From: Sven Püschel <Sven\u2007Pschel@akarisu.de>
Don't test the hashes to be equal before creating a signature. The correct hash generation is already tested in the test_hash function.
Also reordered the hash creation and destruction, so that one HCRYPTHASH variable is enough.
Furthermore removing this check caused the signature verification to fail. Testing on a Windows 10 machine reveals that this is a wine bug. Therefore marked the signature verification as todo_wine.
Signed-off-by: Sven Püschel <Sven Püschel@akarisu.de> --- dlls/dssenh/tests/dssenh.c | 93 +++++++++++++++----------------------- 1 file changed, 37 insertions(+), 56 deletions(-)
diff --git a/dlls/dssenh/tests/dssenh.c b/dlls/dssenh/tests/dssenh.c index 530bc6c6d60..2f9e491c0e0 100644 --- a/dlls/dssenh/tests/dssenh.c +++ b/dlls/dssenh/tests/dssenh.c @@ -856,13 +856,11 @@ static const struct signature_test dssSign_data[] = {
static void test_signhash(HCRYPTPROV hProv, const struct signature_test *test) { - HCRYPTHASH hHash1, hHash2; + HCRYPTHASH hHash; HCRYPTKEY privKey = 0, pubKey = 0; BYTE pubKeyBuffer[512]; BYTE signValue1[40], signValue2[40]; - BYTE hashValue1[40], hashValue2[40]; - DWORD hashLen1, hashLen2, pubKeyLen; - DWORD dataLen1, dataLen2; + DWORD pubKeyLen; BOOL result;
DWORD signLen1 = test->dataLen; @@ -873,55 +871,42 @@ static void test_signhash(HCRYPTPROV hProv, const struct signature_test *test) ok(result, "Failed to imported key, got %lx\n", GetLastError());
/* Create hash object and add data for signature 1 */ - result = CryptCreateHash(hProv, CALG_SHA, 0, 0, &hHash1); + result = CryptCreateHash(hProv, CALG_SHA, 0, 0, &hHash); ok(result, "Failed to create a hash, got %lx\n", GetLastError());
- result = CryptHashData(hHash1, test->signData, signLen1, 0); + result = CryptHashData(hHash, test->signData, signLen1, 0); ok(result, "Failed to add data to hash, got %lx\n", GetLastError());
- /* Create hash object and add data for signature 2 */ - result = CryptCreateHash(hProv, CALG_SHA, 0, 0, &hHash2); - ok(result, "Failed to create a hash, got %lx\n", GetLastError()); - - result = CryptHashData(hHash2, test->signData, signLen2, 0); - ok(result, "Failed to add data to hash, got %lx\n", GetLastError()); - - /* Acquire hash length and hash value */ - dataLen1 = sizeof(DWORD); - result = CryptGetHashParam(hHash1, HP_HASHSIZE, (BYTE *)&hashLen1, &dataLen1, 0); - ok(result, "Failed to get hash length, got %lx\n", GetLastError()); - - result = CryptGetHashParam(hHash1, HP_HASHVAL, hashValue1, &hashLen1, 0); - ok(result, "Failed to return hash value.\n"); - - dataLen2 = sizeof(DWORD); - result = CryptGetHashParam(hHash2, HP_HASHSIZE, (BYTE *)&hashLen2, &dataLen2, 0); - ok(result, "Failed to get hash length, got %lx\n", GetLastError()); - - result = CryptGetHashParam(hHash2, HP_HASHVAL, hashValue2, &hashLen2, 0); - ok(result, "Failed to return hash value.\n"); - - /* Compare hashes to ensure they are the same */ - ok(hashLen1 == hashLen2, "Hash lengths were not the same.\n"); - ok(!memcmp(hashValue1, hashValue2, hashLen2), "Hashes were not identical.\n"); - /* Sign hash 1 */ signLen1 = 0; - result = CryptSignHashA(hHash1, AT_SIGNATURE, NULL, 0, NULL, &signLen1); + result = CryptSignHashA(hHash, AT_SIGNATURE, NULL, 0, NULL, &signLen1); ok(result, "Failed to get signature length, got %lx\n", GetLastError()); ok(signLen1 == 40, "Expected a 40-byte signature, got %ld\n", signLen1);
- result = CryptSignHashA(hHash1, AT_SIGNATURE, NULL, 0, signValue1, &signLen1); + result = CryptSignHashA(hHash, AT_SIGNATURE, NULL, 0, signValue1, &signLen1); ok(result, "Failed to sign hash, got %lx\n", GetLastError());
+ result = CryptDestroyHash(hHash); + ok(result, "Failed to destroy hash, got %lx\n", GetLastError()); + + /* Create hash object and add data for signature 2 */ + result = CryptCreateHash(hProv, CALG_SHA, 0, 0, &hHash); + ok(result, "Failed to create a hash, got %lx\n", GetLastError()); + + result = CryptHashData(hHash, test->signData, signLen2, 0); + ok(result, "Failed to add data to hash, got %lx\n", GetLastError()); + /* Sign hash 2 */ signLen2 = 0; - result = CryptSignHashA(hHash2, AT_SIGNATURE, NULL, 0, NULL, &signLen2); + result = CryptSignHashA(hHash, AT_SIGNATURE, NULL, 0, NULL, &signLen2); ok(result, "Failed to get signature length, got %lx\n", GetLastError()); ok(signLen2 == 40, "Expected a 40-byte signature, got %ld\n", signLen2);
- result = CryptSignHashA(hHash2, AT_SIGNATURE, NULL, 0, signValue2, &signLen2); - ok(result, "Failed to sign hash2, got %lx\n", GetLastError()); + result = CryptSignHashA(hHash, AT_SIGNATURE, NULL, 0, signValue2, &signLen2); + ok(result, "Failed to sign hash, got %lx\n", GetLastError()); + + result = CryptDestroyHash(hHash); + ok(result, "Failed to destroy hash, got %lx\n", GetLastError());
/* Compare signatures to ensure they are both different, because every DSS signature should be different even if the input hash data is identical */ @@ -935,11 +920,6 @@ static void test_signhash(HCRYPTPROV hProv, const struct signature_test *test) result = CryptExportKey(privKey, 0, PUBLICKEYBLOB, 0, pubKeyBuffer, &pubKeyLen); ok(result, "Failed to export public key, got %lx\n", GetLastError());
- result = CryptDestroyHash(hHash1); - ok(result, "Failed to destroy hash1, got %lx\n", GetLastError()); - result = CryptDestroyHash(hHash2); - ok(result, "Failed to destroy hash2, got %lx\n", GetLastError()); - /* Destroy the private key */ result = CryptDestroyKey(privKey); ok(result, "Failed to destroy private key, got %lx\n", GetLastError()); @@ -948,32 +928,33 @@ static void test_signhash(HCRYPTPROV hProv, const struct signature_test *test) result = CryptImportKey(hProv, pubKeyBuffer, pubKeyLen, 0, 0, &pubKey); ok(result, "Failed to import public key, got %lx\n", GetLastError());
- result = CryptCreateHash(hProv, CALG_SHA, 0, 0, &hHash1); + result = CryptCreateHash(hProv, CALG_SHA, 0, 0, &hHash); ok(result, "Failed to create hash, got %lx\n", GetLastError());
/* Hash the data to compare with the signed hash */ - result = CryptHashData(hHash1, test->signData, test->dataLen, 0); - ok(result, "Failed to add data to hash1, got %lx\n", GetLastError()); + result = CryptHashData(hHash, test->signData, test->dataLen, 0); + ok(result, "Failed to add data to hash, got %lx\n", GetLastError());
/* Verify signed hash 1 */ - result = CryptVerifySignatureA(hHash1, signValue1, sizeof(signValue1), pubKey, NULL, 0); - ok(result, "Failed to verify signature, got %lx\n", GetLastError()); + result = CryptVerifySignatureA(hHash, signValue1, sizeof(signValue1), pubKey, NULL, 0); + todo_wine ok(result, "Failed to verify signature, got %lx\n", GetLastError()); + + result = CryptDestroyHash(hHash); + ok(result, "Failed to destroy hash, got %lx\n", GetLastError());
- result = CryptCreateHash(hProv, CALG_SHA, 0, 0, &hHash2); + result = CryptCreateHash(hProv, CALG_SHA, 0, 0, &hHash); ok(result, "Failed to create hash, got %lx\n", GetLastError());
/* Hash the data to compare with the signed hash */ - result = CryptHashData(hHash2, test->signData, test->dataLen, 0); - ok(result, "Failed to add data to hash2, got %lx\n", GetLastError()); + result = CryptHashData(hHash, test->signData, test->dataLen, 0); + ok(result, "Failed to add data to hash, got %lx\n", GetLastError());
/* Verify signed hash 2 */ - result = CryptVerifySignatureA(hHash2, signValue2, sizeof(signValue2), pubKey, NULL, 0); - ok(result, "Failed to verify signature, got %lx\n", GetLastError()); + result = CryptVerifySignatureA(hHash, signValue2, sizeof(signValue2), pubKey, NULL, 0); + todo_wine ok(result, "Failed to verify signature, got %lx\n", GetLastError());
- result = CryptDestroyHash(hHash1); - ok(result, "Failed to destroy hash1, got %lx\n", GetLastError()); - result = CryptDestroyHash(hHash2); - ok(result, "Failed to destroy hash2, got %lx\n", GetLastError()); + result = CryptDestroyHash(hHash); + ok(result, "Failed to destroy hash, got %lx\n", GetLastError());
/* Destroy the public key */ result = CryptDestroyKey(pubKey);