Kai Blin : secur32: Initial working implementation of EncryptMessage and DecryptMessage. - wine-commits

21 Aug 2006

Module: wine
Branch: master
Commit: bfa596736665e71681ef46d7e0b6bd0afa840279
URL:    http://source.winehq.org/git/?p=wine.git;a=commit;h=bfa596736665e71681ef46d7...
Author: Kai Blin kai.blin@gmail.com
Date:   Sat Aug 19 20:02:16 2006 +0200
secur32: Initial working implementation of EncryptMessage and DecryptMessage.
---
dlls/secur32/ntlm.c       |   87 +++++++++++++++++++++++++++++++++++++++++++--
 dlls/secur32/tests/ntlm.c |    2 +
 2 files changed, 84 insertions(+), 5 deletions(-)

diff --git a/dlls/secur32/ntlm.c b/dlls/secur32/ntlm.c
index a1011da..ce8da6f 100644
--- a/dlls/secur32/ntlm.c
+++ b/dlls/secur32/ntlm.c
@@ -1360,12 +1360,66 @@ static SECURITY_STATUS SEC_ENTRY ntlm_Fr
 static SECURITY_STATUS SEC_ENTRY ntlm_EncryptMessage(PCtxtHandle phContext,
         ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
 {
-    TRACE("%p %ld %p %ld stub\n", phContext, fQOP, pMessage, MessageSeqNo);
+    PNegoHelper helper;
+    TRACE("(%p %ld %p %ld)\n", phContext, fQOP, pMessage, MessageSeqNo);
if(!phContext)
         return SEC_E_INVALID_HANDLE;
-    return SEC_E_UNSUPPORTED_FUNCTION;
+    if(fQOP)
+        FIXME("Ignoring fQOP\n");
+
+    if(MessageSeqNo)
+        FIXME("Ignoring MessageSeqNo\n");
+
+    if(!pMessage || !pMessage->pBuffers || pMessage->cBuffers < 2 ||
+            pMessage->pBuffers[0].BufferType != SECBUFFER_TOKEN ||
+            !pMessage->pBuffers[0].pvBuffer)
+        return SEC_E_INVALID_TOKEN;
+
+    if(pMessage->pBuffers[0].cbBuffer < 16)
+        return SEC_E_BUFFER_TOO_SMALL;
+
+    helper = (PNegoHelper) phContext->dwLower;
+
+    if(helper->neg_flags & NTLMSSP_NEGOTIATE_NTLM2)
+    {
+        FIXME("Can't handle NTLMv2 encryption yet, aborting\n");
+        return SEC_E_UNSUPPORTED_FUNCTION;
+    }
+    else
+    {
+        PBYTE sig = pMessage->pBuffers[0].pvBuffer;
+        ULONG crc = ComputeCrc32(pMessage->pBuffers[1].pvBuffer,
+                pMessage->pBuffers[1].cbBuffer);
+        ULONG sign_version = 1l;
+
+        sig[ 0] = (sign_version >>  0) & 0xff;
+        sig[ 1] = (sign_version >>  8) & 0xff;
+        sig[ 2] = (sign_version >> 16) & 0xff;
+        sig[ 3] = (sign_version >> 24) & 0xff;
+        memset(sig+4, 0, 4);
+        sig[ 8] = (crc >>  0) & 0xff;
+        sig[ 9] = (crc >>  8) & 0xff;
+        sig[10] = (crc >> 16) & 0xff;
+        sig[11] = (crc >> 24) & 0xff;
+        sig[12] = (helper->crypt.ntlm.seq_num >>  0) & 0xff;
+        sig[13] = (helper->crypt.ntlm.seq_num >>  8) & 0xff;
+        sig[14] = (helper->crypt.ntlm.seq_num >> 16) & 0xff;
+        sig[15] = (helper->crypt.ntlm.seq_num >> 24) & 0xff;
+
+        SECUR32_arc4Process(helper->crypt.ntlm.a4i, pMessage->pBuffers[1].pvBuffer,
+                pMessage->pBuffers[1].cbBuffer);
+        SECUR32_arc4Process(helper->crypt.ntlm.a4i, sig+4, 12);
+
+        if(helper->neg_flags & NTLMSSP_NEGOTIATE_ALWAYS_SIGN || helper->neg_flags == 0)
+            memset(sig+4, 0, 4);
+
+        ++(helper->crypt.ntlm.seq_num);
+
+    }
+
+    return SEC_E_OK;
 }
/***********************************************************************
@@ -1374,12 +1428,37 @@ static SECURITY_STATUS SEC_ENTRY ntlm_En
 static SECURITY_STATUS SEC_ENTRY ntlm_DecryptMessage(PCtxtHandle phContext,
         PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP)
 {
-    TRACE("%p %p %ld %p stub\n", phContext, pMessage, MessageSeqNo, pfQOP);
+    PNegoHelper helper;
+    TRACE("(%p %p %ld %p)\n", phContext, pMessage, MessageSeqNo, pfQOP);
if(!phContext)
         return SEC_E_INVALID_HANDLE;
-    return SEC_E_UNSUPPORTED_FUNCTION;
+    if(MessageSeqNo)
+        FIXME("Ignoring MessageSeqNo\n");
+
+    if(!pMessage || !pMessage->pBuffers || pMessage->cBuffers < 2 ||
+            pMessage->pBuffers[0].BufferType != SECBUFFER_TOKEN ||
+            !pMessage->pBuffers[0].pvBuffer)
+        return SEC_E_INVALID_TOKEN;
+
+    if(pMessage->pBuffers[0].cbBuffer < 16)
+        return SEC_E_BUFFER_TOO_SMALL;
+
+    helper = (PNegoHelper) phContext->dwLower;
+
+    if(helper->neg_flags & NTLMSSP_NEGOTIATE_NTLM2)
+    {
+        FIXME("Can't handle NTLMv2 encryption yet, aborting\n");
+        return SEC_E_UNSUPPORTED_FUNCTION;
+    }
+    else
+    {
+        SECUR32_arc4Process(helper->crypt.ntlm.a4i,
+                pMessage->pBuffers[1].pvBuffer, pMessage->pBuffers[1].cbBuffer);
+    }
+
+    return ntlm_VerifySignature(phContext, pMessage, MessageSeqNo, pfQOP);
 }
static SecurityFunctionTableA ntlmTableA = {
diff --git a/dlls/secur32/tests/ntlm.c b/dlls/secur32/tests/ntlm.c
index 240a01d..9128620 100644
--- a/dlls/secur32/tests/ntlm.c
+++ b/dlls/secur32/tests/ntlm.c
@@ -805,9 +805,9 @@ static void testSignSeal()
                 getSecError(sec_status));
sec_status = pEncryptMessage(client.ctxt, 0, crypt, 0);
-        todo_wine{
         ok(sec_status == SEC_E_OK, "EncryptMessage returned %s, not SEC_E_OK.\n",
                 getSecError(sec_status));
+        todo_wine{
         ok(!memcmp(crypt->pBuffers[0].pvBuffer, crypt_trailer_client,
                    crypt->pBuffers[0].cbBuffer), "Crypt trailer not as expected.\n");
         ok(!memcmp(crypt->pBuffers[1].pvBuffer, crypt_message_client,

    