xd7,0x2d,0x44,0x8c,0xae,0x61,0xc7,0x30,0x17,0x89,0x84,0x3b,0x4a,
35900x8f,0x17,0x08,0x06,0x37,0x1c,0xf7,0x2d,0x4e,0x47,0x07,0x61,0x50,0xd9,0x06,
35910xd1,0x46,0xed,0x0a,0xbb,0xc3,0x9b,0x36,0x0b,0xa7,0x27,0x2f,0x2b,0x55,0xce,
35920x2a,0xa5,0x60,0xc6,0x53,0x28,0xe8,0xee,0xad,0x0e,0x2b,0xe8,0xd7,0x5f,0xc9,
35930xa5,0xed,0xf9,0x77,0xb0,0x3c,0x81,0xcf,0xcc,0x49,0xb2,0x1a,0xc3,0xfd,0x34,
35940xd5,0xbc,0xb0,0xd5,0xa5,0x9c,0x1b,0x72,0xc3,0x0f,0xa3,0xe3,0x3c,0xf0,0xc3,
35950x91,0xe8,0x93,0x4f,0xd4,0x2f };
3596
3597static void testVerifyRevocation(void)
3598{
3599 BOOL ret;
3601 PCCERT_CONTEXT certs[2];
3602 CERT_REVOCATION_PARA revPara = { sizeof(revPara), 0 };
3603
3604 /* Crash
3605 ret = CertVerifyRevocation(0, 0, 0, NULL, 0, NULL, NULL);
3606 */
3607 SetLastError(0xdeadbeef);
3608 ret = CertVerifyRevocation(0, 0, 0, NULL, 0, NULL, &status);
3610 "Expected E_INVALIDARG, got %08x\n", GetLastError());
3611 status.cbSize = sizeof(status);
3612 ret = CertVerifyRevocation(0, 0, 0, NULL, 0, NULL, &status);
3613 ok(ret, "CertVerifyRevocation failed: %08x\n", GetLastError());
3614 ret = CertVerifyRevocation(0, 2, 0, NULL, 0, NULL, &status);
3615 ok(ret, "CertVerifyRevocation failed: %08x\n", GetLastError());
3616 ret = CertVerifyRevocation(2, 0, 0, NULL, 0, NULL, &status);
3617 ok(ret, "CertVerifyRevocation failed: %08x\n", GetLastError());
3619 sizeof(bigCert));
3620 SetLastError(0xdeadbeef);
3621 ret = CertVerifyRevocation(0, 0, 1, (void **)certs, 0, NULL, &status);
3623 "Expected CRYPT_E_NO_REVOCATION_DLL, got %08x\n", GetLastError());
3624 SetLastError(0xdeadbeef);
3625 ret = CertVerifyRevocation(0, 2, 1, (void **)certs, 0, NULL, &status);
3627 "Expected CRYPT_E_NO_REVOCATION_DLL, got %08x\n", GetLastError());
3628
3630
3634 eeCert, sizeof(eeCert));
3635 /* The root cert itself can't be checked for revocation */
3636 SetLastError(0xdeadbeef);
3638 1, (void **)certs, 0, NULL, &status);
3640 {
3641 win_skip("CERT_CONTEXT_REVOCATION_TYPE unsupported, skipping\n");
3642 return;
3643 }
3645 "expected CRYPT_E_NO_REVOCATION_CHECK, got %08x\n", GetLastError());
3647 "expected CRYPT_E_NO_REVOCATION_CHECK, got %08x\n", status.dwError);
3648 ok(status.dwIndex == 0, "expected index 0, got %d\n", status.dwIndex);
3649 /* Neither can the end cert */
3650 SetLastError(0xdeadbeef);
3652 1, (void **)&certs[1], 0, NULL, &status);
3653 ok(!ret && (GetLastError() == CRYPT_E_NO_REVOCATION_CHECK /* Win9x */ ||
3655 "expected CRYPT_E_NO_REVOCATION_CHECK or CRYPT_E_REVOCATION_OFFLINE, got %08x\n",
3656 GetLastError());
3657 ok(status.dwError == CRYPT_E_NO_REVOCATION_CHECK /* Win9x */ ||
3659 "expected CRYPT_E_NO_REVOCATION_CHECK or CRYPT_E_REVOCATION_OFFLINE, got %08x\n",
3660 status.dwError);
3661 ok(status.dwIndex == 0, "expected index 0, got %d\n", status.dwIndex);
3662 /* Both certs together can't, either (they're not CRLs) */
3663 SetLastError(0xdeadbeef);
3665 2, (void **)certs, 0, NULL, &status);
3667 GetLastError() == CRYPT_E_REVOCATION_OFFLINE /* WinME */),
3668 "expected CRYPT_E_NO_REVOCATION_CHECK or CRYPT_E_REVOCATION_OFFLINE, got %08x\n",
3669 GetLastError());
3671 status.dwError == CRYPT_E_REVOCATION_OFFLINE /* WinME */,
3672 "expected CRYPT_E_NO_REVOCATION_CHECK or CRYPT_E_REVOCATION_OFFLINE, got %08x\n",
3673 status.dwError);
3674 ok(status.dwIndex == 0, "expected index 0, got %d\n", status.dwIndex);
3675 /* Now add a CRL to the hCrlStore */
3680 SetLastError(0xdeadbeef);
3682 2, (void **)certs, 0, &revPara, &status);
3684 GetLastError() == CRYPT_E_REVOCATION_OFFLINE /* WinME */),
3685 "expected CRYPT_E_NO_REVOCATION_CHECK or CRYPT_E_REVOCATION_OFFLINE, got %08x\n",
3686 GetLastError());
3688 status.dwError == CRYPT_E_REVOCATION_OFFLINE /* WinME */,
3689 "expected CRYPT_E_NO_REVOCATION_CHECK or CRYPT_E_REVOCATION_OFFLINE, got %08x\n",
3690 status.dwError);
3691 ok(status.dwIndex == 0, "expected index 0, got %d\n", status.dwIndex);
3692 /* Specifying CERT_VERIFY_REV_CHAIN_FLAG doesn't change things either */
3693 SetLastError(0xdeadbeef);
3695 2, (void **)certs, CERT_VERIFY_REV_CHAIN_FLAG, &revPara, &status);
3697 "expected CRYPT_E_NO_REVOCATION_CHECK, got %08x\n", GetLastError());
3699 "expected CRYPT_E_NO_REVOCATION_CHECK, got %08x\n", status.dwError);
3700 ok(status.dwIndex == 0, "expected index 0, got %d\n", status.dwIndex);
3701 /* Again, specifying the issuer cert: no change */
3702 revPara.pIssuerCert = certs[0];
3703 SetLastError(0xdeadbeef);
3705 1, (void **)&certs[1], 0, &revPara, &status);
3706 /* Win2k thinks the cert is revoked, and it is, except the CRL is out of
3707 * date, hence the revocation status should be unknown.
3708 */
3710 broken(GetLastError() == CRYPT_E_REVOKED /* Win2k */)),
3711 "expected CRYPT_E_NO_REVOCATION_CHECK, got %08x\n", GetLastError());
3713 broken(status.dwError == CRYPT_E_REVOKED /* Win2k */),
3714 "expected CRYPT_E_NO_REVOCATION_CHECK, got %08x\n", status.dwError);
3715 ok(status.dwIndex == 0, "expected index 0, got %d\n", status.dwIndex);
3716 CertCloseStore(revPara.hCrlStore, 0);
3719}
3720
3721static BYTE privKey[] = {
3722 0x07, 0x02, 0x00, 0x00, 0x00, 0x24, 0x00, 0x00, 0x52, 0x53, 0x41, 0x32, 0x00,
3723 0x02, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x79, 0x10, 0x1c, 0xd0, 0x6b, 0x10,
3724 0x18, 0x30, 0x94, 0x61, 0xdc, 0x0e, 0xcb, 0x96, 0x4e, 0x21, 0x3f, 0x79, 0xcd,
3725 0xa9, 0x17, 0x62, 0xbc, 0xbb, 0x61, 0x4c, 0xe0, 0x75, 0x38, 0x6c, 0xf3, 0xde,
3726 0x60, 0x86, 0x03, 0x97, 0x65, 0xeb, 0x1e, 0x6b, 0xdb, 0x53, 0x85, 0xad, 0x68,
3727 0x21, 0xf1, 0x5d, 0xe7, 0x1f, 0xe6, 0x53, 0xb4, 0xbb, 0x59, 0x3e, 0x14, 0x27,
3728 0xb1, 0x83, 0xa7, 0x3a, 0x54, 0xe2, 0x8f, 0x65, 0x8e, 0x6a, 0x4a, 0xcf, 0x3b,
3729 0x1f, 0x65, 0xff, 0xfe, 0xf1, 0x31, 0x3a, 0x37, 0x7a, 0x8b, 0xcb, 0xc6, 0xd4,
3730 0x98, 0x50, 0x36, 0x67, 0xe4, 0xa1, 0xe8, 0x7e, 0x8a, 0xc5, 0x23, 0xf2, 0x77,
3731 0xf5, 0x37, 0x61, 0x49, 0x72, 0x59, 0xe8, 0x3d, 0xf7, 0x60, 0xb2, 0x77, 0xca,
3732 0x78, 0x54, 0x6d, 0x65, 0x9e, 0x03, 0x97, 0x1b, 0x61, 0xbd, 0x0c, 0xd8, 0x06,
3733 0x63, 0xe2, 0xc5, 0x48, 0xef, 0xb3, 0xe2, 0x6e, 0x98, 0x7d, 0xbd, 0x4e, 0x72,
3734 0x91, 0xdb, 0x31, 0x57, 0xe3, 0x65, 0x3a, 0x49, 0xca, 0xec, 0xd2, 0x02, 0x4e,
3735 0x22, 0x7e, 0x72, 0x8e, 0xf9, 0x79, 0x84, 0x82, 0xdf, 0x7b, 0x92, 0x2d, 0xaf,
3736 0xc9, 0xe4, 0x33, 0xef, 0x89, 0x5c, 0x66, 0x99, 0xd8, 0x80, 0x81, 0x47, 0x2b,
3737 0xb1, 0x66, 0x02, 0x84, 0x59, 0x7b, 0xc3, 0xbe, 0x98, 0x45, 0x4a, 0x3d, 0xdd,
3738 0xea, 0x2b, 0xdf, 0x4e, 0xb4, 0x24, 0x6b, 0xec, 0xe7, 0xd9, 0x0c, 0x45, 0xb8,
3739 0xbe, 0xca, 0x69, 0x37, 0x92, 0x4c, 0x38, 0x6b, 0x96, 0x6d, 0xcd, 0x86, 0x67,
3740 0x5c, 0xea, 0x54, 0x94, 0xa4, 0xca, 0xa4, 0x02, 0xa5, 0x21, 0x4d, 0xae, 0x40,
3741 0x8f, 0x9d, 0x51, 0x83, 0xf2, 0x3f, 0x33, 0xc1, 0x72, 0xb4, 0x1d, 0x94, 0x6e,
3742 0x7d, 0xe4, 0x27, 0x3f, 0xea, 0xff, 0xe5, 0x9b, 0xa7, 0x5e, 0x55, 0x8e, 0x0d,
3743 0x69, 0x1c, 0x7a, 0xff, 0x81, 0x9d, 0x53, 0x52, 0x97, 0x9a, 0x76, 0x79, 0xda,
3744 0x93, 0x32, 0x16, 0xec, 0x69, 0x51, 0x1a, 0x4e, 0xc3, 0xf1, 0x72, 0x80, 0x78,
3745 0x5e, 0x66, 0x4a, 0x8d, 0x85, 0x2f, 0x3f, 0xb2, 0xa7 };
3746
3747static const BYTE exportedPublicKeyBlob[] = {
37480x06,0x02,0x00,0x00,0x00,0xa4,0x00,0x00,0x52,0x53,0x41,0x31,0x00,0x02,0x00,0x00,
37490x01,0x00,0x01,0x00,0x79,0x10,0x1c,0xd0,0x6b,0x10,0x18,0x30,0x94,0x61,0xdc,0x0e,
37500xcb,0x96,0x4e,0x21,0x3f,0x79,0xcd,0xa9,0x17,0x62,0xbc,0xbb,0x61,0x4c,0xe0,0x75,
37510x38,0x6c,0xf3,0xde,0x60,0x86,0x03,0x97,0x65,0xeb,0x1e,0x6b,0xdb,0x53,0x85,0xad,
37520x68,0x21,0xf1,0x5d,0xe7,0x1f,0xe6,0x53,0xb4,0xbb,0x59,0x3e,0x14,0x27,0xb1,0x83,
37530xa7,0x3a,0x54,0xe2 };
3754
3755static const BYTE asnEncodedPublicKey[] = {
37560x30,0x48,0x02,0x41,0x00,0xe2,0x54,0x3a,0xa7,0x83,0xb1,0x27,0x14,0x3e,0x59,0xbb,
37570xb4,0x53,0xe6,0x1f,0xe7,0x5d,0xf1,0x21,0x68,0xad,0x85,0x53,0xdb,0x6b,0x1e,0xeb,
37580x65,0x97,0x03,0x86,0x60,0xde,0xf3,0x6c,0x38,0x75,0xe0,0x4c,0x61,0xbb,0xbc,0x62,
37590x17,0xa9,0xcd,0x79,0x3f,0x21,0x4e,0x96,0xcb,0x0e,0xdc,0x61,0x94,0x30,0x18,0x10,
37600x6b,0xd0,0x1c,0x10,0x79,0x02,0x03,0x01,0x00,0x01 };
3761
3763{
3764 BOOL ret;
3766 HCRYPTPROV csp;
3767 DWORD size, keySpec;
3768 BOOL callerFree;
3769 CRYPT_KEY_PROV_INFO keyProvInfo;
3770 HCRYPTKEY key;
3771 WCHAR ms_def_prov_w[MAX_PATH];
3772
3773 if (!pCryptAcquireCertificatePrivateKey)
3774 {
3775 win_skip("CryptAcquireCertificatePrivateKey() is not available\n");
3776 return;
3777 }
3778
3779 lstrcpyW(ms_def_prov_w, MS_DEF_PROV_W);
3780
3781 keyProvInfo.pwszContainerName = cspNameW;
3782 keyProvInfo.pwszProvName = ms_def_prov_w;
3783 keyProvInfo.dwProvType = PROV_RSA_FULL;
3784 keyProvInfo.dwFlags = 0;
3785 keyProvInfo.cProvParam = 0;
3786 keyProvInfo.rgProvParam = NULL;
3787 keyProvInfo.dwKeySpec = AT_SIGNATURE;
3788
3789 pCryptAcquireContextA(NULL, cspNameA, MS_DEF_PROV_A, PROV_RSA_FULL,
3791
3793 sizeof(selfSignedCert));
3794
3795 /* Crash
3796 ret = pCryptAcquireCertificatePrivateKey(NULL, 0, NULL, NULL, NULL, NULL);
3797 ret = pCryptAcquireCertificatePrivateKey(NULL, 0, NULL, NULL, NULL,
3798 &callerFree);
3799 ret = pCryptAcquireCertificatePrivateKey(NULL, 0, NULL, NULL, &keySpec,
3800 NULL);
3801 ret = pCryptAcquireCertificatePrivateKey(NULL, 0, NULL, &csp, NULL, NULL);
3802 ret = pCryptAcquireCertificatePrivateKey(NULL, 0, NULL, &csp, &keySpec,
3803 &callerFree);
3804 ret = pCryptAcquireCertificatePrivateKey(cert, 0, NULL, NULL, NULL, NULL);
3805 */
3806
3807 /* Missing private key */
3808 ret = pCryptAcquireCertificatePrivateKey(cert, 0, NULL, &csp, NULL, NULL);
3810 "Expected CRYPT_E_NO_KEY_PROPERTY, got %08x\n", GetLastError());
3811 ret = pCryptAcquireCertificatePrivateKey(cert, 0, NULL, &csp, &keySpec,
3812 &callerFree);
3814 "Expected CRYPT_E_NO_KEY_PROPERTY, got %08x\n", GetLastError());
3816 &keyProvInfo);
3817 ret = pCryptAcquireCertificatePrivateKey(cert, 0, NULL, &csp, &keySpec,
3818 &callerFree);
3820 "Expected CRYPT_E_NO_KEY_PROPERTY, got %08x\n", GetLastError());
3821
3822 pCryptAcquireContextA(&csp, cspNameA, MS_DEF_PROV_A, PROV_RSA_FULL,
3824 ret = CryptImportKey(csp, privKey, sizeof(privKey), 0, 0, &key);
3825 ok(ret, "CryptImportKey failed: %08x\n", GetLastError());
3826 if (ret)
3827 {
3828 HCRYPTPROV certCSP;
3829 DWORD size;
3830 CERT_KEY_CONTEXT keyContext;
3831
3832 /* Don't cache provider */
3833 ret = pCryptAcquireCertificatePrivateKey(cert, 0, NULL, &certCSP,
3834 &keySpec, &callerFree);
3835 ok(ret ||
3836 broken(!ret), /* win95 */
3837 "CryptAcquireCertificatePrivateKey failed: %08x\n",
3838 GetLastError());
3839 if (ret)
3840 {
3841 ok(callerFree, "Expected callerFree to be TRUE\n");
3842 CryptReleaseContext(certCSP, 0);
3843 }
3844
3845 ret = pCryptAcquireCertificatePrivateKey(cert, 0, NULL, &certCSP,
3846 NULL, NULL);
3847 ok(ret ||
3848 broken(!ret), /* win95 */
3849 "CryptAcquireCertificatePrivateKey failed: %08x\n",
3850 GetLastError());
3851 CryptReleaseContext(certCSP, 0);
3852
3853 /* Use the key prov info's caching (there shouldn't be any) */
3854 ret = pCryptAcquireCertificatePrivateKey(cert,
3855 CRYPT_ACQUIRE_USE_PROV_INFO_FLAG, NULL, &certCSP, &keySpec,
3856 &callerFree);
3857 ok(ret ||
3858 broken(!ret), /* win95 */
3859 "CryptAcquireCertificatePrivateKey failed: %08x\n",
3860 GetLastError());
3861 if (ret)
3862 {
3863 ok(callerFree, "Expected callerFree to be TRUE\n");
3864 CryptReleaseContext(certCSP, 0);
3865 }
3866
3867 /* Cache it (and check that it's cached) */
3868 ret = pCryptAcquireCertificatePrivateKey(cert,
3869 CRYPT_ACQUIRE_CACHE_FLAG, NULL, &certCSP, &keySpec, &callerFree);
3870 ok(ret ||
3871 broken(!ret), /* win95 */
3872 "CryptAcquireCertificatePrivateKey failed: %08x\n",
3873 GetLastError());
3874 ok(!callerFree, "Expected callerFree to be FALSE\n");
3875 size = sizeof(keyContext);
3877 &keyContext, &size);
3878 ok(ret ||
3879 broken(!ret), /* win95 */
3880 "CertGetCertificateContextProperty failed: %08x\n",
3881 GetLastError());
3882
3883 /* Remove the cached provider */
3884 CryptReleaseContext(keyContext.hCryptProv, 0);
3886 NULL);
3887 /* Allow caching via the key prov info */
3890 &keyProvInfo);
3891 /* Now use the key prov info's caching */
3892 ret = pCryptAcquireCertificatePrivateKey(cert,
3893 CRYPT_ACQUIRE_USE_PROV_INFO_FLAG, NULL, &certCSP, &keySpec,
3894 &callerFree);
3895 ok(ret ||
3896 broken(!ret), /* win95 */
3897 "CryptAcquireCertificatePrivateKey failed: %08x\n",
3898 GetLastError());
3899 ok(!callerFree, "Expected callerFree to be FALSE\n");
3900 size = sizeof(keyContext);
3902 &keyContext, &size);
3903 ok(ret ||
3904 broken(!ret), /* win95 */
3905 "CertGetCertificateContextProperty failed: %08x\n",
3906 GetLastError());
3907 CryptReleaseContext(certCSP, 0);
3908
3910 }
3911
3912 /* Some sanity-checking on public key exporting */
3914 &cert->pCertInfo->SubjectPublicKeyInfo, &key);
3915 ok(ret, "CryptImportPublicKeyInfo failed: %08x\n", GetLastError());
3916 if (ret)
3917 {
3919 ok(ret, "CryptExportKey failed: %08x\n", GetLastError());
3920 if (ret)
3921 {
3922 LPBYTE buf = HeapAlloc(GetProcessHeap(), 0, size), encodedKey;
3923
3925 ok(ret, "CryptExportKey failed: %08x\n", GetLastError());
3926 ok(size == sizeof(exportedPublicKeyBlob), "Unexpected size %d\n",
3927 size);
3928 ok(!memcmp(buf, exportedPublicKeyBlob, size), "Unexpected value\n");
3929 ret = pCryptEncodeObjectEx(X509_ASN_ENCODING, RSA_CSP_PUBLICKEYBLOB,
3930 buf, CRYPT_ENCODE_ALLOC_FLAG, NULL, &encodedKey, &size);
3931 ok(ret, "CryptEncodeObjectEx failed: %08x\n", GetLastError());
3932 if (ret)
3933 {
3934 ok(size == sizeof(asnEncodedPublicKey), "Unexpected size %d\n",
3935 size);
3936 ok(!memcmp(encodedKey, asnEncodedPublicKey, size),
3937 "Unexpected value\n");
3938 LocalFree(encodedKey);
3939 }
3941 }
3943 }
3945 NULL, 0, NULL, NULL, &size);
3946 ok(ret, "CryptExportPublicKeyInfoEx failed: %08x\n", GetLastError());
3947 if (ret)
3948 {
3950
3952 NULL, 0, NULL, info, &size);
3953 ok(ret, "CryptExportPublicKeyInfoEx failed: %08x\n", GetLastError());
3954 if (ret)
3955 {
3956 ok(info->PublicKey.cbData == sizeof(asnEncodedPublicKey),
3957 "Unexpected size %d\n", info->PublicKey.cbData);
3958 ok(!memcmp(info->PublicKey.pbData, asnEncodedPublicKey,
3959 info->PublicKey.cbData), "Unexpected value\n");
3960 }
3962 }
3963
3964 CryptReleaseContext(csp, 0);
3965 pCryptAcquireContextA(&csp, cspNameA, MS_DEF_PROV_A, PROV_RSA_FULL,
3967
3969}
3970
3971static void testGetPublicKeyLength(void)
3972{
3973 static char oid_rsa_rsa[] = szOID_RSA_RSA;
3974 static char oid_rsa_dh[] = szOID_RSA_DH;
3975 static char bogusOID[] = "1.2.3";
3976 DWORD ret;
3977 CERT_PUBLIC_KEY_INFO info = { { 0 } };
3978 BYTE bogusKey[] = { 1, 2, 3, 4, 5, 6, 7, 8 };
3979 BYTE key[] = { 0x30,0x0f,0x02,0x08,0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
3980 0x02,0x03,0x01,0x00,0x01 };
3981
3982 /* Crashes
3983 ret = CertGetPublicKeyLength(0, NULL);
3984 */
3985 /* With an empty public key info */
3986 SetLastError(0xdeadbeef);
3989 "Expected length 0 and ERROR_FILE_NOT_FOUND, got length %d, %08x\n",
3990 ret, GetLastError());
3991 SetLastError(0xdeadbeef);
3993 ok(ret == 0 &&
3995 GetLastError() == OSS_BAD_ARG), /* win9x */
3996 "Expected length 0 and CRYPT_E_ASN1_EOD, got length %d, %08x\n",
3997 ret, GetLastError());
3998 /* With a nearly-empty public key info */
3999 info.Algorithm.pszObjId = oid_rsa_rsa;
4000 SetLastError(0xdeadbeef);
4003 "Expected length 0 and ERROR_FILE_NOT_FOUND, got length %d, %08x\n",
4004 ret, GetLastError());
4005 SetLastError(0xdeadbeef);
4007 ok(ret == 0 &&
4009 GetLastError() == OSS_BAD_ARG), /* win9x */
4010 "Expected length 0 and CRYPT_E_ASN1_EOD, got length %d, %08x\n",
4011 ret, GetLastError());
4012 /* With a bogus key */
4013 info.PublicKey.cbData = sizeof(bogusKey);
4014 info.PublicKey.pbData = bogusKey;
4015 SetLastError(0xdeadbeef);
4018 "Expected length 0 and ERROR_FILE_NOT_FOUND, got length %d, %08x\n",
4019 ret, GetLastError());
4020 SetLastError(0xdeadbeef);
4022 ok(ret == 0 &&
4024 GetLastError() == OSS_PDU_MISMATCH), /* win9x */
4025 "Expected length 0 and CRYPT_E_ASN1_BADTAGTAG, got length %d, %08x\n",
4026 ret, GetLastError());
4027 /* With a believable RSA key but a bogus OID */
4028 info.Algorithm.pszObjId = bogusOID;
4029 info.PublicKey.cbData = sizeof(key);
4030 info.PublicKey.pbData = key;
4031 SetLastError(0xdeadbeef);
4034 "Expected length 0 and ERROR_FILE_NOT_FOUND, got length %d, %08x\n",
4035 ret, GetLastError());
4036 SetLastError(0xdeadbeef);
4038 ok(ret == 56 || broken(ret == 0 && GetLastError() == NTE_BAD_LEN) /* Win7 */,
4039 "Expected length 56, got %d\n", ret);
4040 /* An RSA key with the DH OID */
4041 info.Algorithm.pszObjId = oid_rsa_dh;
4042 SetLastError(0xdeadbeef);
4044 ok(ret == 0 &&
4046 GetLastError() == E_INVALIDARG), /* win9x */
4047 "Expected length 0 and CRYPT_E_ASN1_BADTAG, got length %d, %08x\n",
4048 ret, GetLastError());
4049 /* With the RSA OID */
4050 info.Algorithm.pszObjId = oid_rsa_rsa;
4051 SetLastError(0xdeadbeef);
4053 ok(ret == 56 || broken(ret == 0 && GetLastError() == NTE_BAD_LEN) /* Win7 */,
4054 "Expected length 56, got %d\n", ret);
4055 /* With the RSA OID and a message encoding */
4056 info.Algorithm.pszObjId = oid_rsa_rsa;
4057 SetLastError(0xdeadbeef);
4059 ok(ret == 56 || broken(ret == 0 && GetLastError() == NTE_BAD_LEN) /* Win7 */,
4060 "Expected length 56, got %d\n", ret);
4061}
4062
4064{
4066
4067 testAddCert();
4070 testDupCert();
4071 testFindCert();
4074 testLinkCert();
4075
4077 testCertSigs();
4081 testKeyUsage();
4094}
#define broken(x)
Definition: _sntprintf.h:21
int strcmp(const char *String1, const char *String2)
Definition: utclib.c:469
int memcmp(void *Buffer1, void *Buffer2, ACPI_SIZE Count)
Definition: utclib.c:112
ACPI_SIZE strlen(const char *String)
Definition: utclib.c:269
#define ok(value,...)
Definition: atltest.h:57
#define skip(...)
Definition: atltest.h:64
#define START_TEST(x)
Definition: atltest.h:75
#define ARRAY_SIZE(A)
Definition: main.h:33
BOOL WINAPI CertAddStoreToCollection(HCERTSTORE hCollectionStore, HCERTSTORE hSiblingStore, DWORD dwUpdateFlags, DWORD dwPriority)
const WCHAR * link
Definition: db.cpp:997
#define ERROR_MORE_DATA
Definition: dderror.h:13
#define E_INVALIDARG
Definition: ddrawi.h:101
#define NULL
Definition: types.h:112
#define TRUE
Definition: types.h:120
#define FALSE
Definition: types.h:117
BOOL WINAPI CryptExportKey(HCRYPTKEY hKey, HCRYPTKEY hExpKey, DWORD dwBlobType, DWORD dwFlags, BYTE *pbData, DWORD *pdwDataLen)
Definition: crypt.c:1416
BOOL WINAPI CryptCreateHash(HCRYPTPROV hProv, ALG_ID Algid, HCRYPTKEY hKey, DWORD dwFlags, HCRYPTHASH *phHash)
Definition: crypt.c:740
BOOL WINAPI CryptDestroyKey(HCRYPTKEY hKey)
Definition: crypt.c:930
BOOL WINAPI CryptDestroyHash(HCRYPTHASH hHash)
Definition: crypt.c:890
BOOL WINAPI CryptSignHashA(HCRYPTHASH hHash, DWORD dwKeySpec, LPCSTR sDescription, DWORD dwFlags, BYTE *pbSignature, DWORD *pdwSigLen)
Definition: crypt.c:1939
BOOL WINAPI CryptReleaseContext(HCRYPTPROV hProv, DWORD dwFlags)
Definition: crypt.c:648
BOOL WINAPI CryptHashData(HCRYPTHASH hHash, const BYTE *pbData, DWORD dwDataLen, DWORD dwFlags)
Definition: crypt.c:1771
BOOL WINAPI CryptAcquireContextA(HCRYPTPROV *phProv, LPCSTR pszContainer, LPCSTR pszProvider, DWORD dwProvType, DWORD dwFlags)
Definition: crypt.c:569
BOOL WINAPI CryptGenKey(HCRYPTPROV hProv, ALG_ID Algid, DWORD dwFlags, HCRYPTKEY *phKey)
Definition: crypt.c:1451
BOOL WINAPI CryptImportKey(HCRYPTPROV hProv, const BYTE *pbData, DWORD dwDataLen, HCRYPTKEY hPubKey, DWORD dwFlags, HCRYPTKEY *phKey)
Definition: crypt.c:1850
DWORD WINAPI CertGetPublicKeyLength(DWORD dwCertEncodingType, PCERT_PUBLIC_KEY_INFO pPublicKey)
Definition: cert.c:1305
BOOL WINAPI CertAddCertificateContextToStore(HCERTSTORE hCertStore, PCCERT_CONTEXT pCertContext, DWORD dwAddDisposition, PCCERT_CONTEXT *ppStoreContext)
Definition: cert.c:286
BOOL WINAPI CertFreeCertificateContext(PCCERT_CONTEXT pCertContext)
Definition: cert.c:371
PCCERT_CONTEXT WINAPI CertCreateCertificateContext(DWORD dwCertEncodingType, const BYTE *pbCertEncoded, DWORD cbCertEncoded)
Definition: cert.c:316
BOOL WINAPI CertCompareCertificateName(DWORD dwCertEncodingType, PCERT_NAME_BLOB pCertName1, PCERT_NAME_BLOB pCertName2)
Definition: cert.c:1180
PCCERT_CONTEXT WINAPI CertFindCertificateInStore(HCERTSTORE hCertStore, DWORD dwCertEncodingType, DWORD dwFlags, DWORD dwType, const void *pvPara, PCCERT_CONTEXT pPrevCertContext)
Definition: cert.c:1765
BOOL WINAPI CertRemoveEnhancedKeyUsageIdentifier(PCCERT_CONTEXT pCertContext, LPCSTR pszUsageIdentifier)
Definition: cert.c:3063
BOOL WINAPI CertVerifyRevocation(DWORD dwEncodingType, DWORD dwRevType, DWORD cContext, PVOID rgpvContext[], DWORD dwFlags, PCERT_REVOCATION_PARA pRevPara, PCERT_REVOCATION_STATUS pRevStatus)
Definition: cert.c:1934
PCCERT_CONTEXT WINAPI CertGetSubjectCertificateFromStore(HCERTSTORE hCertStore, DWORD dwCertEncodingType, PCERT_INFO pCertId)
Definition: cert.c:1831
BOOL WINAPI CertGetIntendedKeyUsage(DWORD dwCertEncodingType, PCERT_INFO pCertInfo, BYTE *pbKeyUsage, DWORD cbKeyUsage)
Definition: cert.c:2810
BOOL WINAPI CertSetEnhancedKeyUsage(PCCERT_CONTEXT pCertContext, PCERT_ENHKEY_USAGE pUsage)
Definition: cert.c:2952
BOOL WINAPI CryptAcquireCertificatePrivateKey(PCCERT_CONTEXT pCert, DWORD dwFlags, void *pvReserved, HCRYPTPROV_OR_NCRYPT_KEY_HANDLE *phCryptProv, DWORD *pdwKeySpec, BOOL *pfCallerFreeProv)
Definition: cert.c:881
BOOL WINAPI CertIsRDNAttrsInCertificateName(DWORD dwCertEncodingType, DWORD dwFlags, PCERT_NAME_BLOB pCertName, PCERT_RDN pRDN)
Definition: cert.c:2131
BOOL WINAPI CertAddCertificateLinkToStore(HCERTSTORE hCertStore, PCCERT_CONTEXT pCertContext, DWORD dwAddDisposition, PCCERT_CONTEXT *ppCertContext)
Definition: cert.c:296
BOOL WINAPI CertAddEnhancedKeyUsageIdentifier(PCCERT_CONTEXT pCertContext, LPCSTR pszUsageIdentifier)
Definition: cert.c:2978
BOOL WINAPI CryptVerifyCertificateSignatureEx(HCRYPTPROV_LEGACY hCryptProv, DWORD dwCertEncodingType, DWORD dwSubjectType, void *pvSubject, DWORD dwIssuerType, void *pvIssuer, DWORD dwFlags, void *pvReserved)
Definition: cert.c:2717
BOOL WINAPI CryptHashPublicKeyInfo(HCRYPTPROV_LEGACY hCryptProv, ALG_ID Algid, DWORD dwFlags, DWORD dwCertEncodingType, PCERT_PUBLIC_KEY_INFO pInfo, BYTE *pbComputedHash, DWORD *pcbComputedHash)
Definition: cert.c:2216
BOOL WINAPI CertCompareCertificate(DWORD dwCertEncodingType, PCERT_INFO pCertId1, PCERT_INFO pCertId2)
Definition: cert.c:1166
BOOL WINAPI CryptSignAndEncodeCertificate(HCRYPTPROV_OR_NCRYPT_KEY_HANDLE hCryptProv, DWORD dwKeySpec, DWORD dwCertEncodingType, LPCSTR lpszStructType, const void *pvStructInfo, PCRYPT_ALGORITHM_IDENTIFIER pSignatureAlgorithm, const void *pvHashAuxInfo, BYTE *pbEncoded, DWORD *pcbEncoded)
Definition: cert.c:2364
PCCERT_CONTEXT WINAPI CertGetIssuerCertificateFromStore(HCERTSTORE hCertStore, PCCERT_CONTEXT pSubjectContext, PCCERT_CONTEXT pPrevIssuerContext, DWORD *pdwFlags)
Definition: cert.c:1887
BOOL WINAPI CertAddEncodedCertificateToStore(HCERTSTORE hCertStore, DWORD dwCertEncodingType, const BYTE *pbCertEncoded, DWORD cbCertEncoded, DWORD dwAddDisposition, PCCERT_CONTEXT *ppCertContext)
Definition: cert.c:58
BOOL WINAPI CryptVerifyCertificateSignature(HCRYPTPROV_LEGACY hCryptProv, DWORD dwCertEncodingType, const BYTE *pbEncoded, DWORD cbEncoded, PCERT_PUBLIC_KEY_INFO pPublicKey)
Definition: cert.c:2427
PCCERT_CONTEXT WINAPI CertCreateSelfSignCertificate(HCRYPTPROV_OR_NCRYPT_KEY_HANDLE hProv, PCERT_NAME_BLOB pSubjectIssuerBlob, DWORD dwFlags, PCRYPT_KEY_PROV_INFO pKeyProvInfo, PCRYPT_ALGORITHM_IDENTIFIER pSignatureAlgorithm, PSYSTEMTIME pStartTime, PSYSTEMTIME pEndTime, PCERT_EXTENSIONS pExtensions)
Definition: cert.c:3552
BOOL WINAPI CryptSignCertificate(HCRYPTPROV_OR_NCRYPT_KEY_HANDLE hCryptProv, DWORD dwKeySpec, DWORD dwCertEncodingType, const BYTE *pbEncodedToBeSigned, DWORD cbEncodedToBeSigned, PCRYPT_ALGORITHM_IDENTIFIER pSignatureAlgorithm, const void *pvHashAuxInfo, BYTE *pbSignature, DWORD *pcbSignature)
Definition: cert.c:2305
BOOL WINAPI CertVerifySubjectCertificateContext(PCCERT_CONTEXT pSubject, PCCERT_CONTEXT pIssuer, DWORD *pdwFlags)
Definition: cert.c:1845
BOOL WINAPI CertSetCertificateContextProperty(PCCERT_CONTEXT pCertContext, DWORD dwPropId, DWORD dwFlags, const void *pvData)
Definition: cert.c:799
BOOL WINAPI CryptHashToBeSigned(HCRYPTPROV_LEGACY hCryptProv, DWORD dwCertEncodingType, const BYTE *pbEncoded, DWORD cbEncoded, BYTE *pbComputedHash, DWORD *pcbComputedHash)
Definition: cert.c:2260
BOOL WINAPI CertGetCertificateContextProperty(PCCERT_CONTEXT pCertContext, DWORD dwPropId, void *pvData, DWORD *pcbData)
Definition: cert.c:551
BOOL WINAPI CertComparePublicKeyInfo(DWORD dwCertEncodingType, PCERT_PUBLIC_KEY_INFO pPublicKey1, PCERT_PUBLIC_KEY_INFO pPublicKey2)
Definition: cert.c:1244
PCCERT_CONTEXT WINAPI CertDuplicateCertificateContext(PCCERT_CONTEXT pCertContext)
Definition: cert.c:360
DWORD WINAPI CertEnumCertificateContextProperties(PCCERT_CONTEXT pCertContext, DWORD dwPropId)
Definition: cert.c:380
BOOL WINAPI CryptHashCertificate(HCRYPTPROV_LEGACY hCryptProv, ALG_ID Algid, DWORD dwFlags, const BYTE *pbEncoded, DWORD cbEncoded, BYTE *pbComputedHash, DWORD *pcbComputedHash)
Definition: cert.c:2187
BOOL WINAPI CertGetValidUsages(DWORD cCerts, PCCERT_CONTEXT *rghCerts, int *cNumOIDs, LPSTR *rghOIDs, DWORD *pcbOIDs)
Definition: cert.c:3159
BOOL WINAPI CertCompareIntegerBlob(PCRYPT_INTEGER_BLOB pInt1, PCRYPT_INTEGER_BLOB pInt2)
Definition: cert.c:1221
BOOL WINAPI CertGetEnhancedKeyUsage(PCCERT_CONTEXT pCertContext, DWORD dwFlags, PCERT_ENHKEY_USAGE pUsage, DWORD *pcbUsage)
Definition: cert.c:2847
static const WCHAR rootW[]
Definition: chain.c:69
BOOL WINAPI CertAddEncodedCRLToStore(HCERTSTORE hCertStore, DWORD dwCertEncodingType, const BYTE *pbCrlEncoded, DWORD cbCrlEncoded, DWORD dwAddDisposition, PCCRL_CONTEXT *ppCrlContext)
Definition: crl.c:129
BOOL WINAPI CryptExportPublicKeyInfoEx(HCRYPTPROV_OR_NCRYPT_KEY_HANDLE hCryptProv, DWORD dwKeySpec, DWORD dwCertEncodingType, LPSTR pszPublicKeyObjId, DWORD dwFlags, void *pvAuxInfo, PCERT_PUBLIC_KEY_INFO pInfo, DWORD *pcbInfo)
Definition: encode.c:4934
BOOL WINAPI CryptEncodeObjectEx(DWORD dwCertEncodingType, LPCSTR lpszStructType, const void *pvStructInfo, DWORD dwFlags, PCRYPT_ENCODE_PARA pEncodePara, void *pvEncoded, DWORD *pcbEncoded)
Definition: encode.c:4696
BOOL WINAPI CryptImportPublicKeyInfo(HCRYPTPROV hCryptProv, DWORD dwCertEncodingType, PCERT_PUBLIC_KEY_INFO pInfo, HCRYPTKEY *phKey)
Definition: encode.c:4970
HCERTSTORE WINAPI CertOpenStore(LPCSTR lpszStoreProvider, DWORD dwMsgAndCertEncodingType, HCRYPTPROV_LEGACY hCryptProv, DWORD dwFlags, const void *pvPara)
Definition: store.c:815
PCCERT_CONTEXT WINAPI CertEnumCertificatesInStore(HCERTSTORE hCertStore, PCCERT_CONTEXT pPrev)
Definition: store.c:928
BOOL WINAPI CertCloseStore(HCERTSTORE hCertStore, DWORD dwFlags)
Definition: store.c:1127
BOOL WINAPI CertDeleteCertificateFromStore(PCCERT_CONTEXT pCertContext)
Definition: store.c:943
BOOL WINAPI CertStrToNameW(DWORD dwCertEncodingType, LPCWSTR pszX500, DWORD dwStrType, void *pvReserved, BYTE *pbEncoded, DWORD *pcbEncoded, LPCWSTR *ppszError)
Definition: str.c:1024
#define GetProcessHeap()
Definition: compat.h:736
#define ERROR_INVALID_PARAMETER
Definition: compat.h:101
#define SetLastError(x)
Definition: compat.h:752
#define HeapAlloc
Definition: compat.h:733
#define MAX_PATH
Definition: compat.h:34
#define HeapFree(x, y, z)
Definition: compat.h:735
#define lstrcpyW
Definition: compat.h:749
#define lstrlenW
Definition: compat.h:750
static const WCHAR *const ext[]
Definition: module.c:53
HMODULE WINAPI DECLSPEC_HOTPATCH GetModuleHandleA(LPCSTR lpModuleName)
Definition: loader.c:812
r parent
Definition: btrfs.c:3010
unsigned int BOOL
Definition: ntddk_ex.h:94
unsigned long DWORD
Definition: ntddk_ex.h:95
GLuint GLuint GLsizei count
Definition: gl.h:1545
GLint GLenum GLsizei GLsizei GLsizei GLint GLsizei const GLvoid * data
Definition: gl.h:1950
GLsizeiptr size
Definition: glext.h:5919
GLenum GLuint GLenum GLsizei const GLchar * buf
Definition: glext.h:7751
GLbitfield flags
Definition: glext.h:7161
GLuint GLint GLboolean GLint GLenum access
Definition: glext.h:7866
GLenum GLsizei len
Definition: glext.h:6722
GLuint GLsizei bufSize
Definition: glext.h:6040
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1594
int WINAPI lstrcmpW(LPCWSTR lpString1, LPCWSTR lpString2)
Definition: lstring.c:170
int WINAPI lstrcmpA(LPCSTR lpString1, LPCSTR lpString2)
Definition: lstring.c:18
#define ERROR_FILE_NOT_FOUND
Definition: disk.h:79
static void testComparePublicKeyInfo(void)
Definition: cert.c:3189
static BYTE serialNum[]
Definition: cert.c:66
static WCHAR cspNameW[]
Definition: cert.c:353
static void testCompareCertName(void)
Definition: cert.c:2961
static void testCryptHashCert(void)
Definition: cert.c:1752
static void checkHash(const BYTE *data, DWORD dataLen, ALG_ID algID, PCCERT_CONTEXT context, DWORD propID)
Definition: cert.c:325
static const BYTE cert2WithUsage[]
Definition: cert.c:2792
static void testCreateCert(void)
Definition: cert.c:635
static BYTE iTunesSerialNum[]
Definition: cert.c:1127
static void testVerifyRevocation(void)
Definition: cert.c:3597
static BYTE cnWithIntermediateSpace[]
Definition: cert.c:2947
static void testGetPublicKeyLength(void)
Definition: cert.c:3971
static BYTE subjectName[]
Definition: cert.c:63
static void testSignAndEncodeCert(void)
Definition: cert.c:2089
static BYTE privKey[]
Definition: cert.c:3721
static BYTE int1[]
Definition: cert.c:3154
static const BYTE selfSignedSignatureHash[]
Definition: cert.c:402
static const BYTE subjectKeyId[]
Definition: cert.c:376
static const BYTE bigCert[]
Definition: cert.c:67
static const BYTE chain10_1[]
Definition: cert.c:1503
static void testLinkCert(void)
Definition: cert.c:776
static void testCertProperties(void)
Definition: cert.c:405
static PCERT_NAME_BLOB
Definition: cert.c:32
static void testDupCert(void)
Definition: cert.c:679
static BYTE bigCertHash[]
Definition: cert.c:77
static const BYTE exportedPublicKeyBlob[]
Definition: cert.c:3747
static struct IntBlobTest intBlobs[]
static void testHashPublicKeyInfo(void)
Definition: cert.c:3322
#define GET_PROC(dll, func)
static const BYTE rootSignedCRL[]
Definition: cert.c:3575
static void init_function_pointers(void)
Definition: cert.c:42
static const BYTE childOfExpired[]
Definition: cert.c:1452
static PCERT_EXTENSIONS
Definition: cert.c:32
static void testAcquireCertPrivateKey(void)
Definition: cert.c:3762
static BYTE subjectName3[]
Definition: cert.c:802
static void testVerifyCertSigEx(HCRYPTPROV csp, const CRYPT_DATA_BLOB *toBeSigned, LPCSTR sigOID, const BYTE *sig, DWORD sigLen)
Definition: cert.c:1948
static const BYTE chain10_0[]
Definition: cert.c:1474
static PSYSTEMTIME
Definition: cert.c:32
static void testHashToBeSigned(void)
Definition: cert.c:3366
static const BYTE chain7_1[]
Definition: cert.c:1532
static void testIntendedKeyUsage(void)
Definition: cert.c:2459
static PCRYPT_KEY_PROV_INFO
Definition: cert.c:32
static void testGetIssuerCert(void)
Definition: cert.c:1562
static const BYTE asnEncodedPublicKey[]
Definition: cert.c:3755
static void testCompareIntegerBlob(void)
Definition: cert.c:3175
static const BYTE rootWithKeySignAndCRLSign[]
Definition: cert.c:3510
static void testCompareCert(void)
Definition: cert.c:3422
static const LPCSTR keyUsages[]
Definition: cert.c:2508
static void testKeyUsage(void)
Definition: cert.c:2511
static const BYTE iTunesCert2[]
Definition: cert.c:941
static void verifySig(HCRYPTPROV csp, const BYTE *toSign, size_t toSignLen, const BYTE *sig, unsigned int sigLen)
Definition: cert.c:1787
static const BYTE v1CertWithPubKey[]
Definition: cert.c:354
static const BYTE bigCertWithDifferentSubject[]
Definition: cert.c:80
static const BYTE expiredCert[]
Definition: cert.c:1425
static void testIsRDNAttrsInCertificateName(void)
Definition: cert.c:3031
static PCCERT_CONTEXT int LPSTR DWORD *static void HCRYPTPROV_OR_NCRYPT_KEY_HANDLE DWORD BOOL *static const void PCRYPT_ENCODE_PARA
Definition: cert.c:35
static BYTE int7[]
Definition: cert.c:3160
static void testCreateSelfSignCert(void)
Definition: cert.c:2175
static const BYTE iTunesCert3[]
Definition: cert.c:1024
static const BYTE md5SignedEmptyCertHash[]
Definition: cert.c:3363
static void testCertSigs(void)
Definition: cert.c:2049
static const BYTE v1CertWithSubjectKeyId[]
Definition: cert.c:366
static const BYTE bigCertWithDifferentIssuer[]
Definition: cert.c:91
static BYTE cn[]
Definition: cert.c:2938
static const BYTE bigCert2WithDifferentSerial[]
Definition: cert.c:116
static const BYTE md5SignedEmptyCert[]
Definition: cert.c:2074
static BYTE int3[]
Definition: cert.c:3156
static void testAddCert(void)
Definition: cert.c:143
static void testVerifyCertSig(HCRYPTPROV csp, const CRYPT_DATA_BLOB *toBeSigned, LPCSTR sigOID, const BYTE *sig, DWORD sigLen)
Definition: cert.c:1881
static BYTE emptyCert[]
Definition: cert.c:2047
static PCRYPT_ALGORITHM_IDENTIFIER
Definition: cert.c:32
static BYTE iTunesIssuer[]
Definition: cert.c:1110
static void testGetSubjectCert(void)
Definition: cert.c:1362
static BYTE int6[]
Definition: cert.c:3159
static BYTE cnThenO[]
Definition: cert.c:2950
static const BYTE iTunesCert0[]
Definition: cert.c:805
static const BYTE iTunesCert1[]
Definition: cert.c:871
static void testGetValidUsages(void)
Definition: cert.c:2804
static BYTE subjectName2[]
Definition: cert.c:103
static void testFindCert(void)
Definition: cert.c:1131
static const BYTE eeCert[]
Definition: cert.c:3544
static BYTE oThenCN[]
Definition: cert.c:2955
static BYTE bigCert2Hash[]
Definition: cert.c:127
static BYTE int5[]
Definition: cert.c:3158
static const CHAR cspNameA[]
Definition: cert.c:352
static const BYTE md5SignedEmptyCertNoNull[]
Definition: cert.c:2081
static void testSignCert(HCRYPTPROV csp, const CRYPT_DATA_BLOB *toBeSigned, LPCSTR sigOID, BYTE *sig, DWORD *sigLen)
Definition: cert.c:1819
static BYTE cnWithTrailingSpace[]
Definition: cert.c:2944
static BYTE cnWithLeadingSpace[]
Definition: cert.c:2941
static void testVerifySubjectCert(void)
Definition: cert.c:3455
static const BYTE bigCert2[]
Definition: cert.c:106
static const BYTE selfSignedCert[]
Definition: cert.c:378
static const BYTE certWithUsage[]
Definition: cert.c:130
static BYTE int4[]
Definition: cert.c:3157
static BYTE int2[]
Definition: cert.c:3155
static const BYTE cert2[]
Definition: message.c:844
static const BYTE cert1[]
Definition: message.c:828
static BYTE cert[]
Definition: msg.c:1437
static char oid_rsa_md5[]
Definition: msg.c:34
static ICollection collection
Definition: typelib.c:184
static HWND child
Definition: cursoricon.c:298
#define BOOL
Definition: nt_native.h:43
#define DWORD
Definition: nt_native.h:44
#define STATUS_ACCESS_VIOLATION
Definition: ntstatus.h:242
#define win_skip
Definition: test.h:160
#define memset(x, y, z)
Definition: compat.h:39
BOOL areEqual
Definition: cert.c:3166
CRYPT_INTEGER_BLOB blob1
Definition: cert.c:3164
CRYPT_INTEGER_BLOB blob2
Definition: cert.c:3165
HCERTSTORE hCertStore
Definition: wincrypt.h:483
PCERT_INFO pCertInfo
Definition: wincrypt.h:482
BYTE * pbCertEncoded
Definition: wincrypt.h:480
DWORD cbCertEncoded
Definition: wincrypt.h:481
CERT_NAME_BLOB Subject
Definition: wincrypt.h:247
CERT_NAME_BLOB Issuer
Definition: wincrypt.h:244
CRYPT_INTEGER_BLOB SerialNumber
Definition: wincrypt.h:242
HCRYPTPROV hCryptProv
Definition: wincrypt.h:220
CRYPT_BIT_BLOB PublicKey
Definition: wincrypt.h:226
CRYPT_ALGORITHM_IDENTIFIER Algorithm
Definition: wincrypt.h:225
DWORD cRDNAttr
Definition: wincrypt.h:262
PCERT_RDN_ATTR rgRDNAttr
Definition: wincrypt.h:263
HCERTSTORE hCrlStore
Definition: wincrypt.h:807
PCCERT_CONTEXT pIssuerCert
Definition: wincrypt.h:804
BYTE * pbData
Definition: wincrypt.h:103
DWORD cUnusedBits
Definition: wincrypt.h:198
BYTE * pbData
Definition: wincrypt.h:197
LPWSTR pwszContainerName
Definition: wincrypt.h:209
PCRYPT_KEY_PROV_PARAM rgProvParam
Definition: wincrypt.h:214
DWORD cUsageIdentifier
Definition: wincrypt.h:719
LPSTR * rgpszUsageIdentifier
Definition: wincrypt.h:720
Definition: cookie.c:202
Definition: image.c:134
Definition: http.c:7252
Definition: _hash_fun.h:40
Definition: copy.c:22
Definition: name.c:39
Definition: ps.c:97
unsigned char * LPBYTE
Definition: typedefs.h:53
static const WCHAR lang[]
Definition: wbemdisp.c:287
int ret
DWORD WINAPI GetLastError(void)
Definition: except.c:1042
#define szOID_RSA_DH
Definition: wincrypt.h:3027
ULONG_PTR HCRYPTPROV_OR_NCRYPT_KEY_HANDLE
Definition: wincrypt.h:47
#define MS_DEF_PROV_A
Definition: wincrypt.h:1860
#define CRYPT_VERIFY_CERT_SIGN_ISSUER_NULL
Definition: wincrypt.h:3476
#define CERT_MD5_HASH_PROP_ID
Definition: wincrypt.h:2689
#define CRYPT_NEWKEYSET
Definition: wincrypt.h:2070
#define CERT_RDN_IA5_STRING
Definition: wincrypt.h:2784
#define PROV_RSA_FULL
Definition: wincrypt.h:2039
#define CALG_SHA1
Definition: wincrypt.h:1807
#define CERT_KEY_CONTEXT_PROP_ID
Definition: wincrypt.h:2690
#define CERT_KEY_IDENTIFIER_PROP_ID
Definition: wincrypt.h:2706
#define X509_CERT_TO_BE_SIGNED
Definition: wincrypt.h:3366
#define CERT_STORE_PROV_COLLECTION
Definition: wincrypt.h:2261
#define CERT_STORE_REVOCATION_FLAG
Definition: wincrypt.h:3460
#define CERT_RDN_PRINTABLE_STRING
Definition: wincrypt.h:2780
#define CERT_STORE_ADD_REPLACE_EXISTING
Definition: wincrypt.h:2484
#define szOID_RSA_MD5RSA
Definition: wincrypt.h:3021
#define CERT_X500_NAME_STR
Definition: wincrypt.h:3486
ULONG_PTR HCRYPTPROV
Definition: wincrypt.h:46
#define CERT_ARCHIVED_PROP_ID
Definition: wincrypt.h:2705
#define CERT_FIND_SUBJECT_CERT
Definition: wincrypt.h:2901
#define X509_CERT
Definition: wincrypt.h:3365
#define CERT_KEY_PROV_INFO_PROP_ID
Definition: wincrypt.h:2686
#define CALG_MD5
Definition: wincrypt.h:1805
#define CERT_SET_KEY_CONTEXT_PROP_ID
Definition: wincrypt.h:3595
#define CERT_STORE_CREATE_NEW_FLAG
Definition: wincrypt.h:2464
ULONG_PTR HCRYPTHASH
Definition: wincrypt.h:50
#define CERT_STORE_PROV_SYSTEM
Definition: wincrypt.h:2260
#define szOID_PKIX_KP_CLIENT_AUTH
Definition: wincrypt.h:3295
#define CERT_FIND_EXT_ONLY_ENHKEY_USAGE_FLAG
Definition: wincrypt.h:2916
#define CERT_CASE_INSENSITIVE_IS_RDN_ATTRS_FLAG
Definition: wincrypt.h:2807
struct _CTL_USAGE CERT_ENHKEY_USAGE
#define CRYPT_VERIFY_CERT_SIGN_ISSUER_PUBKEY
Definition: wincrypt.h:3473
#define szOID_PKIX_KP_CODE_SIGNING
Definition: wincrypt.h:3296
#define CRYPT_DELETEKEYSET
Definition: wincrypt.h:2071
#define szOID_KEY_USAGE
Definition: wincrypt.h:3185
#define AT_KEYEXCHANGE
Definition: wincrypt.h:2035
#define X509_ASN_ENCODING
Definition: wincrypt.h:2297
#define PUBLICKEYBLOB
Definition: wincrypt.h:2240
#define CERT_FIND_PROP_ONLY_ENHKEY_USAGE_FLAG
Definition: wincrypt.h:2918
#define CERT_STORE_PROV_MEMORY
Definition: wincrypt.h:2251
static const WCHAR MS_DEF_PROV_W[]
Definition: wincrypt.h:1868
#define CERT_STORE_NO_ISSUER_FLAG
Definition: wincrypt.h:3462
#define CERT_STORE_NO_CRL_FLAG
Definition: wincrypt.h:3461
#define CERT_ACCESS_STATE_PROP_ID
Definition: wincrypt.h:2700
#define RSA_CSP_PUBLICKEYBLOB
Definition: wincrypt.h:3384
#define szOID_RSA_MD5
Definition: wincrypt.h:3053
struct _CERT_KEY_CONTEXT CERT_KEY_CONTEXT
const CERT_CONTEXT * PCCERT_CONTEXT
Definition: wincrypt.h:485
#define CERT_STORE_SIGNATURE_FLAG
Definition: wincrypt.h:3458
#define CERT_STORE_ADD_USE_EXISTING
Definition: wincrypt.h:2483
#define CERT_ACCESS_STATE_WRITE_PERSIST_FLAG
Definition: wincrypt.h:2766
#define CERT_STORE_ADD_NEW
Definition: wincrypt.h:2482
#define szOID_X957_DSA
Definition: wincrypt.h:3061
#define CERT_HASH_PROP_ID
Definition: wincrypt.h:2688
struct _CTL_USAGE * PCERT_ENHKEY_USAGE
#define CERT_CONTEXT_REVOCATION_TYPE
Definition: wincrypt.h:818
#define CERT_STORE_ADD_ALWAYS
Definition: wincrypt.h:2485
#define CERT_FIND_SUBJECT_NAME
Definition: wincrypt.h:2878
#define CERT_FIND_SHA1_HASH
Definition: wincrypt.h:2865
#define CRYPT_ENCODE_ALLOC_FLAG
Definition: wincrypt.h:3441
#define szOID_RSA_SHA1RSA
Definition: wincrypt.h:3022
#define CERT_SIGNATURE_HASH_PROP_ID
Definition: wincrypt.h:2701
#define CERT_UNICODE_IS_RDN_ATTRS_FLAG
Definition: wincrypt.h:2806
#define CERT_SYSTEM_STORE_CURRENT_USER
Definition: wincrypt.h:2324
#define szOID_RSA_RSA
Definition: wincrypt.h:3015
#define szOID_COMMON_NAME
Definition: wincrypt.h:3134
#define CERT_FIND_ISSUER_STR
Definition: wincrypt.h:2895
#define PKCS_7_ASN_ENCODING
Definition: wincrypt.h:2299
#define AT_SIGNATURE
Definition: wincrypt.h:2036
#define CRYPT_VERIFY_CERT_SIGN_SUBJECT_BLOB
Definition: wincrypt.h:3468
#define CERT_FIND_ISSUER_NAME
Definition: wincrypt.h:2882
#define CERT_KEY_PROV_HANDLE_PROP_ID
Definition: wincrypt.h:2685
#define CERT_VERIFY_REV_CHAIN_FLAG
Definition: wincrypt.h:819
#define CERT_RDN_UNICODE_STRING
Definition: wincrypt.h:2792
ULONG_PTR HCRYPTKEY
Definition: wincrypt.h:49
#define CRYPT_ACQUIRE_USE_PROV_INFO_FLAG
Definition: wincrypt.h:3602
#define CERT_FIND_ISSUER_OF
Definition: wincrypt.h:2903
#define CRYPT_ACQUIRE_CACHE_FLAG
Definition: wincrypt.h:3601
#define szOID_ORGANIZATION_NAME
Definition: wincrypt.h:3141
unsigned int ALG_ID
Definition: wincrypt.h:45
#define WINAPI
Definition: msvc.h:6
#define CRYPT_E_REVOKED
Definition: winerror.h:3019
#define CRYPT_E_NO_MATCH
Definition: winerror.h:3012
#define CRYPT_E_NOT_FOUND
Definition: winerror.h:3007
#define NTE_BAD_ALGID
Definition: winerror.h:2876
#define CRYPT_E_NO_REVOCATION_DLL
Definition: winerror.h:3020
#define NTE_NO_KEY
Definition: winerror.h:2881
#define CRYPT_E_SELF_SIGNED
Definition: winerror.h:3010
#define E_ACCESSDENIED
Definition: winerror.h:2849
#define OSS_BAD_PTR
Definition: winerror.h:3048
#define OSS_PDU_MISMATCH
Definition: winerror.h:3046
#define CRYPT_E_ASN1_CORRUPT
Definition: winerror.h:3087
#define NTE_BAD_LEN
Definition: winerror.h:2872
#define CRYPT_E_NO_REVOCATION_CHECK
Definition: winerror.h:3021
#define CRYPT_E_NO_KEY_PROPERTY
Definition: winerror.h:3014
#define NTE_BAD_KEYSET
Definition: winerror.h:2890
#define CRYPT_E_REVOCATION_OFFLINE
Definition: winerror.h:3022
#define OSS_BAD_ARG
Definition: winerror.h:3043
#define CRYPT_E_EXISTS
Definition: winerror.h:3008
#define CRYPT_E_ASN1_EOD
Definition: winerror.h:3086
#define OSS_DATA_ERROR
Definition: winerror.h:3042
#define CRYPT_E_ASN1_BADTAG
Definition: winerror.h:3095
#define OSS_MORE_INPUT
Definition: winerror.h:3041
#define ERROR_INVALID_DATA
Definition: winerror.h:116
const char * LPCSTR
Definition: xmlstorage.h:183
char * LPSTR
Definition: xmlstorage.h:182
__wchar_t WCHAR
Definition: xmlstorage.h:180
WCHAR * LPWSTR
Definition: xmlstorage.h:184
char CHAR
Definition: xmlstorage.h:175
unsigned char BYTE
Definition: xxhash.c:193