[PATCH 09/11] dssenh/tests: separate the public key export from the signhash test

From: Sven Püschel <Sven\u2007Pschel@akarisu.de>

Separate the exporting of the public key out of the signhash test. As VerifySignature can also use a privete key, the conversion of the private key to a public key is removed.

The public key export is kept and moved to a separate test. A precalculated public key is used to check, that the output format is correct.

Furthermore change the test_verify_signature -> test_signature as the test only tested primarely the SignHash function and only used VerifySignature to check the generated signature is valid.

Signed-off-by: Sven Püschel <Sven Püschel@akarisu.de> --- dlls/dssenh/tests/dssenh.c | 161 +++++++++++++++++++++++++++++-------- 1 file changed, 127 insertions(+), 34 deletions(-)

diff --git a/dlls/dssenh/tests/dssenh.c b/dlls/dssenh/tests/dssenh.c index dd347ed3041..9eaa843907b 100644 --- a/dlls/dssenh/tests/dssenh.c +++ b/dlls/dssenh/tests/dssenh.c @@ -791,7 +791,9 @@ static void test_cipher_modes(const struct ciphermode_test *tests, int testLen)

struct signature_test { const BYTE *privateKey; - DWORD keyLen; + DWORD privateKeyLen; + const BYTE *publicKey; + DWORD publicKeyLen; BYTE* signData; DWORD dataLen; }; @@ -823,6 +825,37 @@ static const BYTE AT_SIGNATURE_PrivateKey[] = { 0x34,0x05,0xeb,0x98,0x3b,0x5f,0x2f,0x11, 0xa4,0xa5,0xc4,0xff,0xfb,0x22,0x7c,0x54 };

+static const BYTE AT_SIGNATURE_PublicKey[] = { +0x06,0x02,0x00,0x00,0x00,0x22,0x00,0x00, 0x44,0x53,0x53,0x31,0x00,0x04,0x00,0x00, +0x01,0xd1,0xfc,0x7a,0x70,0x53,0xb2,0x48, 0x70,0x23,0x19,0x1f,0x3c,0xe1,0x26,0x14, +0x7e,0x9f,0x0f,0x7f,0x33,0x5e,0x2b,0xf7, 0xca,0x01,0x74,0x8c,0xb4,0xfd,0xf6,0x44, +0x95,0x35,0x56,0xaa,0x4d,0x62,0x48,0xe2, 0xd1,0xa2,0x7e,0x6e,0xeb,0xd6,0xcc,0x7c, +0xe8,0xfd,0x21,0x9a,0xa2,0xfd,0x7a,0x9d, 0x1a,0x38,0x69,0x87,0x39,0x5a,0x91,0xc0, +0x52,0x2b,0x9f,0x2a,0x54,0x78,0x37,0x82, 0x9a,0x70,0x57,0xab,0xec,0x93,0x8e,0xac, +0x73,0x04,0xe8,0x53,0x72,0x72,0x32,0xc6, 0xcb,0xef,0x47,0x98,0x3c,0x56,0x49,0x62, +0xcb,0xbb,0xe7,0x34,0x84,0xa6,0x72,0x3a, 0xbe,0x26,0x46,0x86,0xca,0xcb,0x35,0x62, +0x4f,0x19,0x18,0x0b,0xb0,0x78,0xae,0xd5, 0x42,0xdf,0x26,0xdb,0x85,0x63,0x77,0x85, +0x01,0x3b,0x32,0xbe,0x5c,0xf8,0x05,0xc8, 0xde,0x17,0x7f,0xb9,0x03,0x82,0xfa,0xf1, +0x9e,0x32,0x73,0xfa,0x8d,0xea,0xa3,0x30, 0x48,0xe2,0xdf,0x5a,0xcb,0x83,0x3d,0xff, +0x56,0xe9,0xc0,0x94,0xf8,0x6d,0xb3,0xaf, 0x4a,0x97,0xb9,0x43,0x0e,0xd4,0x28,0x98, +0x57,0x2e,0x3a,0xca,0xde,0x6f,0x45,0x0d, 0xfb,0x58,0xec,0x78,0x34,0x2e,0x46,0x4d, +0xfe,0x98,0x02,0xbb,0xef,0x07,0x1a,0x13, 0xb6,0xc2,0x2c,0x06,0xd9,0x0c,0xc4,0xb0, +0x4c,0x3a,0xfc,0x01,0x63,0xb5,0x5a,0x5d, 0x2d,0x9c,0x47,0x04,0x67,0x51,0xf2,0x52, +0xf5,0x82,0x36,0xeb,0x6e,0x66,0x58,0x4c, 0x10,0x2c,0x29,0x72,0x4a,0x6f,0x6b,0x6c, +0xe0,0x93,0x31,0x42,0xf6,0xda,0xfa,0x5b, 0x22,0x43,0x9b,0x1a,0x98,0x71,0xe7,0x41, +0x74,0xe9,0x12,0xa4,0x1f,0x27,0x0a,0x63, 0x94,0x49,0xd7,0xad,0xa5,0xc4,0x5c,0xc3, +0xc9,0x70,0xb3,0x7b,0xd0,0x5b,0xdd,0x7c, 0x02,0x99,0x77,0x52,0x19,0x35,0x3d,0xc7, +0x1f,0xc5,0x73,0xcb,0xea,0x06,0x3f,0x96, 0x86,0x86,0xa3,0xc2,0x46,0xc8,0x39,0xba, +0xe7,0xee,0xf9,0x00,0x9c,0x04,0x32,0xac, 0x19,0xcf,0x74,0xee,0x33,0x16,0x8c,0x99, +0xdb,0xf5,0x46,0x90,0x75,0x50,0x22,0x0d, 0xe0,0x8e,0x47,0xf1,0xd1,0xfa,0xc4,0x51, +0x90,0xb1,0x33,0x7f,0x41,0xc7,0x23,0xb9, 0xe4,0x2c,0xa4,0xca,0x77,0x07,0xe5,0xf8, +0x30,0xdf,0xf5,0xdf,0x6d,0x63,0x38,0x82, 0x24,0x5f,0xb3,0x81,0x37,0x53,0x9e,0x47, +0x01,0x40,0x48,0xa6,0x73,0xa3,0xbc,0x31, 0xd4,0xa6,0xc6,0x4f,0x90,0xa6,0x96,0x1b, +0xc7,0x1d,0xa1,0xc5,0x91,0xb1,0x7d,0x81, 0x97,0x73,0x93,0x2b,0x9d,0xb4,0x8f,0x2e, +0x8c,0xe9,0xe0,0x3e,0xf1,0x01,0x00,0x00, 0x93,0xd5,0xa3,0xe4,0x34,0x05,0xeb,0x98, +0x3b,0x5f,0x2f,0x11,0xa4,0xa5,0xc4,0xff, 0xfb,0x22,0x7c,0x54 +}; + static const BYTE DSS_SIGN_PrivateKey[] = { 0x07,0x02,0x00,0x00,0x00,0x22,0x00,0x00, 0x44,0x53,0x53,0x32,0x00,0x04,0x00,0x00, 0xf7,0x9e,0x89,0xa2,0xcd,0x0b,0x61,0xe0, 0xa3,0xe5,0x86,0x6b,0x04,0x98,0x80,0x9c, @@ -847,26 +880,71 @@ static const BYTE DSS_SIGN_PrivateKey[] = { 0xdc,0x68,0xae,0x03,0xad,0xf7,0xb9,0xca, 0x0d,0xca,0x27,0xef,0x76,0xda,0xe5,0xcb };

+static const BYTE DSS_SIGN_PublicKey[] = { +0x06,0x02,0x00,0x00,0x00,0x22,0x00,0x00, 0x44,0x53,0x53,0x31,0x00,0x04,0x00,0x00, +0xf7,0x9e,0x89,0xa2,0xcd,0x0b,0x61,0xe0, 0xa3,0xe5,0x86,0x6b,0x04,0x98,0x80,0x9c, +0x36,0xc2,0x76,0x4e,0x22,0xd5,0x21,0xaa, 0x03,0x59,0xf4,0x95,0xb2,0x11,0x1f,0xa0, +0xc5,0xfc,0xbe,0x5d,0x1f,0x2e,0xf4,0x36, 0x40,0x48,0x81,0x51,0xb4,0x25,0x86,0xe0, +0x98,0xc8,0x4d,0xa0,0x08,0x99,0xa1,0x00, 0x45,0x1b,0x75,0x6b,0x0d,0x3e,0x7d,0x13, +0xd7,0x23,0x32,0x08,0xf4,0xeb,0x27,0x9e, 0xe9,0x05,0x5d,0xac,0xc8,0xd7,0x62,0x13, +0x43,0x2a,0x69,0x65,0xdc,0xe6,0x52,0xf9, 0x6a,0xe8,0x07,0xcf,0x3e,0xf8,0xc9,0x1d, +0x8e,0xdf,0x4e,0x9a,0xd1,0x48,0xf2,0xda, 0x9e,0xfa,0x92,0x5f,0x6d,0x57,0xf2,0xa4, +0x5f,0x60,0xce,0x92,0x7a,0x80,0x39,0x21, 0x9d,0x4d,0x3a,0x60,0x76,0x4c,0x2f,0xc0, +0xd3,0xf4,0x14,0x03,0x03,0x05,0xa9,0x0c, 0x57,0x72,0x4f,0x60,0x3c,0xe9,0x09,0x54, +0x0c,0x2a,0x56,0xda,0x30,0xb6,0x2e,0x6a, 0x96,0x7f,0x4a,0x8f,0x83,0x0a,0xb9,0x5c, +0xff,0x84,0xfa,0x0e,0x85,0x81,0x46,0xe9, 0x1c,0xbb,0x78,0x1d,0x78,0x25,0x00,0x8c, +0x78,0x56,0x68,0xe4,0x06,0x37,0xcc,0xc7, 0x22,0x27,0xee,0x0e,0xf8,0xca,0xfc,0x72, +0x0e,0xd6,0xe6,0x90,0x30,0x66,0x22,0xe2, 0xa2,0xbf,0x2e,0x35,0xbc,0xe7,0xd6,0x24, +0x6a,0x3d,0x06,0xe8,0xe2,0xbe,0x96,0xcc, 0x9a,0x08,0x06,0xb5,0x44,0x83,0xb0,0x7b, +0x70,0x7b,0x2d,0xc3,0x46,0x9a,0xc5,0x6b, 0xd9,0xde,0x9a,0x24,0xc9,0xea,0xf5,0x28, +0x69,0x8a,0x17,0xca,0xdf,0xc4,0x0e,0xa3, 0x08,0x22,0x99,0xd2,0x27,0xdc,0x9b,0x08, +0x54,0x4a,0xf9,0xb1,0x74,0x3a,0x9d,0xd9, 0xc2,0x82,0x21,0xf5,0x97,0x04,0x90,0x37, +0xda,0xd9,0xdc,0x19,0x88,0x7c,0x8b,0xc7, 0xdb,0xb5,0xea,0x9e,0x96,0x03,0x11,0x49, +0x07,0xa3,0xe2,0x3d,0xbe,0xa1,0xf3,0xaf, 0x26,0xc4,0xbf,0x39,0xa9,0xcd,0x69,0xd1, +0x40,0x07,0x88,0x21,0x58,0xa4,0xcf,0xb3, 0x0a,0x9b,0x7a,0xea,0x89,0x10,0x8a,0x6a, +0x98,0x6f,0xfe,0x30,0xf2,0xc2,0xd3,0x88, 0x52,0x57,0x02,0x53,0x4f,0x0d,0x03,0x08, +0x48,0x2e,0x82,0xad,0x7a,0x0a,0x2b,0xeb, 0xe2,0xd7,0xa2,0x3e,0x64,0xbc,0xeb,0x49, +0xe1,0x14,0x2f,0x0c,0x84,0xf7,0xc3,0xb9, 0x60,0x2f,0x95,0x4f,0x7a,0x3b,0xcb,0xa4, +0x5a,0x3a,0x6a,0x20,0xb3,0x9c,0xaf,0xba, 0xe1,0x94,0xe2,0x57,0xfc,0xc8,0x4e,0x07, +0x29,0xa4,0x25,0xbe,0x1f,0x7a,0x4c,0xe8, 0x61,0x23,0xc9,0x5d,0x8d,0x11,0x4d,0x5d, +0xba,0xfa,0x47,0x5d,0x3c,0x00,0x00,0x00, 0x16,0xe1,0xac,0x17,0xdc,0x68,0xae,0x03, +0xad,0xf7,0xb9,0xca,0x0d,0xca,0x27,0xef, 0x76,0xda,0xe5,0xcb +}; + static const struct signature_test dssSign_data[] = { - {AT_SIGNATURE_PrivateKey, sizeof(AT_SIGNATURE_PrivateKey), (BYTE *)dataToSign1, sizeof(dataToSign1)}, - {AT_SIGNATURE_PrivateKey, sizeof(AT_SIGNATURE_PrivateKey), (BYTE *)dataToSign2, sizeof(dataToSign2)}, - {DSS_SIGN_PrivateKey, sizeof(DSS_SIGN_PrivateKey), (BYTE *)dataToSign1, sizeof(dataToSign1)}, - {DSS_SIGN_PrivateKey, sizeof(DSS_SIGN_PrivateKey), (BYTE *)dataToSign2, sizeof(dataToSign2)}, + { + .privateKey = AT_SIGNATURE_PrivateKey, .privateKeyLen = sizeof(AT_SIGNATURE_PrivateKey), + .publicKey = AT_SIGNATURE_PublicKey, .publicKeyLen = sizeof(AT_SIGNATURE_PublicKey), + .signData = (BYTE *)dataToSign1, .dataLen = sizeof(dataToSign1), + }, + { + .privateKey = AT_SIGNATURE_PrivateKey, .privateKeyLen = sizeof(AT_SIGNATURE_PrivateKey), + .publicKey = AT_SIGNATURE_PublicKey, .publicKeyLen = sizeof(AT_SIGNATURE_PublicKey), + .signData = (BYTE *)dataToSign2, .dataLen = sizeof(dataToSign2), + }, + { + .privateKey = DSS_SIGN_PrivateKey, .privateKeyLen = sizeof(DSS_SIGN_PrivateKey), + .publicKey = DSS_SIGN_PublicKey, .publicKeyLen = sizeof(DSS_SIGN_PublicKey), + .signData = (BYTE *)dataToSign1, .dataLen = sizeof(dataToSign1), + }, + { + .privateKey = DSS_SIGN_PrivateKey, .privateKeyLen = sizeof(DSS_SIGN_PrivateKey), + .publicKey = DSS_SIGN_PublicKey, .publicKeyLen = sizeof(DSS_SIGN_PublicKey), + .signData = (BYTE *)dataToSign2, .dataLen = sizeof(dataToSign2), + }, };

static void test_signhash(HCRYPTPROV hProv, const struct signature_test *test) { + HCRYPTKEY privKey = 0; HCRYPTHASH hHash; - HCRYPTKEY privKey = 0, pubKey = 0; - BYTE pubKeyBuffer[512]; BYTE signValue1[40], signValue2[40]; DWORD signLen; - DWORD pubKeyLen; BOOL result;

/* Get a private key of array specified ALG_ID */ SetLastError(0xdeadbeef); - result = CryptImportKey(hProv, test->privateKey, test->keyLen, 0, 0, &privKey); + result = CryptImportKey(hProv, test->privateKey, test->privateKeyLen, 0, 0, &privKey); ok(result, "Failed to imported key, got %lx\n", GetLastError());

/* Create hash object and add data for signature 1 */ @@ -924,25 +1002,6 @@ static void test_signhash(HCRYPTPROV hProv, const struct signature_test *test) ok(memcmp(signValue1, signValue2, ARRAY_SIZE(signValue1)), "Expected two different signatures from the same hash input.\n");

- SetLastError(0xdeadbeef); - result = CryptExportKey(privKey, 0, PUBLICKEYBLOB, 0, NULL, &pubKeyLen); - ok(result, "Failed to acquire public key length, got %lx\n", GetLastError()); - - /* Export the public key */ - SetLastError(0xdeadbeef); - result = CryptExportKey(privKey, 0, PUBLICKEYBLOB, 0, pubKeyBuffer, &pubKeyLen); - ok(result, "Failed to export public key, got %lx\n", GetLastError()); - - /* Destroy the private key */ - SetLastError(0xdeadbeef); - result = CryptDestroyKey(privKey); - ok(result, "Failed to destroy private key, got %lx\n", GetLastError()); - - /* Import the public key we obtained earlier */ - SetLastError(0xdeadbeef); - result = CryptImportKey(hProv, pubKeyBuffer, pubKeyLen, 0, 0, &pubKey); - ok(result, "Failed to import public key, got %lx\n", GetLastError()); - SetLastError(0xdeadbeef); result = CryptCreateHash(hProv, CALG_SHA, 0, 0, &hHash); ok(result, "Failed to create hash, got %lx\n", GetLastError()); @@ -954,20 +1013,53 @@ static void test_signhash(HCRYPTPROV hProv, const struct signature_test *test)

/* Verify signed hash 1 */ SetLastError(0xdeadbeef); - result = CryptVerifySignatureA(hHash, signValue1, sizeof(signValue1), pubKey, NULL, 0); + result = CryptVerifySignatureA(hHash, signValue1, sizeof(signValue1), privKey, NULL, 0); ok(result, "Failed to verify signature, got %lx\n", GetLastError());

SetLastError(0xdeadbeef); result = CryptDestroyHash(hHash); ok(result, "Failed to destroy hash, got %lx\n", GetLastError());

- /* Destroy the public key */ + /* Destroy the private key */ + SetLastError(0xdeadbeef); + result = CryptDestroyKey(privKey); + ok(result, "Failed to destroy private key, got %lx\n", GetLastError()); +} + +static void test_exportkey(HCRYPTPROV hProv, const struct signature_test *test) +{ + HCRYPTKEY privKey = 0; + BYTE pubKeyBuffer[512]; + DWORD pubKeyLen; + BOOL result; + + /* Get a private key of array specified ALG_ID */ + SetLastError(0xdeadbeef); + result = CryptImportKey(hProv, test->privateKey, test->privateKeyLen, 0, 0, &privKey); + ok(result, "Failed to imported key, got %lx\n", GetLastError()); + + SetLastError(0xdeadbeef); + result = CryptExportKey(privKey, 0, PUBLICKEYBLOB, 0, NULL, &pubKeyLen); + ok(result, "Failed to acquire public key length, got %lx\n", GetLastError()); + ok(pubKeyLen == test->publicKeyLen, + "Expected the public key to be %ld bytes long, but got %ld bytes\n", test->publicKeyLen, pubKeyLen); + + /* Export the public key */ + pubKeyLen = ARRAY_SIZE(pubKeyBuffer); SetLastError(0xdeadbeef); - result = CryptDestroyKey(pubKey); - ok(result, "Failed to destroy public key, got %lx\n", GetLastError()); + result = CryptExportKey(privKey, 0, PUBLICKEYBLOB, 0, pubKeyBuffer, &pubKeyLen); + ok(result, "Failed to export public key, got %lx\n", GetLastError()); + + ok(memcmp(test->publicKey, pubKeyBuffer, test->publicKeyLen) == 0, + "The exported public key doesn't match the expected public key\n"); + + /* Destroy the private key */ + SetLastError(0xdeadbeef); + result = CryptDestroyKey(privKey); + ok(result, "Failed to destroy private key, got %lx\n", GetLastError()); }

-static void test_verify_signature(void) +static void test_signature(void) { HCRYPTPROV hProv[4]; BOOL result; @@ -1003,6 +1095,7 @@ static void test_verify_signature(void) for (j = 0; j < ARRAY_SIZE(dssSign_data); j++) { test_signhash(hProv[i], &dssSign_data[j]); + test_exportkey(hProv[i], &dssSign_data[j]); }

SetLastError(0xdeadbeef); @@ -1542,7 +1635,7 @@ START_TEST(dssenh) test_hash(hash_data, ARRAY_SIZE(hash_data)); test_data_encryption(encrypt_data, ARRAY_SIZE(encrypt_data)); test_cipher_modes(ciphermode_data, ARRAY_SIZE(ciphermode_data)); - test_verify_signature(); + test_signature(); test_key_exchange(); test_duplicate_hash(); test_userkey();