2 * Unit tests for SystemFunctionXXX (LMHash?)
4 * Copyright 2004 Hans Leidekker
5 * Copyright 2006 Mike McCormack
7 * This library is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU Lesser General Public
9 * License as published by the Free Software Foundation; either
10 * version 2.1 of the License, or (at your option) any later version.
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
17 * You should have received a copy of the GNU Lesser General Public
18 * License along with this library; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
25 #define WIN32_NO_STATUS
26 #include "wine/test.h"
34 unsigned char *Buffer;
37 typedef NTSTATUS (WINAPI *fnSystemFunction001)(const BYTE *, const BYTE *, LPBYTE);
38 typedef NTSTATUS (WINAPI *fnSystemFunction002)(const BYTE *, const BYTE *, LPBYTE);
39 typedef NTSTATUS (WINAPI *fnSystemFunction003)(const BYTE *, LPBYTE);
40 typedef NTSTATUS (WINAPI *fnSystemFunction004)(const struct ustring *, const struct ustring *, struct ustring *);
41 typedef NTSTATUS (WINAPI *fnSystemFunction005)(const struct ustring *, const struct ustring *, struct ustring *);
42 typedef VOID (WINAPI *fnSystemFunction006)( PCSTR passwd, PSTR lmhash );
43 typedef NTSTATUS (WINAPI *fnSystemFunction008)(const BYTE *, const BYTE *, LPBYTE);
44 typedef NTSTATUS (WINAPI *fnSystemFunction009)(const BYTE *, const BYTE *, LPBYTE);
45 typedef int (WINAPI *descrypt)(unsigned char *, unsigned char *, unsigned char *);
46 typedef NTSTATUS (WINAPI *fnSystemFunction030)(void*, void*);
47 typedef NTSTATUS (WINAPI *fnSystemFunction032)(struct ustring *, struct ustring *);
49 fnSystemFunction001 pSystemFunction001;
50 fnSystemFunction002 pSystemFunction002;
51 fnSystemFunction003 pSystemFunction003;
52 fnSystemFunction004 pSystemFunction004;
53 fnSystemFunction004 pSystemFunction005;
54 fnSystemFunction006 pSystemFunction006;
55 fnSystemFunction008 pSystemFunction008;
56 fnSystemFunction008 pSystemFunction009;
58 /* encrypt two blocks */
59 descrypt pSystemFunction012;
60 descrypt pSystemFunction014;
61 descrypt pSystemFunction016;
62 descrypt pSystemFunction018;
63 descrypt pSystemFunction020;
64 descrypt pSystemFunction022;
66 /* decrypt two blocks */
67 descrypt pSystemFunction013;
68 descrypt pSystemFunction015;
69 descrypt pSystemFunction017;
70 descrypt pSystemFunction019;
71 descrypt pSystemFunction021;
72 descrypt pSystemFunction023;
74 /* encrypt two blocks with a 32bit key */
75 descrypt pSystemFunction024;
76 descrypt pSystemFunction025;
78 /* decrypt two blocks with a 32bit key */
79 descrypt pSystemFunction026;
80 descrypt pSystemFunction027;
82 typedef int (WINAPI *memcmpfunc)(unsigned char *, unsigned char *);
83 memcmpfunc pSystemFunction030;
84 memcmpfunc pSystemFunction031;
86 fnSystemFunction032 pSystemFunction032;
88 static void test_SystemFunction006(void)
92 char passwd[] = { 's','e','c','r','e','t', 0, 0, 0, 0, 0, 0, 0, 0 };
93 unsigned char expect[] =
94 { 0x85, 0xf5, 0x28, 0x9f, 0x09, 0xdc, 0xa7, 0xeb,
95 0xaa, 0xd3, 0xb4, 0x35, 0xb5, 0x14, 0x04, 0xee };
97 pSystemFunction006( passwd, lmhash );
99 ok( !memcmp( lmhash, expect, sizeof(expect) ),
100 "lmhash: %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x\n",
101 lmhash[0], lmhash[1], lmhash[2], lmhash[3], lmhash[4], lmhash[5],
102 lmhash[6], lmhash[7], lmhash[8], lmhash[9], lmhash[10], lmhash[11],
103 lmhash[12], lmhash[13], lmhash[14], lmhash[15] );
106 static void test_SystemFunction008(void)
108 /* example data from http://davenport.sourceforge.net/ntlm.html */
109 unsigned char hash[0x40] = {
110 0xff, 0x37, 0x50, 0xbc, 0xc2, 0xb2, 0x24, 0x12,
111 0xc2, 0x26, 0x5b, 0x23, 0x73, 0x4e, 0x0d, 0xac };
112 unsigned char challenge[0x40] = {
113 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
114 unsigned char expected[0x18] = {
115 0xc3, 0x37, 0xcd, 0x5c, 0xbd, 0x44, 0xfc, 0x97,
116 0x82, 0xa6, 0x67, 0xaf, 0x6d, 0x42, 0x7c, 0x6d,
117 0xe6, 0x7c, 0x20, 0xc2, 0xd3, 0xe7, 0x7c, 0x56 };
118 unsigned char output[0x18];
121 r = pSystemFunction008(0,0,0);
122 ok( r == STATUS_UNSUCCESSFUL, "wrong error code\n");
124 r = pSystemFunction008(challenge,0,0);
125 ok( r == STATUS_UNSUCCESSFUL, "wrong error code\n");
127 r = pSystemFunction008(challenge, hash, 0);
128 ok( r == STATUS_UNSUCCESSFUL, "wrong error code\n");
133 r = pSystemFunction008(challenge, 0, output);
134 ok( r == STATUS_UNSUCCESSFUL, "wrong error code\n");
137 r = pSystemFunction008(0, 0, output);
138 ok( r == STATUS_UNSUCCESSFUL, "wrong error code\n");
140 memset(output, 0, sizeof output);
141 r = pSystemFunction008(challenge, hash, output);
142 ok( r == STATUS_SUCCESS, "wrong error code\n");
144 ok( !memcmp(output, expected, sizeof expected), "response wrong\n");
147 static void test_SystemFunction001(void)
149 unsigned char key[8] = { 0xff, 0x37, 0x50, 0xbc, 0xc2, 0xb2, 0x24, 0 };
150 unsigned char data[8] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
151 unsigned char expected[8] = { 0xc3, 0x37, 0xcd, 0x5c, 0xbd, 0x44, 0xfc, 0x97 };
152 unsigned char output[16];
155 r = pSystemFunction001(0,0,0);
156 ok( r == STATUS_UNSUCCESSFUL, "wrong error code\n");
158 memset(output, 0, sizeof output);
160 r = pSystemFunction001(data,key,output);
161 ok( r == STATUS_SUCCESS, "wrong error code\n");
163 ok(!memcmp(output, expected, sizeof expected), "response wrong\n");
166 static void test_SystemFunction002(void)
168 /* reverse of SystemFunction001 */
169 unsigned char key[8] = { 0xff, 0x37, 0x50, 0xbc, 0xc2, 0xb2, 0x24, 0 };
170 unsigned char expected[8] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
171 unsigned char data[8] = { 0xc3, 0x37, 0xcd, 0x5c, 0xbd, 0x44, 0xfc, 0x97 };
172 unsigned char output[8];
175 memset(output, 0, sizeof output);
176 r = pSystemFunction002(data, key, output);
177 ok(r == STATUS_SUCCESS, "function failed\n");
178 ok(!memcmp(output, expected, sizeof expected), "response wrong\n");
181 static void test_SystemFunction032(void)
183 struct ustring key, data;
184 unsigned char szKey[] = { 'f','o','o',0 };
185 unsigned char szData[8] = { 'b','a','r',0 };
186 unsigned char expected[] = {0x28, 0xb9, 0xf8, 0xe1};
189 /* crashes: pSystemFunction032(NULL,NULL); */
192 key.Length = sizeof szKey;
193 key.MaximumLength = key.Length;
195 data.Buffer = szData;
197 data.MaximumLength = 8;
199 r = pSystemFunction032(&data, &key);
200 ok(r == STATUS_SUCCESS, "function failed\n");
202 ok(!memcmp(expected, data.Buffer, data.Length), "wrong result\n");
205 static void test_SystemFunction003(void)
207 unsigned char output[8], data[8];
208 unsigned char key[7] = { 0xff, 0x37, 0x50, 0xbc, 0xc2, 0xb2, 0x24 };
209 unsigned char exp1[8] = { 0x9d, 0x21, 0xc8, 0x86, 0x6c, 0x21, 0xcf, 0x43 };
210 char exp2[] = "KGS!@#$%";
213 r = pSystemFunction003(NULL, NULL);
214 ok(r == STATUS_UNSUCCESSFUL, "function failed\n");
216 r = pSystemFunction003(key, NULL);
217 ok(r == STATUS_UNSUCCESSFUL, "function failed\n");
219 memset(data, 0, sizeof data);
220 r = pSystemFunction003(key, data);
221 ok(r == STATUS_SUCCESS, "function failed\n");
222 ok( !memcmp(exp1, data, sizeof data), "decrypted message wrong\n");
224 memset(output, 0, sizeof output);
225 r = pSystemFunction002(data, key, output);
227 ok( !memcmp(exp2, output, sizeof output), "decrypted message wrong\n");
230 static void test_SystemFunction004(void)
232 unsigned char inbuf[0x100], keybuf[0x100], resbuf[0x100];
233 unsigned char output[8];
235 struct ustring in, key, out;
238 r = pSystemFunction004(NULL, NULL, NULL);
239 ok(r == STATUS_UNSUCCESSFUL, "function failed\n");
242 memset(inbuf, 0, sizeof inbuf);
243 memset(keybuf, 0, sizeof keybuf);
244 memset(resbuf, 0, sizeof resbuf);
247 in.Length = in.MaximumLength = 0;
250 key.Length = key.MaximumLength = 0;
253 out.Length = out.MaximumLength = 0;
255 r = pSystemFunction004(&in, &key, &out);
256 ok(r == STATUS_INVALID_PARAMETER_2, "function failed\n");
260 key.MaximumLength = 0x100;
262 r = pSystemFunction004(&in, &key, (struct ustring *)&out);
263 ok(r == STATUS_BUFFER_TOO_SMALL, "function failed\n");
267 in.MaximumLength = 0;
269 /* add two identical blocks... */
280 /* check that the Length field is really obeyed */
285 key.MaximumLength = 0;
291 out.MaximumLength = 0x40;
292 r = pSystemFunction004(&in, &key, &out);
293 ok(r == STATUS_SUCCESS, "function failed\n");
297 memset(output, 0, sizeof output);
298 r = pSystemFunction002(out.Buffer, key.Buffer, output);
300 ok(((unsigned int*)output)[0] == in.Length, "crypted length wrong\n");
301 ok(((unsigned int*)output)[1] == 1, "crypted value wrong\n");
303 memset(output, 0, sizeof output);
304 r = pSystemFunction002(out.Buffer+8, key.Buffer, output);
305 ok(!memcmp(output, inbuf, sizeof output), "crypted data wrong\n");
307 memset(output, 0, sizeof output);
308 r = pSystemFunction002(out.Buffer+16, key.Buffer, output);
309 ok(!memcmp(output, inbuf, sizeof output), "crypted data wrong\n");
312 static void test_SystemFunction005(void)
314 char output[0x40], result[0x40];
316 struct ustring in, key, out, res;
317 static char datastr[] = "twinkle twinkle little star";
318 static char keystr[] = "byolnim";
320 in.Buffer = (unsigned char *)datastr;
321 in.Length = strlen(datastr);
322 in.MaximumLength = 0;
324 key.Buffer = (unsigned char *)keystr;
325 key.Length = strlen(keystr);
326 key.MaximumLength = 0;
328 out.Buffer = (unsigned char *)output;
329 out.Length = out.MaximumLength = sizeof output;
331 r = pSystemFunction004(&in, &key, &out);
332 ok(r == STATUS_SUCCESS, "function failed\n");
334 memset(result, 0, sizeof result);
335 res.Buffer = (unsigned char *)result;
337 res.MaximumLength = sizeof result;
339 r = pSystemFunction005(&out, &key, &res);
340 ok(r == STATUS_SUCCESS, "function failed\n");
342 r = pSystemFunction005(&out, &key, &res);
343 ok(r == STATUS_SUCCESS, "function failed\n");
345 ok(res.Length == in.Length, "Length wrong\n");
346 ok(!memcmp(res.Buffer, in.Buffer, in.Length), "data wrong\n");
349 out.MaximumLength = 0;
350 r = pSystemFunction005(&out, &key, &res);
351 ok(r == STATUS_SUCCESS, "function failed\n");
353 ok(res.Length == in.Length, "Length wrong\n");
354 ok(!memcmp(res.Buffer, in.Buffer, in.Length), "data wrong\n");
356 res.MaximumLength = 0;
357 r = pSystemFunction005(&out, &key, &res);
358 ok(r == STATUS_BUFFER_TOO_SMALL, "function failed\n");
361 r = pSystemFunction005(&out, &key, &res);
362 ok(r == STATUS_UNKNOWN_REVISION, "function failed\n");
365 r = pSystemFunction005(&out, &key, &res);
366 ok(r == STATUS_INVALID_PARAMETER_2, "function failed\n");
369 static void test_SystemFunction009(void)
371 unsigned char hash[0x10] = {
372 0xff, 0x37, 0x50, 0xbc, 0xc2, 0xb2, 0x24, 0x12,
373 0xc2, 0x26, 0x5b, 0x23, 0x73, 0x4e, 0x0d, 0xac };
374 unsigned char challenge[8] = {
375 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
376 unsigned char expected[0x18] = {
377 0xc3, 0x37, 0xcd, 0x5c, 0xbd, 0x44, 0xfc, 0x97,
378 0x82, 0xa6, 0x67, 0xaf, 0x6d, 0x42, 0x7c, 0x6d,
379 0xe6, 0x7c, 0x20, 0xc2, 0xd3, 0xe7, 0x7c, 0x56 };
380 unsigned char output[0x18];
383 memset(output, 0, sizeof output);
384 r = pSystemFunction009(challenge, hash, output);
385 ok( r == STATUS_SUCCESS, "wrong error code\n");
386 ok(!memcmp(output, expected, sizeof expected), "response wrong\n");
389 static unsigned char des_key[] = {
390 0xff, 0x37, 0x50, 0xbc, 0xc2, 0xb2, 0x24,
391 0xff, 0x37, 0x50, 0xbc, 0xc2, 0xb2, 0x24,
393 static unsigned char des_plaintext[] = {
394 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
395 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0
397 static unsigned char des_ciphertext[] = {
398 0xc3, 0x37, 0xcd, 0x5c, 0xbd, 0x44, 0xfc, 0x97,
399 0xc3, 0x37, 0xcd, 0x5c, 0xbd, 0x44, 0xfc, 0x97, 0
402 /* test functions that encrypt two DES blocks */
403 static void test_SystemFunction_encrypt(descrypt func, int num)
405 unsigned char output[0x11];
410 skip("SystemFunction%03d is not available\n", num);
414 r = func(NULL, NULL, NULL);
415 ok( r == STATUS_UNSUCCESSFUL, "wrong error code\n");
417 memset(output, 0, sizeof output);
418 r = func(des_plaintext, des_key, output);
419 ok( r == STATUS_SUCCESS, "wrong error code\n");
420 ok( !memcmp(des_ciphertext, output, sizeof des_ciphertext), "ciphertext wrong (%d)\n", num);
423 /* test functions that decrypt two DES blocks */
424 static void test_SystemFunction_decrypt(descrypt func, int num)
426 unsigned char output[0x11];
431 skip("SystemFunction%03d is not available\n", num);
435 r = func(NULL, NULL, NULL);
436 ok( r == STATUS_UNSUCCESSFUL, "wrong error code\n");
438 memset(output, 0, sizeof output);
440 r = func(des_ciphertext, des_key, output);
441 ok( r == STATUS_SUCCESS, "wrong error code\n");
442 ok( !memcmp(des_plaintext, output, sizeof des_plaintext), "plaintext wrong (%d)\n", num);
445 static unsigned char des_ciphertext32[] = {
446 0x69, 0x51, 0x35, 0x69, 0x0d, 0x29, 0x24, 0xad,
447 0x23, 0x6d, 0xfd, 0x43, 0x0d, 0xd3, 0x25, 0x81, 0
450 static void test_SystemFunction_enc32(descrypt func, int num)
452 unsigned char key[4], output[0x11];
457 skip("SystemFunction%03d is not available\n", num);
461 memset(output, 0, sizeof output);
463 /* two keys are generated using 4 bytes, repeated 4 times ... */
464 memcpy(key, "foo", 4);
466 r = func(des_plaintext, key, output);
467 ok( r == STATUS_SUCCESS, "wrong error code (%d)\n", num);
469 ok( !memcmp( output, des_ciphertext32, sizeof des_ciphertext32), "ciphertext wrong (%d)\n", num);
472 static void test_SystemFunction_dec32(descrypt func, int num)
474 unsigned char key[4], output[0x11];
479 skip("SystemFunction%03d is not available\n", num);
483 memset(output, 0, sizeof output);
485 /* two keys are generated using 4 bytes, repeated 4 times ... */
486 memcpy(key, "foo", 4);
488 r = func(des_ciphertext32, key, output);
489 ok( r == STATUS_SUCCESS, "wrong error code (%d)\n", num);
491 ok( !memcmp( output, des_plaintext, sizeof des_plaintext), "plaintext wrong (%d)\n", num);
494 static void test_memcmpfunc(memcmpfunc fn)
496 unsigned char arg1[0x20], arg2[0x20];
501 skip("function is not available\n");
511 memset(arg1, 0, sizeof arg1);
512 memset(arg2, 0, sizeof arg2);
516 ok( r == 1, "wrong error code\n");
518 memset(arg1, 1, sizeof arg1);
519 memset(arg2, 1, sizeof arg2);
523 ok( r == 1, "wrong error code\n");
525 memset(arg1, 0, sizeof arg1);
526 memset(arg2, 1, sizeof arg2);
529 ok( r == 0, "wrong error code\n");
531 memset(arg1, 1, sizeof arg1);
532 memset(arg2, 0, sizeof arg2);
535 ok( r == 0, "wrong error code\n");
538 START_TEST(crypt_lmhash)
540 HMODULE module = GetModuleHandleA("advapi32.dll");
542 pSystemFunction001 = (fnSystemFunction001)GetProcAddress( module, "SystemFunction001" );
543 if (pSystemFunction001)
544 test_SystemFunction001();
546 skip("SystemFunction001 is not available\n");
548 pSystemFunction002 = (fnSystemFunction002)GetProcAddress( module, "SystemFunction002" );
549 if (pSystemFunction002)
550 test_SystemFunction002();
552 skip("SystemFunction002 is not available\n");
554 pSystemFunction003 = (fnSystemFunction003)GetProcAddress( module, "SystemFunction003" );
555 if (pSystemFunction003)
556 test_SystemFunction003();
558 skip("SystemFunction002 is not available\n");
560 pSystemFunction004 = (fnSystemFunction004)GetProcAddress( module, "SystemFunction004" );
561 if (pSystemFunction004)
562 test_SystemFunction004();
564 skip("SystemFunction004 is not available\n");
566 pSystemFunction005 = (fnSystemFunction005)GetProcAddress( module, "SystemFunction005" );
567 if (pSystemFunction005)
568 test_SystemFunction005();
570 skip("SystemFunction005 is not available\n");
572 pSystemFunction006 = (fnSystemFunction006)GetProcAddress( module, "SystemFunction006" );
573 if (pSystemFunction006)
574 test_SystemFunction006();
576 skip("SystemFunction006 is not available\n");
578 pSystemFunction008 = (fnSystemFunction008)GetProcAddress( module, "SystemFunction008" );
579 if (pSystemFunction008)
580 test_SystemFunction008();
582 skip("SystemFunction008 is not available\n");
584 pSystemFunction009 = (fnSystemFunction009)GetProcAddress( module, "SystemFunction009" );
585 if (pSystemFunction009)
586 test_SystemFunction009();
588 skip("SystemFunction009 is not available\n");
590 pSystemFunction012 = (descrypt) GetProcAddress( module, "SystemFunction012");
591 pSystemFunction013 = (descrypt) GetProcAddress( module, "SystemFunction013");
592 pSystemFunction014 = (descrypt) GetProcAddress( module, "SystemFunction014");
593 pSystemFunction015 = (descrypt) GetProcAddress( module, "SystemFunction015");
594 pSystemFunction016 = (descrypt) GetProcAddress( module, "SystemFunction016");
595 pSystemFunction017 = (descrypt) GetProcAddress( module, "SystemFunction017");
596 pSystemFunction018 = (descrypt) GetProcAddress( module, "SystemFunction018");
597 pSystemFunction019 = (descrypt) GetProcAddress( module, "SystemFunction019");
598 pSystemFunction020 = (descrypt) GetProcAddress( module, "SystemFunction020");
599 pSystemFunction021 = (descrypt) GetProcAddress( module, "SystemFunction021");
600 pSystemFunction022 = (descrypt) GetProcAddress( module, "SystemFunction022");
601 pSystemFunction023 = (descrypt) GetProcAddress( module, "SystemFunction023");
603 /* these all encrypt two DES blocks */
604 test_SystemFunction_encrypt(pSystemFunction012, 12);
605 test_SystemFunction_encrypt(pSystemFunction014, 14);
606 test_SystemFunction_encrypt(pSystemFunction016, 16);
607 test_SystemFunction_encrypt(pSystemFunction018, 18);
608 test_SystemFunction_encrypt(pSystemFunction020, 20);
609 test_SystemFunction_encrypt(pSystemFunction022, 22);
611 /* these all decrypt two DES blocks */
612 test_SystemFunction_decrypt(pSystemFunction013, 13);
613 test_SystemFunction_decrypt(pSystemFunction015, 15);
614 test_SystemFunction_decrypt(pSystemFunction017, 17);
615 test_SystemFunction_decrypt(pSystemFunction019, 19);
616 test_SystemFunction_decrypt(pSystemFunction021, 21);
617 test_SystemFunction_decrypt(pSystemFunction023, 23);
619 pSystemFunction024 = (descrypt) GetProcAddress( module, "SystemFunction024");
620 pSystemFunction025 = (descrypt) GetProcAddress( module, "SystemFunction025");
621 pSystemFunction026 = (descrypt) GetProcAddress( module, "SystemFunction026");
622 pSystemFunction027 = (descrypt) GetProcAddress( module, "SystemFunction027");
624 /* these encrypt two DES blocks with a short key */
625 test_SystemFunction_enc32(pSystemFunction024, 24);
626 test_SystemFunction_enc32(pSystemFunction026, 26);
628 /* these descrypt two DES blocks with a short key */
629 test_SystemFunction_dec32(pSystemFunction025, 25);
630 test_SystemFunction_dec32(pSystemFunction027, 27);
632 pSystemFunction030 = (memcmpfunc) GetProcAddress( module, "SystemFunction030" );
633 pSystemFunction031 = (memcmpfunc) GetProcAddress( module, "SystemFunction031" );
635 test_memcmpfunc(pSystemFunction030);
636 test_memcmpfunc(pSystemFunction031);
638 pSystemFunction032 = (fnSystemFunction032)GetProcAddress( module, "SystemFunction032" );
639 if (pSystemFunction032)
640 test_SystemFunction032();
642 skip("SystemFunction032 is not available\n");