2 * Tests for the NTLM security provider
4 * Copyright 2005, 2006 Kai Blin
5 * Copyright 2006 Dmitry Timoshkov
7 * This library is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU Lesser General Public
9 * License as published by the Free Software Foundation; either
10 * version 2.1 of the License, or (at your option) any later version.
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
17 * You should have received a copy of the GNU Lesser General Public
18 * License along with this library; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
21 * The code that tests for the behaviour of ISC_REQ_ALLOCATE_MEMORY is based
22 * on code written by Dmitry Timoshkov.
31 #define SECURITY_WIN32
36 #include "wine/test.h"
38 static HMODULE secdll;
39 static PSecurityFunctionTableA (SEC_ENTRY * pInitSecurityInterfaceA)(void);
40 static SECURITY_STATUS (SEC_ENTRY * pFreeContextBuffer)(PVOID pv);
41 static SECURITY_STATUS (SEC_ENTRY * pQuerySecurityPackageInfoA)(SEC_CHAR*, PSecPkgInfoA*);
42 static SECURITY_STATUS (SEC_ENTRY * pAcquireCredentialsHandleA)(SEC_CHAR*, SEC_CHAR*,
43 ULONG, PLUID, PVOID, SEC_GET_KEY_FN, PVOID, PCredHandle, PTimeStamp);
44 static SECURITY_STATUS (SEC_ENTRY * pInitializeSecurityContextA)(PCredHandle, PCtxtHandle,
45 SEC_CHAR*, ULONG, ULONG, ULONG, PSecBufferDesc, ULONG,
46 PCtxtHandle, PSecBufferDesc, PULONG, PTimeStamp);
47 static SECURITY_STATUS (SEC_ENTRY * pCompleteAuthToken)(PCtxtHandle, PSecBufferDesc);
48 static SECURITY_STATUS (SEC_ENTRY * pAcceptSecurityContext)(PCredHandle, PCtxtHandle,
49 PSecBufferDesc, ULONG, ULONG, PCtxtHandle, PSecBufferDesc,
51 static SECURITY_STATUS (SEC_ENTRY * pFreeCredentialsHandle)(PCredHandle);
52 static SECURITY_STATUS (SEC_ENTRY * pDeleteSecurityContext)(PCtxtHandle);
53 static SECURITY_STATUS (SEC_ENTRY * pQueryContextAttributesA)(PCtxtHandle, ULONG, PVOID);
54 static SECURITY_STATUS (SEC_ENTRY * pMakeSignature)(PCtxtHandle, ULONG,
55 PSecBufferDesc, ULONG);
56 static SECURITY_STATUS (SEC_ENTRY * pVerifySignature)(PCtxtHandle, PSecBufferDesc,
58 static SECURITY_STATUS (SEC_ENTRY * pEncryptMessage)(PCtxtHandle, ULONG,
59 PSecBufferDesc, ULONG);
60 static SECURITY_STATUS (SEC_ENTRY * pDecryptMessage)(PCtxtHandle, PSecBufferDesc,
63 typedef struct _SspiData {
66 PSecBufferDesc in_buf;
67 PSecBufferDesc out_buf;
68 PSEC_WINNT_AUTH_IDENTITY id;
72 static BYTE network_challenge[] =
73 {0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00, 0x02, 0x00,
74 0x00, 0x00, 0x10, 0x00, 0x10, 0x00, 0x30, 0x00, 0x00, 0x00,
75 0x05, 0x82, 0x82, 0xa0, 0xe9, 0x58, 0x7f, 0x14, 0xa2, 0x86,
76 0x3b, 0x63, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
77 0x54, 0x00, 0x54, 0x00, 0x40, 0x00, 0x00, 0x00, 0x43, 0x00,
78 0x41, 0x00, 0x53, 0x00, 0x49, 0x00, 0x4e, 0x00, 0x4f, 0x00,
79 0x30, 0x00, 0x31, 0x00, 0x02, 0x00, 0x10, 0x00, 0x43, 0x00,
80 0x41, 0x00, 0x53, 0x00, 0x49, 0x00, 0x4e, 0x00, 0x4f, 0x00,
81 0x30, 0x00, 0x31, 0x00, 0x01, 0x00, 0x10, 0x00, 0x43, 0x00,
82 0x41, 0x00, 0x53, 0x00, 0x49, 0x00, 0x4e, 0x00, 0x4f, 0x00,
83 0x30, 0x00, 0x31, 0x00, 0x04, 0x00, 0x10, 0x00, 0x63, 0x00,
84 0x61, 0x00, 0x73, 0x00, 0x69, 0x00, 0x6e, 0x00, 0x6f, 0x00,
85 0x30, 0x00, 0x31, 0x00, 0x03, 0x00, 0x10, 0x00, 0x63, 0x00,
86 0x61, 0x00, 0x73, 0x00, 0x69, 0x00, 0x6e, 0x00, 0x6f, 0x00,
87 0x30, 0x00, 0x31, 0x00, 0x00, 0x00, 0x00, 0x00};
89 static BYTE native_challenge[] =
90 {0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00, 0x02, 0x00,
91 0x00, 0x00, 0x10, 0x00, 0x10, 0x00, 0x30, 0x00, 0x00, 0x00,
92 0x05, 0x82, 0x82, 0xa0, 0xb5, 0x60, 0x8e, 0x95, 0xb5, 0x3c,
93 0xee, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
94 0x54, 0x00, 0x54, 0x00, 0x40, 0x00, 0x00, 0x00, 0x43, 0x00,
95 0x41, 0x00, 0x53, 0x00, 0x49, 0x00, 0x4e, 0x00, 0x4f, 0x00,
96 0x30, 0x00, 0x31, 0x00, 0x02, 0x00, 0x10, 0x00, 0x43, 0x00,
97 0x41, 0x00, 0x53, 0x00, 0x49, 0x00, 0x4e, 0x00, 0x4f, 0x00,
98 0x30, 0x00, 0x31, 0x00, 0x01, 0x00, 0x10, 0x00, 0x43, 0x00,
99 0x41, 0x00, 0x53, 0x00, 0x49, 0x00, 0x4e, 0x00, 0x4f, 0x00,
100 0x30, 0x00, 0x31, 0x00, 0x04, 0x00, 0x10, 0x00, 0x63, 0x00,
101 0x61, 0x00, 0x73, 0x00, 0x69, 0x00, 0x6e, 0x00, 0x6f, 0x00,
102 0x30, 0x00, 0x31, 0x00, 0x03, 0x00, 0x10, 0x00, 0x63, 0x00,
103 0x61, 0x00, 0x73, 0x00, 0x69, 0x00, 0x6e, 0x00, 0x6f, 0x00,
104 0x30, 0x00, 0x31, 0x00, 0x00, 0x00, 0x00, 0x00};
106 static BYTE message_signature[] =
107 {0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
108 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
110 static BYTE message_binary[] =
111 {0x48, 0x65, 0x6c, 0x6c, 0x6f, 0x2c, 0x20, 0x77, 0x6f, 0x72,
114 static char message[] = "Hello, world!";
116 static char message_header[] = "Header Test";
118 static BYTE crypt_trailer_client[] =
119 {0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xe8, 0xc7,
120 0xaa, 0x26, 0x16, 0x39, 0x07, 0x4e};
122 static BYTE crypt_message_client[] =
123 {0x86, 0x9c, 0x5a, 0x10, 0x78, 0xb3, 0x30, 0x98, 0x46, 0x15,
126 static BYTE crypt_trailer_client2[] =
127 {0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xc5, 0xa7,
128 0xf7, 0x0f, 0x5b, 0x25, 0xbe, 0xa4};
130 static BYTE crypt_message_client2[] =
131 {0x20, 0x6c, 0x01, 0xab, 0xb0, 0x4c, 0x93, 0xe4, 0x1e, 0xfc,
134 static BYTE crypt_trailer_server[] =
135 {0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1c, 0x46,
136 0x2e, 0x77, 0xeb, 0xf0, 0xf6, 0x9e};
138 static BYTE crypt_message_server[] =
139 {0xf6, 0xb7, 0x92, 0x0c, 0xac, 0xea, 0x98, 0xe6, 0xef, 0xa0,
142 static BYTE crypt_trailer_server2[] =
143 {0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xb1, 0x4e,
144 0x46, 0xb7, 0xca, 0xf7, 0x7f, 0xb3};
146 static BYTE crypt_message_server2[] =
147 {0xc8, 0xf2, 0x39, 0x7f, 0x0c, 0xaf, 0xf5, 0x5d, 0xef, 0x0c,
150 static void InitFunctionPtrs(void)
152 secdll = LoadLibraryA("secur32.dll");
154 secdll = LoadLibraryA("security.dll");
157 pInitSecurityInterfaceA = (PVOID)GetProcAddress(secdll, "InitSecurityInterfaceA");
158 pFreeContextBuffer = (PVOID)GetProcAddress(secdll, "FreeContextBuffer");
159 pQuerySecurityPackageInfoA = (PVOID)GetProcAddress(secdll, "QuerySecurityPackageInfoA");
160 pAcquireCredentialsHandleA = (PVOID)GetProcAddress(secdll, "AcquireCredentialsHandleA");
161 pInitializeSecurityContextA = (PVOID)GetProcAddress(secdll, "InitializeSecurityContextA");
162 pCompleteAuthToken = (PVOID)GetProcAddress(secdll, "CompleteAuthToken");
163 pAcceptSecurityContext = (PVOID)GetProcAddress(secdll, "AcceptSecurityContext");
164 pFreeCredentialsHandle = (PVOID)GetProcAddress(secdll, "FreeCredentialsHandle");
165 pDeleteSecurityContext = (PVOID)GetProcAddress(secdll, "DeleteSecurityContext");
166 pQueryContextAttributesA = (PVOID)GetProcAddress(secdll, "QueryContextAttributesA");
167 pMakeSignature = (PVOID)GetProcAddress(secdll, "MakeSignature");
168 pVerifySignature = (PVOID)GetProcAddress(secdll, "VerifySignature");
169 pEncryptMessage = (PVOID)GetProcAddress(secdll, "EncryptMessage");
170 pDecryptMessage = (PVOID)GetProcAddress(secdll, "DecryptMessage");
174 static const char* getSecError(SECURITY_STATUS status)
178 #define _SEC_ERR(x) case (x): return #x;
182 _SEC_ERR(SEC_E_INSUFFICIENT_MEMORY);
183 _SEC_ERR(SEC_E_INVALID_HANDLE);
184 _SEC_ERR(SEC_E_UNSUPPORTED_FUNCTION);
185 _SEC_ERR(SEC_E_TARGET_UNKNOWN);
186 _SEC_ERR(SEC_E_INTERNAL_ERROR);
187 _SEC_ERR(SEC_E_SECPKG_NOT_FOUND);
188 _SEC_ERR(SEC_E_NOT_OWNER);
189 _SEC_ERR(SEC_E_CANNOT_INSTALL);
190 _SEC_ERR(SEC_E_INVALID_TOKEN);
191 _SEC_ERR(SEC_E_CANNOT_PACK);
192 _SEC_ERR(SEC_E_QOP_NOT_SUPPORTED);
193 _SEC_ERR(SEC_E_NO_IMPERSONATION);
194 _SEC_ERR(SEC_I_CONTINUE_NEEDED);
195 _SEC_ERR(SEC_E_BUFFER_TOO_SMALL);
196 _SEC_ERR(SEC_E_ILLEGAL_MESSAGE);
197 _SEC_ERR(SEC_E_LOGON_DENIED);
198 _SEC_ERR(SEC_E_NO_CREDENTIALS);
199 _SEC_ERR(SEC_E_OUT_OF_SEQUENCE);
200 _SEC_ERR(SEC_E_MESSAGE_ALTERED);
202 sprintf(buf, "%08x\n", status);
208 /**********************************************************************/
210 static SECURITY_STATUS setupBuffers(SspiData *sspi_data, SecPkgInfoA *sec_pkg_info)
213 sspi_data->in_buf = HeapAlloc(GetProcessHeap(), 0, sizeof(SecBufferDesc));
214 sspi_data->out_buf = HeapAlloc(GetProcessHeap(), 0, sizeof(SecBufferDesc));
215 sspi_data->max_token = sec_pkg_info->cbMaxToken;
217 if(sspi_data->in_buf != NULL)
219 PSecBuffer sec_buffer = HeapAlloc(GetProcessHeap(), 0,
221 if(sec_buffer == NULL){
222 trace("in_buf: sec_buffer == NULL\n");
223 return SEC_E_INSUFFICIENT_MEMORY;
226 sspi_data->in_buf->ulVersion = SECBUFFER_VERSION;
227 sspi_data->in_buf->cBuffers = 1;
228 sspi_data->in_buf->pBuffers = sec_buffer;
230 sec_buffer->cbBuffer = sec_pkg_info->cbMaxToken;
231 sec_buffer->BufferType = SECBUFFER_TOKEN;
232 if((sec_buffer->pvBuffer = HeapAlloc(GetProcessHeap(), 0,
233 sec_pkg_info->cbMaxToken)) == NULL)
235 trace("in_buf: sec_buffer->pvBuffer == NULL\n");
236 return SEC_E_INSUFFICIENT_MEMORY;
241 trace("HeapAlloc in_buf returned NULL\n");
242 return SEC_E_INSUFFICIENT_MEMORY;
245 if(sspi_data->out_buf != NULL)
247 PSecBuffer sec_buffer = HeapAlloc(GetProcessHeap(), 0,
250 if(sec_buffer == NULL){
251 trace("out_buf: sec_buffer == NULL\n");
252 return SEC_E_INSUFFICIENT_MEMORY;
255 sspi_data->out_buf->ulVersion = SECBUFFER_VERSION;
256 sspi_data->out_buf->cBuffers = 1;
257 sspi_data->out_buf->pBuffers = sec_buffer;
259 sec_buffer->cbBuffer = sec_pkg_info->cbMaxToken;
260 sec_buffer->BufferType = SECBUFFER_TOKEN;
261 if((sec_buffer->pvBuffer = HeapAlloc(GetProcessHeap(), 0,
262 sec_pkg_info->cbMaxToken)) == NULL){
263 trace("out_buf: sec_buffer->pvBuffer == NULL\n");
264 return SEC_E_INSUFFICIENT_MEMORY;
269 trace("HeapAlloc out_buf returned NULL\n");
270 return SEC_E_INSUFFICIENT_MEMORY;
276 /**********************************************************************/
278 static void cleanupBuffers(SspiData *sspi_data)
282 if(sspi_data->in_buf != NULL)
284 for(i = 0; i < sspi_data->in_buf->cBuffers; ++i)
286 HeapFree(GetProcessHeap(), 0, sspi_data->in_buf->pBuffers[i].pvBuffer);
288 HeapFree(GetProcessHeap(), 0, sspi_data->in_buf->pBuffers);
289 HeapFree(GetProcessHeap(), 0, sspi_data->in_buf);
292 if(sspi_data->out_buf != NULL)
294 for(i = 0; i < sspi_data->out_buf->cBuffers; ++i)
296 HeapFree(GetProcessHeap(), 0, sspi_data->out_buf->pBuffers[i].pvBuffer);
298 HeapFree(GetProcessHeap(), 0, sspi_data->out_buf->pBuffers);
299 HeapFree(GetProcessHeap(), 0, sspi_data->out_buf);
303 /**********************************************************************/
305 static SECURITY_STATUS setupClient(SspiData *sspi_data, SEC_CHAR *provider)
309 SecPkgInfoA *sec_pkg_info;
311 trace("Running setupClient\n");
313 sspi_data->cred = HeapAlloc(GetProcessHeap(), 0, sizeof(CredHandle));
314 sspi_data->ctxt = HeapAlloc(GetProcessHeap(), 0, sizeof(CtxtHandle));
316 ret = pQuerySecurityPackageInfoA(provider, &sec_pkg_info);
318 ok(ret == SEC_E_OK, "QuerySecurityPackageInfo returned %s\n", getSecError(ret));
320 setupBuffers(sspi_data, sec_pkg_info);
322 if((ret = pAcquireCredentialsHandleA(NULL, provider, SECPKG_CRED_OUTBOUND,
323 NULL, sspi_data->id, NULL, NULL, sspi_data->cred, &ttl))
326 trace("AcquireCredentialsHandle() returned %s\n", getSecError(ret));
329 ok(ret == SEC_E_OK, "AcquireCredentialsHande() returned %s\n",
334 /**********************************************************************/
336 static SECURITY_STATUS setupServer(SspiData *sspi_data, SEC_CHAR *provider)
340 SecPkgInfoA *sec_pkg_info;
342 trace("Running setupServer\n");
344 sspi_data->cred = HeapAlloc(GetProcessHeap(), 0, sizeof(CredHandle));
345 sspi_data->ctxt = HeapAlloc(GetProcessHeap(), 0, sizeof(CtxtHandle));
347 ret = pQuerySecurityPackageInfoA(provider, &sec_pkg_info);
349 ok(ret == SEC_E_OK, "QuerySecurityPackageInfo returned %s\n", getSecError(ret));
351 setupBuffers(sspi_data, sec_pkg_info);
353 if((ret = pAcquireCredentialsHandleA(NULL, provider, SECPKG_CRED_INBOUND,
354 NULL, NULL, NULL, NULL, sspi_data->cred, &ttl)) != SEC_E_OK)
356 trace("AcquireCredentialsHandle() returned %s\n", getSecError(ret));
359 ok(ret == SEC_E_OK, "AcquireCredentialsHande() returned %s\n",
365 /**********************************************************************/
367 static SECURITY_STATUS setupFakeServer(SspiData *sspi_data, SEC_CHAR *provider)
370 SecPkgInfoA *sec_pkg_info;
372 trace("Running setupFakeServer\n");
374 sspi_data->cred = HeapAlloc(GetProcessHeap(), 0, sizeof(CredHandle));
375 sspi_data->ctxt = HeapAlloc(GetProcessHeap(), 0, sizeof(CtxtHandle));
377 ret = pQuerySecurityPackageInfoA(provider, &sec_pkg_info);
379 ok(ret == SEC_E_OK, "QuerySecurityPackageInfo returned %s\n", getSecError(ret));
381 ret = setupBuffers(sspi_data, sec_pkg_info);
387 /**********************************************************************/
389 static SECURITY_STATUS runClient(SspiData *sspi_data, BOOL first, ULONG data_rep)
395 PSecBufferDesc in_buf = sspi_data->in_buf;
396 PSecBufferDesc out_buf = sspi_data->out_buf;
398 assert(in_buf->cBuffers >= 1);
399 assert(in_buf->pBuffers[0].pvBuffer != NULL);
400 assert(in_buf->pBuffers[0].cbBuffer != 0);
402 assert(out_buf->cBuffers >= 1);
403 assert(out_buf->pBuffers[0].pvBuffer != NULL);
404 assert(out_buf->pBuffers[0].cbBuffer != 0);
406 trace("Running the client the %s time.\n", first?"first":"second");
408 /* We can either use ISC_REQ_ALLOCATE_MEMORY flag to ask the provider
409 * always allocate output buffers for us, or initialize cbBuffer
410 * before each call because the API changes it to represent actual
411 * amount of data in the buffer.
414 /* test a failing call only the first time, otherwise we get
415 * SEC_E_OUT_OF_SEQUENCE
421 /* pass NULL as an output buffer */
422 ret = pInitializeSecurityContextA(sspi_data->cred, NULL, NULL, req_attr,
423 0, data_rep, NULL, 0, sspi_data->ctxt, NULL,
426 ok(ret == SEC_E_BUFFER_TOO_SMALL, "expected SEC_E_BUFFER_TOO_SMALL, got %s\n", getSecError(ret));
428 /* pass NULL as an output buffer */
429 old_buf = out_buf->pBuffers[0].pvBuffer;
430 out_buf->pBuffers[0].pvBuffer = NULL;
432 ret = pInitializeSecurityContextA(sspi_data->cred, NULL, NULL, req_attr,
433 0, data_rep, NULL, 0, sspi_data->ctxt, out_buf,
436 ok(ret == SEC_E_INTERNAL_ERROR, "expected SEC_E_INTERNAL_ERROR, got %s\n", getSecError(ret));
438 out_buf->pBuffers[0].pvBuffer = old_buf;
440 /* pass an output buffer of 0 size */
441 out_buf->pBuffers[0].cbBuffer = 0;
443 ret = pInitializeSecurityContextA(sspi_data->cred, NULL, NULL, req_attr,
444 0, data_rep, NULL, 0, sspi_data->ctxt, out_buf,
447 ok(ret == SEC_E_BUFFER_TOO_SMALL, "expected SEC_E_BUFFER_TOO_SMALL, got %s\n", getSecError(ret));
449 ok(out_buf->pBuffers[0].cbBuffer == 0,
450 "InitializeSecurityContext set buffer size to %lu\n", out_buf->pBuffers[0].cbBuffer);
453 out_buf->pBuffers[0].cbBuffer = sspi_data->max_token;
455 ret = pInitializeSecurityContextA(sspi_data->cred, first?NULL:sspi_data->ctxt, NULL, req_attr,
456 0, data_rep, first?NULL:in_buf, 0, sspi_data->ctxt, out_buf,
459 if(ret == SEC_I_COMPLETE_AND_CONTINUE || ret == SEC_I_COMPLETE_NEEDED)
461 pCompleteAuthToken(sspi_data->ctxt, out_buf);
462 if(ret == SEC_I_COMPLETE_AND_CONTINUE)
463 ret = SEC_I_CONTINUE_NEEDED;
464 else if(ret == SEC_I_COMPLETE_NEEDED)
468 ok(out_buf->pBuffers[0].cbBuffer < sspi_data->max_token,
469 "InitializeSecurityContext set buffer size to %lu\n", out_buf->pBuffers[0].cbBuffer);
474 /**********************************************************************/
476 static SECURITY_STATUS runServer(SspiData *sspi_data, BOOL first, ULONG data_rep)
482 trace("Running the server the %s time\n", first?"first":"second");
484 ret = pAcceptSecurityContext(sspi_data->cred, first?NULL:sspi_data->ctxt,
485 sspi_data->in_buf, 0, data_rep, sspi_data->ctxt,
486 sspi_data->out_buf, &ctxt_attr, &ttl);
488 if(ret == SEC_I_COMPLETE_AND_CONTINUE || ret == SEC_I_COMPLETE_NEEDED)
490 pCompleteAuthToken(sspi_data->ctxt, sspi_data->out_buf);
491 if(ret == SEC_I_COMPLETE_AND_CONTINUE)
492 ret = SEC_I_CONTINUE_NEEDED;
493 else if(ret == SEC_I_COMPLETE_NEEDED)
500 /**********************************************************************/
502 static SECURITY_STATUS runFakeServer(SspiData *sspi_data, BOOL first, ULONG data_rep)
504 trace("Running the fake server the %s time\n", first?"first":"second");
508 sspi_data->out_buf->pBuffers[0].cbBuffer = 0;
512 if(data_rep == SECURITY_NATIVE_DREP)
514 sspi_data->out_buf->pBuffers[0].cbBuffer = sizeof(native_challenge);
515 memcpy(sspi_data->out_buf->pBuffers[0].pvBuffer, native_challenge,
516 sspi_data->out_buf->pBuffers[0].cbBuffer);
520 sspi_data->out_buf->pBuffers[0].cbBuffer = sizeof(network_challenge);
521 memcpy(sspi_data->out_buf->pBuffers[0].pvBuffer, network_challenge,
522 sspi_data->out_buf->pBuffers[0].cbBuffer);
525 return SEC_I_CONTINUE_NEEDED;
528 /**********************************************************************/
530 static void communicate(SspiData *from, SspiData *to)
532 if(from->out_buf != NULL && to->in_buf != NULL)
534 trace("Running communicate.\n");
535 if((from->out_buf->cBuffers >= 1) && (to->in_buf->cBuffers >= 1))
537 if((from->out_buf->pBuffers[0].pvBuffer != NULL) &&
538 (to->in_buf->pBuffers[0].pvBuffer != NULL))
540 memset(to->in_buf->pBuffers[0].pvBuffer, 0, to->max_token);
542 memcpy(to->in_buf->pBuffers[0].pvBuffer,
543 from->out_buf->pBuffers[0].pvBuffer,
544 from->out_buf->pBuffers[0].cbBuffer);
546 to->in_buf->pBuffers[0].cbBuffer = from->out_buf->pBuffers[0].cbBuffer;
548 memset(from->out_buf->pBuffers[0].pvBuffer, 0, from->max_token);
554 /**********************************************************************/
555 static void testInitializeSecurityContextFlags()
557 SECURITY_STATUS sec_status;
558 PSecPkgInfo pkg_info = NULL;
560 SEC_WINNT_AUTH_IDENTITY id;
561 static char sec_pkg_name[] = "NTLM",
562 test_user[] = "testuser",
563 workgroup[] = "WORKGROUP",
564 test_pass[] = "testpass";
565 ULONG req_attr, ctxt_attr;
569 if(pQuerySecurityPackageInfoA( sec_pkg_name, &pkg_info) != SEC_E_OK)
571 trace("Package not installed, skipping test!\n");
575 pFreeContextBuffer(pkg_info);
576 id.User = (unsigned char*) test_user;
577 id.UserLength = strlen((char *) id.User);
578 id.Domain = (unsigned char *) workgroup;
579 id.DomainLength = strlen((char *) id.Domain);
580 id.Password = (unsigned char*) test_pass;
581 id.PasswordLength = strlen((char *) id.Password);
582 id.Flags = SEC_WINNT_AUTH_IDENTITY_ANSI;
586 if((sec_status = setupClient(&client, sec_pkg_name)) != SEC_E_OK)
588 trace("Setting up the client returned %s, skipping test!\n",
589 getSecError(sec_status));
593 packet = client.out_buf->pBuffers[0].pvBuffer;
595 /* Due to how the requesting of the flags is implemented in ntlm_auth,
596 * the tests need to be in this order, as there is no way to specify
597 * "I request no special features" in ntlm_auth */
599 /* Without any flags, the lowest byte should not have bits 0x20 or 0x10 set*/
602 if((sec_status = pInitializeSecurityContextA(client.cred, NULL, NULL, req_attr,
603 0, SECURITY_NETWORK_DREP, NULL, 0, client.ctxt, client.out_buf,
604 &ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED)
606 trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n",
607 getSecError(sec_status));
611 ok(((packet[12] & 0x10) == 0) && ((packet[12] & 0x20) == 0),
612 "With req_attr == 0, flags are 0x%02x%02x%02x%02x.\n",
613 packet[15], packet[14], packet[13], packet[12]);
615 /* With ISC_REQ_CONNECTION, the lowest byte should not have bits 0x20 or 0x10 set*/
616 req_attr = ISC_REQ_CONNECTION;
618 if((sec_status = pInitializeSecurityContextA(client.cred, NULL, NULL, req_attr,
619 0, SECURITY_NETWORK_DREP, NULL, 0, client.ctxt, client.out_buf,
620 &ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED)
622 trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n",
623 getSecError(sec_status));
627 ok(((packet[12] & 0x10) == 0) && ((packet[12] & 0x20) == 0),
628 "For ISC_REQ_CONNECTION, flags are 0x%02x%02x%02x%02x.\n",
629 packet[15], packet[14], packet[13], packet[12]);
631 /* With ISC_REQ_EXTENDED_ERROR, the lowest byte should not have bits 0x20 or 0x10 set*/
632 req_attr = ISC_REQ_EXTENDED_ERROR;
634 if((sec_status = pInitializeSecurityContextA(client.cred, NULL, NULL, req_attr,
635 0, SECURITY_NETWORK_DREP, NULL, 0, client.ctxt, client.out_buf,
636 &ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED)
638 trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n",
639 getSecError(sec_status));
643 ok(((packet[12] & 0x10) == 0) && ((packet[12] & 0x20) == 0),
644 "For ISC_REQ_EXTENDED_ERROR, flags are 0x%02x%02x%02x%02x.\n",
645 packet[15], packet[14], packet[13], packet[12]);
647 /* With ISC_REQ_MUTUAL_AUTH, the lowest byte should not have bits 0x20 or 0x10 set*/
648 req_attr = ISC_REQ_MUTUAL_AUTH;
650 if((sec_status = pInitializeSecurityContextA(client.cred, NULL, NULL, req_attr,
651 0, SECURITY_NETWORK_DREP, NULL, 0, client.ctxt, client.out_buf,
652 &ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED)
654 trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n",
655 getSecError(sec_status));
659 ok(((packet[12] & 0x10) == 0) && ((packet[12] & 0x20) == 0),
660 "For ISC_REQ_MUTUAL_AUTH, flags are 0x%02x%02x%02x%02x.\n",
661 packet[15], packet[14], packet[13], packet[12]);
663 /* With ISC_REQ_USE_DCE_STYLE, the lowest byte should not have bits 0x20 or 0x10 set*/
664 req_attr = ISC_REQ_USE_DCE_STYLE;
666 if((sec_status = pInitializeSecurityContextA(client.cred, NULL, NULL, req_attr,
667 0, SECURITY_NETWORK_DREP, NULL, 0, client.ctxt, client.out_buf,
668 &ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED)
670 trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n",
671 getSecError(sec_status));
675 ok(((packet[12] & 0x10) == 0) && ((packet[12] & 0x20) == 0),
676 "For ISC_REQ_USE_DCE_STYLE, flags are 0x%02x%02x%02x%02x.\n",
677 packet[15], packet[14], packet[13], packet[12]);
679 /* With ISC_REQ_DELEGATE, the lowest byte should not have bits 0x20 or 0x10 set*/
680 req_attr = ISC_REQ_DELEGATE;
682 if((sec_status = pInitializeSecurityContextA(client.cred, NULL, NULL, req_attr,
683 0, SECURITY_NETWORK_DREP, NULL, 0, client.ctxt, client.out_buf,
684 &ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED)
686 trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n",
687 getSecError(sec_status));
691 ok(((packet[12] & 0x10) == 0) && ((packet[12] & 0x20) == 0),
692 "For ISC_REQ_DELEGATE, flags are 0x%02x%02x%02x%02x.\n",
693 packet[15], packet[14], packet[13], packet[12]);
695 /* With ISC_REQ_INTEGRITY, the lowest byte should have bit 0x10 set */
696 req_attr = ISC_REQ_INTEGRITY;
698 if((sec_status = pInitializeSecurityContextA(client.cred, NULL, NULL, req_attr,
699 0, SECURITY_NETWORK_DREP, NULL, 0, client.ctxt, client.out_buf,
700 &ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED)
702 trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n",
703 getSecError(sec_status));
707 ok((packet[12] & 0x10) != 0,
708 "For ISC_REQ_INTEGRITY, flags are 0x%02x%02x%02x%02x.\n",
709 packet[15], packet[14], packet[13], packet[12]);
711 /* With ISC_REQ_REPLAY_DETECT, the lowest byte should have bit 0x10 set */
712 req_attr = ISC_REQ_REPLAY_DETECT;
714 if((sec_status = pInitializeSecurityContextA(client.cred, NULL, NULL, req_attr,
715 0, SECURITY_NETWORK_DREP, NULL, 0, client.ctxt, client.out_buf,
716 &ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED)
718 trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n",
719 getSecError(sec_status));
723 ok((packet[12] & 0x10) != 0,
724 "For ISC_REQ_REPLAY_DETECT, flags are 0x%02x%02x%02x%02x.\n",
725 packet[15], packet[14], packet[13], packet[12]);
727 /* With ISC_REQ_SEQUENCE_DETECT, the lowest byte should have bit 0x10 set */
728 req_attr = ISC_REQ_SEQUENCE_DETECT;
730 if((sec_status = pInitializeSecurityContextA(client.cred, NULL, NULL, req_attr,
731 0, SECURITY_NETWORK_DREP, NULL, 0, client.ctxt, client.out_buf,
732 &ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED)
734 trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n",
735 getSecError(sec_status));
739 ok((packet[12] & 0x10) != 0,
740 "For ISC_REQ_SEQUENCE_DETECT, flags are 0x%02x%02x%02x%02x.\n",
741 packet[15], packet[14], packet[13], packet[12]);
743 /* With ISC_REQ_CONFIDENTIALITY, the lowest byte should have bit 0x20 set */
744 req_attr = ISC_REQ_CONFIDENTIALITY;
746 if((sec_status = pInitializeSecurityContextA(client.cred, NULL, NULL, req_attr,
747 0, SECURITY_NETWORK_DREP, NULL, 0, client.ctxt, client.out_buf,
748 &ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED)
750 trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n",
751 getSecError(sec_status));
755 ok((packet[12] & 0x20) != 0,
756 "For ISC_REQ_CONFIDENTIALITY, flags are 0x%02x%02x%02x%02x.\n",
757 packet[15], packet[14], packet[13], packet[12]);
760 cleanupBuffers(&client);
761 pFreeCredentialsHandle(client.cred);
765 /**********************************************************************/
767 static void testAuth(ULONG data_rep, BOOL fake)
769 SECURITY_STATUS client_stat = SEC_I_CONTINUE_NEEDED;
770 SECURITY_STATUS server_stat = SEC_I_CONTINUE_NEEDED;
771 SECURITY_STATUS sec_status;
772 PSecPkgInfo pkg_info = NULL;
774 SspiData client, server;
775 SEC_WINNT_AUTH_IDENTITY id;
776 SecPkgContext_Sizes ctxt_sizes;
777 static char sec_pkg_name[] = "NTLM";
779 if(pQuerySecurityPackageInfoA( sec_pkg_name, &pkg_info)== SEC_E_OK)
781 static char test_user[] = "testuser",
782 workgroup[] = "WORKGROUP",
783 test_pass[] = "testpass";
785 pFreeContextBuffer(pkg_info);
786 id.User = (unsigned char*) test_user;
787 id.UserLength = strlen((char *) id.User);
788 id.Domain = (unsigned char *) workgroup;
789 id.DomainLength = strlen((char *) id.Domain);
790 id.Password = (unsigned char*) test_pass;
791 id.PasswordLength = strlen((char *) id.Password);
792 id.Flags = SEC_WINNT_AUTH_IDENTITY_ANSI;
796 sec_status = setupClient(&client, sec_pkg_name);
798 if(sec_status != SEC_E_OK)
800 trace("Error: Setting up the client returned %s, exiting test!\n",
801 getSecError(sec_status));
802 pFreeCredentialsHandle(client.cred);
807 sec_status = setupFakeServer(&server, sec_pkg_name);
809 sec_status = setupServer(&server, sec_pkg_name);
811 if(sec_status != SEC_E_OK)
813 trace("Error: Setting up the server returned %s, exiting test!\n",
814 getSecError(sec_status));
815 pFreeCredentialsHandle(server.cred);
816 pFreeCredentialsHandle(client.cred);
821 while(client_stat == SEC_I_CONTINUE_NEEDED && server_stat == SEC_I_CONTINUE_NEEDED)
823 client_stat = runClient(&client, first, data_rep);
825 ok(client_stat == SEC_E_OK || client_stat == SEC_I_CONTINUE_NEEDED,
826 "Running the client returned %s, more tests will fail.\n",
827 getSecError(client_stat));
829 communicate(&client, &server);
832 server_stat = runFakeServer(&server, first, data_rep);
834 server_stat = runServer(&server, first, data_rep);
836 ok(server_stat == SEC_E_OK || server_stat == SEC_I_CONTINUE_NEEDED ||
837 server_stat == SEC_E_LOGON_DENIED,
838 "Running the server returned %s, more tests will fail from now.\n",
839 getSecError(server_stat));
841 communicate(&server, &client);
846 if(client_stat == SEC_E_OK)
848 sec_status = pQueryContextAttributesA(client.ctxt,
849 SECPKG_ATTR_SIZES, &ctxt_sizes);
851 ok(sec_status == SEC_E_OK,
852 "pQueryContextAttributesA(SECPKG_ATTR_SIZES) returned %s\n",
853 getSecError(sec_status));
854 ok(ctxt_sizes.cbMaxToken == 1904,
855 "cbMaxToken should be 1904 but is %lu\n",
856 ctxt_sizes.cbMaxToken);
857 ok(ctxt_sizes.cbMaxSignature == 16,
858 "cbMaxSignature should be 16 but is %lu\n",
859 ctxt_sizes.cbMaxSignature);
860 ok(ctxt_sizes.cbSecurityTrailer == 16,
861 "cbSecurityTrailer should be 16 but is %lu\n",
862 ctxt_sizes.cbSecurityTrailer);
863 ok(ctxt_sizes.cbBlockSize == 0,
864 "cbBlockSize should be 0 but is %lu\n",
865 ctxt_sizes.cbBlockSize);
868 trace("Authentication failed, skipping test.\n");
870 cleanupBuffers(&client);
871 cleanupBuffers(&server);
875 sec_status = pDeleteSecurityContext(server.ctxt);
876 ok(sec_status == SEC_E_OK, "DeleteSecurityContext(server) returned %s\n",
877 getSecError(sec_status));
880 sec_status = pDeleteSecurityContext(client.ctxt);
881 ok(sec_status == SEC_E_OK, "DeleteSecurityContext(client) returned %s\n",
882 getSecError(sec_status));
886 sec_status = pFreeCredentialsHandle(server.cred);
887 ok(sec_status == SEC_E_OK, "FreeCredentialsHandle(server) returned %s\n",
888 getSecError(sec_status));
891 sec_status = pFreeCredentialsHandle(client.cred);
892 ok(sec_status == SEC_E_OK, "FreeCredentialsHandle(client) returned %s\n",
893 getSecError(sec_status));
897 trace("Package not installed, skipping test.\n");
901 static void testSignSeal()
903 SECURITY_STATUS client_stat = SEC_I_CONTINUE_NEEDED;
904 SECURITY_STATUS server_stat = SEC_I_CONTINUE_NEEDED;
905 SECURITY_STATUS sec_status;
906 PSecPkgInfo pkg_info = NULL;
908 SspiData client, server;
909 SEC_WINNT_AUTH_IDENTITY id;
910 static char sec_pkg_name[] = "NTLM";
912 SecBuffer data[2], fake_data[2], complex_data[4];
914 SecPkgContext_Sizes ctxt_sizes;
916 /****************************************************************
917 * This is basically the same as in testAuth with a fake server,
918 * as we need a valid, authenticated context.
920 if(pQuerySecurityPackageInfoA( sec_pkg_name, &pkg_info)== SEC_E_OK)
922 static char test_user[] = "testuser",
923 workgroup[] = "WORKGROUP",
924 test_pass[] = "testpass";
926 pFreeContextBuffer(pkg_info);
927 id.User = (unsigned char*) test_user;
928 id.UserLength = strlen((char *) id.User);
929 id.Domain = (unsigned char *) workgroup;
930 id.DomainLength = strlen((char *) id.Domain);
931 id.Password = (unsigned char*) test_pass;
932 id.PasswordLength = strlen((char *) id.Password);
933 id.Flags = SEC_WINNT_AUTH_IDENTITY_ANSI;
937 sec_status = setupClient(&client, sec_pkg_name);
939 if(sec_status != SEC_E_OK)
941 trace("Error: Setting up the client returned %s, exiting test!\n",
942 getSecError(sec_status));
943 pFreeCredentialsHandle(client.cred);
947 sec_status = setupFakeServer(&server, sec_pkg_name);
949 while(client_stat == SEC_I_CONTINUE_NEEDED && server_stat == SEC_I_CONTINUE_NEEDED)
951 client_stat = runClient(&client, first, SECURITY_NETWORK_DREP);
953 communicate(&client, &server);
955 server_stat = runFakeServer(&server, first, SECURITY_NETWORK_DREP);
957 communicate(&server, &client);
962 /********************************************
963 * Now start with the actual testing *
964 ********************************************/
966 if(pQueryContextAttributesA(client.ctxt, SECPKG_ATTR_SIZES,
967 &ctxt_sizes) != SEC_E_OK)
969 trace("Failed to get context sizes, aborting test.\n");
973 crypt.ulVersion = SECBUFFER_VERSION;
976 crypt.pBuffers = fake_data;
978 fake_data[0].BufferType = SECBUFFER_DATA;
979 fake_data[0].cbBuffer = ctxt_sizes.cbSecurityTrailer;
980 fake_data[0].pvBuffer = HeapAlloc(GetProcessHeap(), 0, fake_data[0].cbBuffer);
982 fake_data[1].BufferType = SECBUFFER_DATA;
983 fake_data[1].cbBuffer = lstrlen(message);
984 fake_data[1].pvBuffer = HeapAlloc(GetProcessHeap(), 0, fake_data[1].cbBuffer);
986 sec_status = pMakeSignature(client.ctxt, 0, &crypt, 0);
987 ok(sec_status == SEC_E_INVALID_TOKEN,
988 "MakeSignature returned %s, not SEC_E_INVALID_TOKEN.\n",
989 getSecError(sec_status));
991 crypt.pBuffers = data;
993 data[0].BufferType = SECBUFFER_TOKEN;
994 data[0].cbBuffer = ctxt_sizes.cbSecurityTrailer;
995 data[0].pvBuffer = HeapAlloc(GetProcessHeap(), 0, data[0].cbBuffer);
997 data[1].BufferType = SECBUFFER_DATA;
998 data[1].cbBuffer = lstrlen(message);
999 data[1].pvBuffer = HeapAlloc(GetProcessHeap(), 0, data[1].cbBuffer);
1000 memcpy(data[1].pvBuffer, message, data[1].cbBuffer);
1002 /* As we forced NTLM to fall back to a password-derived session key,
1003 * we should get the same signature for our data, no matter if
1004 * it is sent by the client or the server
1006 sec_status = pMakeSignature(client.ctxt, 0, &crypt, 0);
1007 ok(sec_status == SEC_E_OK, "MakeSignature returned %s, not SEC_E_OK.\n",
1008 getSecError(sec_status));
1009 ok(!memcmp(crypt.pBuffers[0].pvBuffer, message_signature,
1010 crypt.pBuffers[0].cbBuffer), "Signature is not as expected.\n");
1012 data[0].cbBuffer = sizeof(message_signature);
1014 memcpy(data[0].pvBuffer, crypt_trailer_client, data[0].cbBuffer);
1016 sec_status = pVerifySignature(client.ctxt, &crypt, 0, &qop);
1017 ok(sec_status == SEC_E_MESSAGE_ALTERED,
1018 "VerifySignature returned %s, not SEC_E_MESSAGE_ALTERED.\n",
1019 getSecError(sec_status));
1021 memcpy(data[0].pvBuffer, message_signature, data[0].cbBuffer);
1023 sec_status = pVerifySignature(client.ctxt, &crypt, 0, &qop);
1024 ok(sec_status == SEC_E_OK, "VerifySignature returned %s, not SEC_E_OK.\n",
1025 getSecError(sec_status));
1027 sec_status = pEncryptMessage(client.ctxt, 0, &crypt, 0);
1028 ok(sec_status == SEC_E_OK, "EncryptMessage returned %s, not SEC_E_OK.\n",
1029 getSecError(sec_status));
1031 ok(!memcmp(crypt.pBuffers[0].pvBuffer, crypt_trailer_client,
1032 crypt.pBuffers[0].cbBuffer), "Crypt trailer not as expected.\n");
1033 ok(!memcmp(crypt.pBuffers[1].pvBuffer, crypt_message_client,
1034 crypt.pBuffers[1].cbBuffer), "Crypt message not as expected.\n");
1036 data[0].cbBuffer = sizeof(crypt_trailer_server);
1037 data[1].cbBuffer = sizeof(crypt_message_server);
1038 memcpy(data[0].pvBuffer, crypt_trailer_server, data[0].cbBuffer);
1039 memcpy(data[1].pvBuffer, crypt_message_server, data[1].cbBuffer);
1041 sec_status = pDecryptMessage(client.ctxt, &crypt, 0, &qop);
1043 ok(sec_status == SEC_E_OK, "DecryptMessage returned %s, not SEC_E_OK.\n",
1044 getSecError(sec_status));
1045 ok(!memcmp(crypt.pBuffers[1].pvBuffer, message_binary,
1046 crypt.pBuffers[1].cbBuffer),
1047 "Failed to decrypt message correctly.\n");
1049 trace("Testing with more than one buffer.\n");
1051 crypt.cBuffers = sizeof(complex_data)/sizeof(complex_data[0]);
1052 crypt.pBuffers = complex_data;
1054 complex_data[0].BufferType = SECBUFFER_DATA|SECBUFFER_READONLY_WITH_CHECKSUM;
1055 complex_data[0].cbBuffer = sizeof(message_header);
1056 complex_data[0].pvBuffer = message_header;
1058 complex_data[1].BufferType = SECBUFFER_DATA;
1059 complex_data[1].cbBuffer = lstrlen(message);
1060 complex_data[1].pvBuffer = HeapAlloc(GetProcessHeap(), 0, data[1].cbBuffer);
1061 memcpy(complex_data[1].pvBuffer, message, complex_data[1].cbBuffer);
1063 complex_data[2].BufferType = SECBUFFER_DATA|SECBUFFER_READONLY_WITH_CHECKSUM;
1064 complex_data[2].cbBuffer = sizeof(message_header);
1065 complex_data[2].pvBuffer = message_header;
1067 complex_data[3].BufferType = SECBUFFER_TOKEN;
1068 complex_data[3].cbBuffer = ctxt_sizes.cbSecurityTrailer;
1069 complex_data[3].pvBuffer = HeapAlloc(GetProcessHeap(), 0, complex_data[3].cbBuffer);
1071 /* We should get a dummy signature again. */
1072 sec_status = pMakeSignature(client.ctxt, 0, &crypt, 0);
1073 ok(sec_status == SEC_E_OK, "MakeSignature returned %s, not SEC_E_OK.\n",
1074 getSecError(sec_status));
1075 ok(!memcmp(crypt.pBuffers[3].pvBuffer, message_signature,
1076 crypt.pBuffers[3].cbBuffer), "Signature is not as expected.\n");
1078 /* Being a dummy signature, it will verify right away, as if the server
1080 sec_status = pVerifySignature(client.ctxt, &crypt, 0, &qop);
1081 ok(sec_status == SEC_E_OK, "VerifySignature returned %s, not SEC_E_OK\n",
1082 getSecError(sec_status));
1084 sec_status = pEncryptMessage(client.ctxt, 0, &crypt, 0);
1085 ok(sec_status == SEC_E_OK, "EncryptMessage returned %s, not SEC_E_OK.\n",
1086 getSecError(sec_status));
1088 ok(!memcmp(crypt.pBuffers[3].pvBuffer, crypt_trailer_client2,
1089 crypt.pBuffers[3].cbBuffer), "Crypt trailer not as expected.\n");
1091 ok(!memcmp(crypt.pBuffers[1].pvBuffer, crypt_message_client2,
1092 crypt.pBuffers[1].cbBuffer), "Crypt message not as expected.\n");
1094 memcpy(complex_data[1].pvBuffer, crypt_message_server2, complex_data[1].cbBuffer);
1095 memcpy(complex_data[3].pvBuffer, crypt_trailer_server2, complex_data[3].cbBuffer);
1097 sec_status = pDecryptMessage(client.ctxt, &crypt, 0, &qop);
1098 ok(sec_status == SEC_E_OK, "DecryptMessage returned %s, not SEC_E_OK.\n",
1099 getSecError(sec_status));
1103 cleanupBuffers(&client);
1104 cleanupBuffers(&server);
1106 pDeleteSecurityContext(client.ctxt);
1107 pFreeCredentialsHandle(client.cred);
1109 HeapFree(GetProcessHeap(), 0, fake_data[0].pvBuffer);
1110 HeapFree(GetProcessHeap(), 0, fake_data[1].pvBuffer);
1111 HeapFree(GetProcessHeap(), 0, data[0].pvBuffer);
1112 HeapFree(GetProcessHeap(), 0, data[1].pvBuffer);
1113 HeapFree(GetProcessHeap(), 0, complex_data[1].pvBuffer);
1114 HeapFree(GetProcessHeap(), 0, complex_data[3].pvBuffer);
1118 trace("Package not installed, skipping test.\n");
1126 if(pFreeCredentialsHandle && pDeleteSecurityContext &&
1127 pDeleteSecurityContext && pAcquireCredentialsHandleA &&
1128 pInitializeSecurityContextA && pCompleteAuthToken &&
1129 pQuerySecurityPackageInfoA)
1131 testInitializeSecurityContextFlags();
1132 if(pAcceptSecurityContext)
1134 testAuth(SECURITY_NATIVE_DREP, TRUE);
1135 testAuth(SECURITY_NETWORK_DREP, TRUE);
1136 testAuth(SECURITY_NATIVE_DREP, FALSE);
1137 testAuth(SECURITY_NETWORK_DREP, FALSE);
1139 if(pMakeSignature && pVerifySignature && pEncryptMessage &&
1145 FreeLibrary(secdll);
projects / wine / blob