[PATCH v2 1/2] bcrypt: Return STATUS_INVALID_PARAMETER on ECC magic mismatch.
From: Rémi Bernon <rbernon(a)codeweavers.com> Flight Simulator XAL authentication hits this condition because of buggy bcrypt private key export (see next patch). Signed-off-by: Rémi Bernon <rbernon(a)codeweavers.com> Signed-off-by: Hans Leidekker <hans(a)codeweavers.com> --- dlls/bcrypt/bcrypt_main.c | 4 ++-- dlls/bcrypt/tests/bcrypt.c | 12 ++++++++++++ 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c index b6bb73a715f..cd3b746e295 100644 --- a/dlls/bcrypt/bcrypt_main.c +++ b/dlls/bcrypt/bcrypt_main.c @@ -1171,7 +1171,7 @@ static NTSTATUS key_import_pair( struct algorithm *alg, const WCHAR *type, BCRYP return STATUS_NOT_SUPPORTED; } - if (ecc_blob->dwMagic != magic) return STATUS_NOT_SUPPORTED; + if (ecc_blob->dwMagic != magic) return STATUS_INVALID_PARAMETER; if (ecc_blob->cbKey != key_size || input_len < sizeof(*ecc_blob) + ecc_blob->cbKey * 2) return STATUS_INVALID_PARAMETER; @@ -1211,7 +1211,7 @@ static NTSTATUS key_import_pair( struct algorithm *alg, const WCHAR *type, BCRYP return STATUS_NOT_SUPPORTED; } - if (ecc_blob->dwMagic != magic) return STATUS_NOT_SUPPORTED; + if (ecc_blob->dwMagic != magic) return STATUS_INVALID_PARAMETER; if (ecc_blob->cbKey != key_size || input_len < sizeof(*ecc_blob) + ecc_blob->cbKey * 3) return STATUS_INVALID_PARAMETER; diff --git a/dlls/bcrypt/tests/bcrypt.c b/dlls/bcrypt/tests/bcrypt.c index e37a33e38a0..3e5d5cf17f8 100644 --- a/dlls/bcrypt/tests/bcrypt.c +++ b/dlls/bcrypt/tests/bcrypt.c @@ -1730,6 +1730,12 @@ static void test_ECDSA(void) status = pBCryptImportKeyPair(alg, NULL, BCRYPT_ECCPUBLIC_BLOB, &key, buffer, size, 0); ok(status == STATUS_INVALID_PARAMETER, "Expected STATUS_INVALID_PARAMETER, got %08x\n", status); + ecckey->dwMagic = BCRYPT_ECDH_PUBLIC_P256_MAGIC; + ecckey->cbKey = 32; + status = pBCryptImportKeyPair(alg, NULL, BCRYPT_ECCPUBLIC_BLOB, &key, buffer, size, 0); + ok(status == STATUS_INVALID_PARAMETER, "Expected STATUS_INVALID_PARAMETER, got %08x\n", status); + + ecckey->dwMagic = BCRYPT_ECDSA_PUBLIC_P256_MAGIC; ecckey->cbKey = 32; status = pBCryptImportKeyPair(alg, NULL, BCRYPT_ECCPUBLIC_BLOB, &key, buffer, size, 0); ok(!status, "BCryptImportKeyPair failed: %08x\n", status); @@ -1749,6 +1755,12 @@ static void test_ECDSA(void) status = pBCryptImportKeyPair(alg, NULL, BCRYPT_ECCPRIVATE_BLOB, &key, buffer, size, 0); ok(status == STATUS_INVALID_PARAMETER, "Expected STATUS_INVALID_PARAMETER, got %08x\n", status); + ecckey->dwMagic = BCRYPT_ECDH_PRIVATE_P256_MAGIC; + ecckey->cbKey = 32; + status = pBCryptImportKeyPair(alg, NULL, BCRYPT_ECCPRIVATE_BLOB, &key, buffer, size, 0); + ok(status == STATUS_INVALID_PARAMETER, "Expected STATUS_INVALID_PARAMETER, got %08x\n", status); + + ecckey->dwMagic = BCRYPT_ECDSA_PRIVATE_P256_MAGIC; ecckey->cbKey = 32; status = pBCryptImportKeyPair(alg, NULL, BCRYPT_ECCPRIVATE_BLOB, &key, buffer, size, 0); ok(!status, "BCryptImportKeyPair failed: %08x\n", status); -- 2.20.1
Hi, While running your changed tests, I think I found new failures. Being a bot and all I'm not very good at pattern recognition, so I might be wrong, but could you please double-check? Full results can be found at: https://testbot.winehq.org/JobDetails.pl?Key=77914 Your paranoid android. === debiant (32 bit Japanese:Japan report) === bcrypt: bcrypt.c:2291: Test failed: got c000a000
participants (2)
-
Hans Leidekker -
Marvin