[PATCH 2/4] wintrust/tests: Add CryptCATAdminAcquireContext2() tests

18 Nov 2024

From: Elias Norberg elias@aisle.se
---
 dlls/wintrust/tests/crypt.c | 130 ++++++++++++++++++++++++++++++++++++
 1 file changed, 130 insertions(+)

diff --git a/dlls/wintrust/tests/crypt.c b/dlls/wintrust/tests/crypt.c
index ca246776046..06aa9bc0514 100644
--- a/dlls/wintrust/tests/crypt.c
+++ b/dlls/wintrust/tests/crypt.c
@@ -99,6 +99,7 @@ static const BYTE test_catalog[] = {
 };
static BOOL (WINAPI * pCryptCATAdminAcquireContext)(HCATADMIN*, const GUID*, DWORD);
+static BOOL (WINAPI * pCryptCATAdminAcquireContext2)(HCATADMIN*, const GUID*, const WCHAR *, const CERT_STRONG_SIGN_PARA *, DWORD);
 static BOOL (WINAPI * pCryptCATAdminReleaseContext)(HCATADMIN, DWORD);
 static BOOL (WINAPI * pCryptCATAdminCalcHashFromFileHandle)(HANDLE hFile, DWORD*, BYTE*, DWORD);
 static HCATINFO (WINAPI * pCryptCATAdminAddCatalog)(HCATADMIN, PWSTR, PWSTR, DWORD);
@@ -130,6 +131,7 @@ static void InitFunctionPtrs(void)
     }
WINTRUST_GET_PROC(CryptCATAdminAcquireContext)
+    WINTRUST_GET_PROC(CryptCATAdminAcquireContext2)
     WINTRUST_GET_PROC(CryptCATAdminReleaseContext)
     WINTRUST_GET_PROC(CryptCATAdminCalcHashFromFileHandle)
     WINTRUST_GET_PROC(CryptCATAdminAddCatalog)
@@ -303,6 +305,133 @@ static void test_context(void)
     }
 }
+static void test_context2(void)
+{
+    BOOL ret;
+    HCATADMIN hca;
+    static GUID unknown = { 0xC689AABA, 0x8E78, 0x11D0, { 0x8C,0x47,0x00,0xC0,0x4F,0xC2,0x95,0xEE }}; /* WINTRUST.DLL */
+    static const WCHAR unknown_alg[] = {'A', 'L', 'G', '-', 'U', 'N', 'K', 'N', 'O', 'W', 'N', '\0'};
+    CHAR dummydir[MAX_PATH];
+    DWORD attrs;
+
+    /* See comments in test_context() for information about which directories CryptCATAdminAcquireContext creates
+     * Note that CryptCATAdminReleaseContext is primarily tested in test_context().
+     */
+
+    /* All NULL */
+    SetLastError(0xdeadbeef);
+    ret = pCryptCATAdminAcquireContext2(NULL, NULL, NULL, NULL, 0);
+    ok(!ret, "Expected failure\n");
+    ok(GetLastError() == ERROR_INVALID_PARAMETER,
+       "Expected ERROR_INVALID_PARAMETER, got %ld\n", GetLastError());
+
+    /* NULL GUID */
+    ret = pCryptCATAdminAcquireContext2(&hca, NULL, NULL, NULL, 0);
+    ok(ret, "Expected success, got FALSE with %ld\n", GetLastError());
+    ok(hca != NULL, "Expected a context handle, got NULL\n");
+
+    /* Release context again */
+    SetLastError(0xdeadbeef);
+    ret = pCryptCATAdminReleaseContext(hca, 0);
+    ok(ret, "Expected success, got FALSE with %ld\n", GetLastError());
+
+    /* NULL context handle and dummy GUID */
+    SetLastError(0xdeadbeef);
+    ret = pCryptCATAdminAcquireContext2(NULL, &dummy, NULL, NULL, 0);
+    ok(!ret, "Expected failure\n");
+    ok(GetLastError() == ERROR_INVALID_PARAMETER,
+       "Expected ERROR_INVALID_PARAMETER, got %ld\n", GetLastError());
+
+    /* Correct context handle and dummy GUID
+     *
+     * The tests run in the past unfortunately made sure that some directories were created.
+     *
+     * FIXME:
+     * We don't want to mess too much with these for now so we should delete only the ones
+     * that shouldn't be there like the deadbeef ones. We first have to figure out if it's
+     * safe to remove files and directories from CatRoot/CatRoot2.
+     */
+
+    ret = pCryptCATAdminAcquireContext2(&hca, &dummy, NULL, NULL, 0);
+    ok(ret || GetLastError() == ERROR_ACCESS_DENIED, "CryptCATAdminAcquireContext failed %lu\n", GetLastError());
+    if (!ret && GetLastError() == ERROR_ACCESS_DENIED)
+    {
+        win_skip("Not running as administrator\n");
+        return;
+    }
+    ok(hca != NULL, "Expected a context handle, got NULL\n");
+
+    attrs = GetFileAttributesA(catroot);
+    ok(attrs != INVALID_FILE_ATTRIBUTES, "Expected the CatRoot directory to exist\n");
+
+    /* Windows creates the GUID directory in capitals */
+    lstrcpyA(dummydir, catroot);
+    lstrcatA(dummydir, "\{DEADBEEF-DEAD-BEEF-DEAD-BEEFDEADBEEF}");
+    attrs = GetFileAttributesA(dummydir);
+    ok(attrs != INVALID_FILE_ATTRIBUTES,
+       "Expected CatRoot\{DEADBEEF-DEAD-BEEF-DEAD-BEEFDEADBEEF} directory to exist\n");
+
+    /* Only present on XP or higher. */
+    attrs = GetFileAttributesA(catroot2);
+    if (attrs != INVALID_FILE_ATTRIBUTES)
+    {
+        lstrcpyA(dummydir, catroot2);
+        lstrcatA(dummydir, "\{DEADBEEF-DEAD-BEEF-DEAD-BEEFDEADBEEF}");
+        attrs = GetFileAttributesA(dummydir);
+        ok(attrs != INVALID_FILE_ATTRIBUTES,
+           "Expected CatRoot2\{DEADBEEF-DEAD-BEEF-DEAD-BEEFDEADBEEF} directory to exist\n");
+    }
+
+    ret = pCryptCATAdminReleaseContext(hca, 0);
+    ok(ret, "Expected success, got FALSE with %ld\n", GetLastError());
+
+    /* Correct context handle and GUID */
+    ret = pCryptCATAdminAcquireContext2(&hca, &unknown, NULL, NULL, 0);
+    ok(ret, "Expected success, got FALSE with %ld\n", GetLastError());
+    ok(hca != NULL, "Expected a context handle, got NULL\n");
+
+    ret = pCryptCATAdminReleaseContext(hca, 0);
+    ok(ret, "Expected success, got FALSE with %ld\n", GetLastError());
+
+    hca = (void *) 0xdeadbeef;
+    SetLastError(0xdeadbeef);
+    /* Flags is documented as unused, but the parameter is checked since win8 */
+    ret = pCryptCATAdminAcquireContext2(&hca, &unknown, NULL, NULL,  1);
+    ok((!ret && (GetLastError() == ERROR_INVALID_PARAMETER) && (hca == (void *) 0xdeadbeef)) ||
+       broken(ret && hca != NULL && hca != (void *) 0xdeadbeef),
+       "Expected FALSE and ERROR_INVALID_PARAMETER with untouched handle, got %d and %lu with %p\n",
+       ret, GetLastError(), hca);
+
+    if (ret && hca)
+    {
+        SetLastError(0xdeadbeef);
+        ret = pCryptCATAdminReleaseContext(hca, 0);
+        ok(ret, "Expected success, got FALSE with %ld\n", GetLastError());
+    }
+
+    /* Specify SHA-1 algorithm */
+
+    ret = pCryptCATAdminAcquireContext2(&hca, &unknown, BCRYPT_SHA1_ALGORITHM, NULL,  0);
+    ok(ret, "Expected success, got FALSE with %ld\n", GetLastError());
+    ok(hca != NULL, "Expected a context handle, got NULL\n");
+
+    ret = pCryptCATAdminReleaseContext(hca, 0);
+    ok(ret, "Expected success, got FALSE with %ld\n", GetLastError());
+
+    /* Specify SHA-256 algorithm */
+    ret = pCryptCATAdminAcquireContext2(&hca, &unknown, BCRYPT_SHA256_ALGORITHM, NULL,  0);
+    ok(ret, "Expected success, got FALSE with %ld\n", GetLastError());
+    ok(hca != NULL, "Expected a context handle, got NULL\n");
+
+    ret = pCryptCATAdminReleaseContext(hca, 0);
+    ok(ret, "Expected success, got FALSE with %ld\n", GetLastError());
+
+    /* Set unknown algorithm - should fall back to default */
+    ret = pCryptCATAdminAcquireContext2(&hca, &unknown, unknown_alg, NULL,  0);
+    ok(!ret, "Expected failure\n");
+    ok(GetLastError() == NTE_BAD_ALGID, "Expected NTE_BAD_ALGID, got %ld\n", GetLastError());
+}
+
 /* TODO: Check whether SHA-1 is the algorithm that's always used */
 static void test_calchash(void)
 {
@@ -1361,6 +1490,7 @@ START_TEST(crypt)
     GetCurrentDirectoryA(MAX_PATH, CURR_DIR);
test_context();
+    test_context2();
     test_calchash();
     test_CryptCATOpen();
     /* Parameter checking only */
-- 
GitLab


https://gitlab.winehq.org/wine/wine/-/merge_requests/6835

    

2025

2024

2023

2022

[PATCH 2/4] wintrust/tests: Add CryptCATAdminAcquireContext2() tests