c516a025c32431976f4e1979430038a86450450d
[gd/samba-autobuild/.git] / source4 / torture / rpc / backupkey_heimdal.c
1 /*
2    Unix SMB/CIFS implementation.
3    test suite for backupkey remote protocol rpc operations
4
5    Copyright (C) Matthieu Patou 2010-2011
6
7    This program is free software; you can redistribute it and/or modify
8    it under the terms of the GNU General Public License as published by
9    the Free Software Foundation; either version 3 of the License, or
10    (at your option) any later version.
11
12    This program is distributed in the hope that it will be useful,
13    but WITHOUT ANY WARRANTY; without even the implied warranty of
14    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15    GNU General Public License for more details.
16
17    You should have received a copy of the GNU General Public License
18    along with this program.  If not, see <http://www.gnu.org/licenses/>.
19 */
20
21 #include "includes.h"
22 #include "../libcli/security/security.h"
23
24 #include "torture/rpc/torture_rpc.h"
25 #include "torture/ndr/ndr.h"
26
27 #include "librpc/gen_ndr/ndr_backupkey_c.h"
28 #include "librpc/gen_ndr/ndr_backupkey.h"
29 #include "librpc/gen_ndr/ndr_lsa_c.h"
30 #include "librpc/gen_ndr/ndr_security.h"
31 #include "lib/cmdline/popt_common.h"
32 #include "libcli/auth/proto.h"
33 #include "lib/crypto/arcfour.h"
34 #include <com_err.h>
35 #include <hcrypto/sha.h>
36 #include <system/network.h>
37 #include <hx509.h>
38 #include <der.h>
39 #include <hcrypto/rsa.h>
40 #include <hcrypto/hmac.h>
41 #include <hcrypto/sha.h>
42 #include <hcrypto/evp.h>
43
44 enum test_wrong {
45         WRONG_MAGIC,
46         WRONG_R2,
47         WRONG_PAYLOAD_LENGTH,
48         WRONG_CIPHERTEXT_LENGTH,
49         SHORT_PAYLOAD_LENGTH,
50         SHORT_CIPHERTEXT_LENGTH,
51         ZERO_PAYLOAD_LENGTH,
52         ZERO_CIPHERTEXT_LENGTH,
53         RIGHT_KEY,
54         WRONG_KEY,
55         WRONG_SID,
56 };
57
58 /* Our very special and valued secret */
59 /* No need to put const as we cast the array in uint8_t
60  * we will get a warning about the discared const
61  */
62 static const char secret[] = "tata yoyo mais qu'est ce qu'il y a sous ton grand chapeau ?";
63
64 /* Get the SID from a user */
65 static struct dom_sid *get_user_sid(struct torture_context *tctx,
66                                     TALLOC_CTX *mem_ctx,
67                                     const char *user)
68 {
69         struct lsa_ObjectAttribute attr;
70         struct lsa_QosInfo qos;
71         struct lsa_OpenPolicy2 r;
72         struct lsa_Close c;
73         NTSTATUS status;
74         struct policy_handle handle;
75         struct lsa_LookupNames l;
76         struct lsa_TransSidArray sids;
77         struct lsa_RefDomainList *domains = NULL;
78         struct lsa_String lsa_name;
79         uint32_t count = 0;
80         struct dom_sid *result;
81         TALLOC_CTX *tmp_ctx;
82         struct dcerpc_pipe *p2;
83         struct dcerpc_binding_handle *b;
84
85         const char *domain = cli_credentials_get_domain(cmdline_credentials);
86
87         torture_assert_ntstatus_ok(tctx,
88                                 torture_rpc_connection(tctx, &p2, &ndr_table_lsarpc),
89                                 "could not open lsarpc pipe");
90         b = p2->binding_handle;
91
92         if (!(tmp_ctx = talloc_new(mem_ctx))) {
93                 return NULL;
94         }
95         qos.len = 0;
96         qos.impersonation_level = 2;
97         qos.context_mode = 1;
98         qos.effective_only = 0;
99
100         attr.len = 0;
101         attr.root_dir = NULL;
102         attr.object_name = NULL;
103         attr.attributes = 0;
104         attr.sec_desc = NULL;
105         attr.sec_qos = &qos;
106
107         r.in.system_name = "\\";
108         r.in.attr = &attr;
109         r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
110         r.out.handle = &handle;
111
112         status = dcerpc_lsa_OpenPolicy2_r(b, tmp_ctx, &r);
113         if (!NT_STATUS_IS_OK(status)) {
114                 torture_comment(tctx,
115                                 "OpenPolicy2 failed - %s\n",
116                                 nt_errstr(status));
117                 talloc_free(tmp_ctx);
118                 return NULL;
119         }
120         if (!NT_STATUS_IS_OK(r.out.result)) {
121                 torture_comment(tctx,
122                                 "OpenPolicy2_ failed - %s\n",
123                                 nt_errstr(r.out.result));
124                 talloc_free(tmp_ctx);
125                 return NULL;
126         }
127
128         sids.count = 0;
129         sids.sids = NULL;
130
131         lsa_name.string = talloc_asprintf(tmp_ctx, "%s\\%s", domain, user);
132
133         l.in.handle = &handle;
134         l.in.num_names = 1;
135         l.in.names = &lsa_name;
136         l.in.sids = &sids;
137         l.in.level = 1;
138         l.in.count = &count;
139         l.out.count = &count;
140         l.out.sids = &sids;
141         l.out.domains = &domains;
142
143         status = dcerpc_lsa_LookupNames_r(b, tmp_ctx, &l);
144         if (!NT_STATUS_IS_OK(status)) {
145                 torture_comment(tctx,
146                                 "LookupNames of %s failed - %s\n",
147                                 lsa_name.string,
148                                 nt_errstr(status));
149                 talloc_free(tmp_ctx);
150                 return NULL;
151         }
152
153         if (domains->count == 0) {
154                 return NULL;
155         }
156
157         result = dom_sid_add_rid(mem_ctx,
158                                  domains->domains[0].sid,
159                                  l.out.sids->sids[0].rid);
160         c.in.handle = &handle;
161         c.out.handle = &handle;
162
163         status = dcerpc_lsa_Close_r(b, tmp_ctx, &c);
164
165         if (!NT_STATUS_IS_OK(status)) {
166                 torture_comment(tctx,
167                                 "dcerpc_lsa_Close failed - %s\n",
168                                 nt_errstr(status));
169                 talloc_free(tmp_ctx);
170                 return NULL;
171         }
172
173         if (!NT_STATUS_IS_OK(c.out.result)) {
174                 torture_comment(tctx,
175                                 "dcerpc_lsa_Close failed - %s\n",
176                                 nt_errstr(c.out.result));
177                 talloc_free(tmp_ctx);
178                 return NULL;
179         }
180
181         talloc_free(tmp_ctx);
182         talloc_free(p2);
183
184         torture_comment(tctx, "Get_user_sid finished\n");
185         return result;
186 }
187
188 /*
189  * Create a bkrp_encrypted_secret_vX structure
190  * the version depends on the version parameter
191  * the structure is returned as a blob.
192  * The broken flag is to indicate if we want
193  * to create a non conform to specification structre
194  */
195 static DATA_BLOB *create_unencryptedsecret(TALLOC_CTX *mem_ctx,
196                                            bool broken,
197                                            int version)
198 {
199         TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
200         DATA_BLOB *blob = talloc_zero(mem_ctx, DATA_BLOB);
201         enum ndr_err_code ndr_err;
202
203         if (version == 2) {
204                 struct bkrp_encrypted_secret_v2 unenc_sec;
205
206                 ZERO_STRUCT(unenc_sec);
207                 unenc_sec.secret_len = sizeof(secret);
208                 unenc_sec.secret = discard_const_p(uint8_t, secret);
209                 generate_random_buffer(unenc_sec.payload_key,
210                                        sizeof(unenc_sec.payload_key));
211
212                 ndr_err = ndr_push_struct_blob(blob, blob, &unenc_sec,
213                                 (ndr_push_flags_fn_t)ndr_push_bkrp_encrypted_secret_v2);
214                 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
215                         return NULL;
216                 }
217
218                 if (broken) {
219                         /* The magic value is correctly set by the NDR push
220                          * but we want to test the behavior of the server
221                          * if a differrent value is provided
222                          */
223                         ((uint8_t*)blob->data)[4] = 79; /* A great year !!! */
224                 }
225         }
226
227         if (version == 3) {
228                 struct bkrp_encrypted_secret_v3 unenc_sec;
229
230                 ZERO_STRUCT(unenc_sec);
231                 unenc_sec.secret_len = sizeof(secret);
232                 unenc_sec.secret = discard_const_p(uint8_t, secret);
233                 generate_random_buffer(unenc_sec.payload_key,
234                                        sizeof(unenc_sec.payload_key));
235
236                 ndr_err = ndr_push_struct_blob(blob, blob, &unenc_sec,
237                                         (ndr_push_flags_fn_t)ndr_push_bkrp_encrypted_secret_v3);
238                 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
239                         return NULL;
240                 }
241
242                 if (broken) {
243                         /*
244                          * The magic value is correctly set by the NDR push
245                          * but we want to test the behavior of the server
246                          * if a differrent value is provided
247                          */
248                         ((uint8_t*)blob->data)[4] = 79; /* A great year !!! */
249                 }
250         }
251         talloc_free(tmp_ctx);
252         return blob;
253 }
254
255 /*
256  * Create an access check structure, the format depends on the version parameter.
257  * If broken is specified then we create a stucture that isn't conform to the
258  * specification.
259  *
260  * If the structure can't be created then NULL is returned.
261  */
262 static DATA_BLOB *create_access_check(struct torture_context *tctx,
263                                       struct dcerpc_pipe *p,
264                                       TALLOC_CTX *mem_ctx,
265                                       const char *user,
266                                       bool broken,
267                                       uint32_t version)
268 {
269         TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
270         DATA_BLOB *blob = talloc_zero(mem_ctx, DATA_BLOB);
271         enum ndr_err_code ndr_err;
272         const struct dom_sid *sid = get_user_sid(tctx, tmp_ctx, user);
273
274         if (sid == NULL) {
275                 return NULL;
276         }
277
278         if (version == 2) {
279                 struct bkrp_access_check_v2 access_struct;
280                 struct sha sctx;
281                 uint8_t nonce[32];
282
283                 ZERO_STRUCT(access_struct);
284                 generate_random_buffer(nonce, sizeof(nonce));
285                 access_struct.nonce_len = sizeof(nonce);
286                 access_struct.nonce = nonce;
287                 access_struct.sid = *sid;
288
289                 ndr_err = ndr_push_struct_blob(blob, blob, &access_struct,
290                                 (ndr_push_flags_fn_t)ndr_push_bkrp_access_check_v2);
291                 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
292                         return NULL;
293                 }
294
295                 /*
296                  * We pushed the whole structure including a null hash
297                  * but the hash need to be calculated only up to the hash field
298                  * so we reduce the size of what has to be calculated
299                  */
300
301                 SHA1_Init(&sctx);
302                 SHA1_Update(&sctx, blob->data,
303                             blob->length - sizeof(access_struct.hash));
304                 SHA1_Final(blob->data + blob->length - sizeof(access_struct.hash),
305                            &sctx);
306
307                 /* Altering the SHA */
308                 if (broken) {
309                         blob->data[blob->length - 1]++;
310                 }
311         }
312
313         if (version == 3) {
314                 struct bkrp_access_check_v3 access_struct;
315                 struct hc_sha512state sctx;
316                 uint8_t nonce[32];
317
318                 ZERO_STRUCT(access_struct);
319                 generate_random_buffer(nonce, sizeof(nonce));
320                 access_struct.nonce_len = sizeof(nonce);
321                 access_struct.nonce = nonce;
322                 access_struct.sid = *sid;
323
324                 ndr_err = ndr_push_struct_blob(blob, blob, &access_struct,
325                                 (ndr_push_flags_fn_t)ndr_push_bkrp_access_check_v3);
326                 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
327                         return NULL;
328                 }
329
330                 /*We pushed the whole structure including a null hash
331                 * but the hash need to be calculated only up to the hash field
332                 * so we reduce the size of what has to be calculated
333                 */
334
335                 SHA512_Init(&sctx);
336                 SHA512_Update(&sctx, blob->data,
337                               blob->length - sizeof(access_struct.hash));
338                 SHA512_Final(blob->data + blob->length - sizeof(access_struct.hash),
339                              &sctx);
340
341                 /* Altering the SHA */
342                 if (broken) {
343                         blob->data[blob->length -1]++;
344                 }
345         }
346         talloc_free(tmp_ctx);
347         return blob;
348 }
349
350
351 static DATA_BLOB *encrypt_blob(struct torture_context *tctx,
352                                     TALLOC_CTX *mem_ctx,
353                                     DATA_BLOB *key,
354                                     DATA_BLOB *iv,
355                                     DATA_BLOB *to_encrypt,
356                                     const AlgorithmIdentifier *alg)
357 {
358         hx509_crypto crypto;
359         hx509_context hctx;
360         heim_octet_string ivos;
361         heim_octet_string *encrypted;
362         DATA_BLOB *blob = talloc_zero(mem_ctx, DATA_BLOB);
363         int res;
364
365         ivos.data = talloc_array(mem_ctx, uint8_t, iv->length);
366         ivos.length = iv->length;
367         memcpy(ivos.data, iv->data, iv->length);
368
369         hx509_context_init(&hctx);
370         res = hx509_crypto_init(hctx, NULL, &alg->algorithm, &crypto);
371         if (res) {
372                 torture_comment(tctx,
373                                 "error while doing the init of the crypto object\n");
374                 hx509_context_free(&hctx);
375                 return NULL;
376         }
377         res = hx509_crypto_set_key_data(crypto, key->data, key->length);
378         if (res) {
379                 torture_comment(tctx,
380                                 "error while setting the key of the crypto object\n");
381                 hx509_context_free(&hctx);
382                 return NULL;
383         }
384
385         hx509_crypto_set_padding(crypto, HX509_CRYPTO_PADDING_NONE);
386         res = hx509_crypto_encrypt(crypto,
387                                    to_encrypt->data,
388                                    to_encrypt->length,
389                                    &ivos,
390                                    &encrypted);
391         if (res) {
392                 torture_comment(tctx, "error while encrypting\n");
393                 hx509_crypto_destroy(crypto);
394                 hx509_context_free(&hctx);
395                 return NULL;
396         }
397
398         *blob = data_blob_talloc(blob, encrypted->data, encrypted->length);
399         der_free_octet_string(encrypted);
400         free(encrypted);
401         hx509_crypto_destroy(crypto);
402         hx509_context_free(&hctx);
403         return blob;
404 }
405
406 /*
407  * Certs used for this protocol have a GUID in the issuer_uniq_id field.
408  * This function fetch it.
409  */
410 static struct GUID *get_cert_guid(struct torture_context *tctx,
411                                   TALLOC_CTX *mem_ctx,
412                                   uint8_t *cert_data,
413                                   uint32_t cert_len)
414 {
415         hx509_context hctx;
416         hx509_cert cert;
417         heim_bit_string issuer_unique_id;
418         DATA_BLOB data;
419         int hret;
420         uint32_t size;
421         struct GUID *guid = talloc_zero(mem_ctx, struct GUID);
422         NTSTATUS status;
423
424         hx509_context_init(&hctx);
425
426         hret = hx509_cert_init_data(hctx, cert_data, cert_len, &cert);
427         if (hret) {
428                 torture_comment(tctx, "error while loading the cert\n");
429                 hx509_context_free(&hctx);
430                 return NULL;
431         }
432         hret = hx509_cert_get_issuer_unique_id(hctx, cert, &issuer_unique_id);
433         if (hret) {
434                 torture_comment(tctx, "error while getting the issuer_uniq_id\n");
435                 hx509_cert_free(cert);
436                 hx509_context_free(&hctx);
437                 return NULL;
438         }
439
440         /* The issuer_unique_id is a bit string,
441          * which means that the real size has to be divided by 8
442          * to have the number of bytes
443          */
444         hx509_cert_free(cert);
445         hx509_context_free(&hctx);
446         size = issuer_unique_id.length / 8;
447         data = data_blob_const(issuer_unique_id.data, size);
448
449         status = GUID_from_data_blob(&data, guid);
450         der_free_bit_string(&issuer_unique_id);
451         if (!NT_STATUS_IS_OK(status)) {
452                 return NULL;
453         }
454
455         return guid;
456 }
457
458 /*
459  * Encrypt a blob with the private key of the certificate
460  * passed as a parameter.
461  */
462 static DATA_BLOB *encrypt_blob_pk(struct torture_context *tctx,
463                                   TALLOC_CTX *mem_ctx,
464                                   uint8_t *cert_data,
465                                   uint32_t cert_len,
466                                   DATA_BLOB *to_encrypt)
467 {
468         hx509_context hctx;
469         hx509_cert cert;
470         heim_octet_string secretdata;
471         heim_octet_string encrypted;
472         heim_oid encryption_oid;
473         DATA_BLOB *blob;
474         int hret;
475
476         hx509_context_init(&hctx);
477
478         hret = hx509_cert_init_data(hctx, cert_data, cert_len, &cert);
479         if (hret) {
480                 torture_comment(tctx, "error while loading the cert\n");
481                 hx509_context_free(&hctx);
482                 return NULL;
483         }
484
485         secretdata.data = to_encrypt->data;
486         secretdata.length = to_encrypt->length;
487         hret = hx509_cert_public_encrypt(hctx, &secretdata,
488                                           cert, &encryption_oid,
489                                           &encrypted);
490         hx509_cert_free(cert);
491         hx509_context_free(&hctx);
492         if (hret) {
493                 torture_comment(tctx, "error while encrypting\n");
494                 return NULL;
495         }
496
497         blob = talloc_zero(mem_ctx, DATA_BLOB);
498         if (blob == NULL) {
499                 der_free_oid(&encryption_oid);
500                 der_free_octet_string(&encrypted);
501                 return NULL;
502         }
503
504         *blob = data_blob_talloc(blob, encrypted.data, encrypted.length);
505         der_free_octet_string(&encrypted);
506         der_free_oid(&encryption_oid);
507         if (blob->data == NULL) {
508                 return NULL;
509         }
510
511         return blob;
512 }
513
514
515 static struct bkrp_BackupKey *createRetrieveBackupKeyGUIDStruct(struct torture_context *tctx,
516                                 struct dcerpc_pipe *p, int version, DATA_BLOB *out)
517 {
518         struct dcerpc_binding *binding;
519         struct bkrp_client_side_wrapped data;
520         struct GUID *g = talloc(tctx, struct GUID);
521         struct bkrp_BackupKey *r = talloc_zero(tctx, struct bkrp_BackupKey);
522         enum ndr_err_code ndr_err;
523         DATA_BLOB blob;
524         NTSTATUS status;
525
526         if (r == NULL) {
527                 return NULL;
528         }
529
530         binding = dcerpc_binding_dup(tctx, p->binding);
531         if (binding == NULL) {
532                 return NULL;
533         }
534
535         status = dcerpc_binding_set_flags(binding, DCERPC_SEAL|DCERPC_AUTH_SPNEGO, 0);
536         if (!NT_STATUS_IS_OK(status)) {
537                 return NULL;
538         }
539
540         ZERO_STRUCT(data);
541         status = GUID_from_string(BACKUPKEY_RETRIEVE_BACKUP_KEY_GUID, g);
542         if (!NT_STATUS_IS_OK(status)) {
543                 return NULL;
544         }
545
546         r->in.guidActionAgent = g;
547         data.version = version;
548         ndr_err = ndr_push_struct_blob(&blob, tctx, &data,
549                         (ndr_push_flags_fn_t)ndr_push_bkrp_client_side_wrapped);
550         if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
551                 return NULL;
552         }
553         r->in.data_in = blob.data;
554         r->in.data_in_len = blob.length;
555         r->out.data_out = &out->data;
556         r->out.data_out_len = talloc(r, uint32_t);
557         return r;
558 }
559
560 static struct bkrp_BackupKey *createRestoreGUIDStruct(struct torture_context *tctx,
561                                 struct dcerpc_pipe *p, int version, DATA_BLOB *out,
562                                 bool norevert,
563                                 bool broken_version,
564                                 bool broken_user,
565                                 bool broken_magic_secret,
566                                 bool broken_magic_access,
567                                 bool broken_hash_access,
568                                 bool broken_cert_guid)
569 {
570         struct dcerpc_binding_handle *b = p->binding_handle;
571         struct bkrp_client_side_wrapped data;
572         DATA_BLOB *xs;
573         DATA_BLOB *sec;
574         DATA_BLOB *enc_sec = NULL;
575         DATA_BLOB *enc_xs = NULL;
576         DATA_BLOB *blob2;
577         DATA_BLOB enc_sec_reverted;
578         DATA_BLOB des3_key;
579         DATA_BLOB aes_key;
580         DATA_BLOB iv;
581         DATA_BLOB out_blob;
582         struct GUID *guid, *g;
583         int t;
584         uint32_t size;
585         enum ndr_err_code ndr_err;
586         NTSTATUS status;
587         const char *user;
588         struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, version, &out_blob);
589         if (r == NULL) {
590                 return NULL;
591         }
592
593         if (broken_user) {
594                 /* we take a fake user*/
595                 user = "guest";
596         } else {
597                 user = cli_credentials_get_username(cmdline_credentials);
598         }
599
600
601         torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r),
602                                         "Get GUID");
603         torture_assert_werr_ok(tctx, r->out.result,
604                                "Get GUID");
605
606         /*
607          * We have to set it outside of the function createRetrieveBackupKeyGUIDStruct
608          * the len of the blob, this is due to the fact that they don't have the
609          * same size (one is 32bits the other 64bits)
610          */
611         out_blob.length = *r->out.data_out_len;
612
613         sec = create_unencryptedsecret(tctx, broken_magic_secret, version);
614         if (sec == NULL) {
615                 return NULL;
616         }
617
618         xs = create_access_check(tctx, p, tctx, user, broken_hash_access, version);
619         if (xs == NULL) {
620                 return NULL;
621         }
622
623         if (broken_magic_access){
624                 /* The start of the access_check structure contains the
625                  * GUID of the certificate
626                  */
627                 xs->data[0]++;
628         }
629
630         enc_sec = encrypt_blob_pk(tctx, tctx, out_blob.data, out_blob.length, sec);
631         if (!enc_sec) {
632                 return NULL;
633         }
634         enc_sec_reverted.data = talloc_array(tctx, uint8_t, enc_sec->length);
635         if (enc_sec_reverted.data == NULL) {
636                 return NULL;
637         }
638         enc_sec_reverted.length = enc_sec->length;
639
640         /*
641         * We DO NOT revert the array on purpose it's in order to check that
642         * when the server is not able to decrypt then it answer the correct error
643         */
644         if (norevert) {
645                 for(t=0; t< enc_sec->length; t++) {
646                         enc_sec_reverted.data[t] = ((uint8_t*)enc_sec->data)[t];
647                 }
648         } else {
649                 for(t=0; t< enc_sec->length; t++) {
650                         enc_sec_reverted.data[t] = ((uint8_t*)enc_sec->data)[enc_sec->length - t -1];
651                 }
652         }
653
654         size = sec->length;
655         if (version ==2) {
656                 const AlgorithmIdentifier *alg = hx509_crypto_des_rsdi_ede3_cbc();
657                 iv.data = sec->data+(size - 8);
658                 iv.length = 8;
659
660                 des3_key.data = sec->data+(size - 32);
661                 des3_key.length = 24;
662
663                 enc_xs = encrypt_blob(tctx, tctx, &des3_key, &iv, xs, alg);
664         }
665         if (version == 3) {
666                 const AlgorithmIdentifier *alg = hx509_crypto_aes256_cbc();
667                 iv.data = sec->data+(size-16);
668                 iv.length = 16;
669
670                 aes_key.data = sec->data+(size-48);
671                 aes_key.length = 32;
672
673                 enc_xs = encrypt_blob(tctx, tctx, &aes_key, &iv, xs, alg);
674         }
675
676         if (!enc_xs) {
677                 return NULL;
678         }
679
680         /* To cope with the fact that heimdal do padding at the end for the moment */
681         enc_xs->length = xs->length;
682
683         guid = get_cert_guid(tctx, tctx, out_blob.data, out_blob.length);
684         if (guid == NULL) {
685                 return NULL;
686         }
687
688         if (broken_version) {
689                 data.version = 1;
690         } else {
691                 data.version = version;
692         }
693
694         data.guid = *guid;
695         data.encrypted_secret = enc_sec_reverted.data;
696         data.access_check = enc_xs->data;
697         data.encrypted_secret_len = enc_sec->length;
698         data.access_check_len = enc_xs->length;
699
700         /* We want the blob to persist after this function so we don't
701          * allocate it in the stack
702          */
703         blob2 = talloc(tctx, DATA_BLOB);
704         if (blob2 == NULL) {
705                 return NULL;
706         }
707
708         ndr_err = ndr_push_struct_blob(blob2, tctx, &data,
709                         (ndr_push_flags_fn_t)ndr_push_bkrp_client_side_wrapped);
710         if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
711                 return NULL;
712         }
713
714         if (broken_cert_guid) {
715                 blob2->data[12]++;
716         }
717
718         ZERO_STRUCT(*r);
719
720         g = talloc(tctx, struct GUID);
721         if (g == NULL) {
722                 return NULL;
723         }
724
725         status = GUID_from_string(BACKUPKEY_RESTORE_GUID, g);
726         if (!NT_STATUS_IS_OK(status)) {
727                 return NULL;
728         }
729
730         r->in.guidActionAgent = g;
731         r->in.data_in = blob2->data;
732         r->in.data_in_len = blob2->length;
733         r->in.param = 0;
734         r->out.data_out = &(out->data);
735         r->out.data_out_len = talloc(r, uint32_t);
736         return r;
737 }
738
739 /* Check that we are able to receive the certificate of the DCs
740  * used for client wrap version of the backup key protocol
741  */
742 static bool test_RetrieveBackupKeyGUID(struct torture_context *tctx,
743                                         struct dcerpc_pipe *p)
744 {
745         struct dcerpc_binding_handle *b = p->binding_handle;
746         DATA_BLOB out_blob;
747         struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob);
748         enum dcerpc_AuthType auth_type;
749         enum dcerpc_AuthLevel auth_level;
750
751         if (r == NULL) {
752                 return false;
753         }
754
755         dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level);
756
757         if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
758                 torture_assert_ntstatus_ok(tctx,
759                                 dcerpc_bkrp_BackupKey_r(b, tctx, r),
760                                 "Get GUID");
761
762                 out_blob.length = *r->out.data_out_len;
763                 torture_assert_werr_equal(tctx,
764                                                 r->out.result,
765                                                 WERR_OK,
766                                                 "Wrong dce/rpc error code");
767         } else {
768                 torture_assert_ntstatus_equal(tctx,
769                                                 dcerpc_bkrp_BackupKey_r(b, tctx, r),
770                                                 NT_STATUS_ACCESS_DENIED,
771                                                 "Get GUID");
772         }
773         return true;
774 }
775
776 /* Test to check the failure to recover a secret because the
777  * secret blob is not reversed
778  */
779 static bool test_RestoreGUID_ko(struct torture_context *tctx,
780                                 struct dcerpc_pipe *p)
781 {
782         enum ndr_err_code ndr_err;
783         struct dcerpc_binding_handle *b = p->binding_handle;
784         DATA_BLOB out_blob;
785         struct bkrp_client_side_unwrapped resp;
786         enum dcerpc_AuthType auth_type;
787         enum dcerpc_AuthLevel auth_level;
788
789         dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level);
790
791         if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
792                 struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 2, &out_blob,
793                                         true, false, false, false, false, false, false);
794                 torture_assert(tctx, r != NULL, "createRestoreGUIDStruct failed");
795                 torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID");
796                 out_blob.length = *r->out.data_out_len;
797                 ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped);
798                 torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 0, "Unable to unmarshall bkrp_client_side_unwrapped");
799                 if (!W_ERROR_EQUAL(r->out.result, WERR_INVALID_PARAMETER)) {
800                         torture_assert_werr_equal(tctx, r->out.result,
801                                                   WERR_INVALID_DATA,
802                                                   "Wrong error code");
803                 }
804         } else {
805                 struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob);
806                 torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r),
807                         NT_STATUS_ACCESS_DENIED, "Get GUID");
808         }
809         return true;
810 }
811
812 static bool test_RestoreGUID_wrongversion(struct torture_context *tctx,
813                                           struct dcerpc_pipe *p)
814 {
815         enum ndr_err_code ndr_err;
816         struct dcerpc_binding_handle *b = p->binding_handle;
817         DATA_BLOB out_blob;
818         struct bkrp_client_side_unwrapped resp;
819         enum dcerpc_AuthType auth_type;
820         enum dcerpc_AuthLevel auth_level;
821
822         dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level);
823
824         if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
825                 struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 2, &out_blob,
826                                         false, true, false, false, false, false, false);
827                 torture_assert(tctx, r != NULL, "createRestoreGUIDStruct failed");
828                 torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID");
829                 out_blob.length = *r->out.data_out_len;
830                 ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped);
831                 torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 0, "Unable to unmarshall bkrp_client_side_unwrapped");
832                 torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_PARAMETER, "Wrong error code on wrong version");
833         } else {
834                 struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob);
835                 torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r),
836                         NT_STATUS_ACCESS_DENIED, "Get GUID");
837         }
838         return true;
839 }
840
841 static bool test_RestoreGUID_wronguser(struct torture_context *tctx,
842                                        struct dcerpc_pipe *p)
843 {
844         enum ndr_err_code ndr_err;
845         struct dcerpc_binding_handle *b = p->binding_handle;
846         DATA_BLOB out_blob;
847         struct bkrp_client_side_unwrapped resp;
848         enum dcerpc_AuthType auth_type;
849         enum dcerpc_AuthLevel auth_level;
850
851         dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level);
852
853         if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
854                 struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 2, &out_blob,
855                                         false, false, true, false, false, false, false);
856                 torture_assert(tctx, r != NULL, "createRestoreGUIDStruct failed");
857                 torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID");
858                 out_blob.length = *r->out.data_out_len;
859                 ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped);
860                 torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 0, "Unable to unmarshall bkrp_client_side_unwrapped");
861                 torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_ACCESS, "Restore GUID");
862         } else {
863                 struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob);
864                 torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r),
865                         NT_STATUS_ACCESS_DENIED, "Get GUID");
866         }
867         return true;
868 }
869
870 static bool test_RestoreGUID_v3(struct torture_context *tctx,
871                                 struct dcerpc_pipe *p)
872 {
873         enum ndr_err_code ndr_err;
874         struct dcerpc_binding_handle *b = p->binding_handle;
875         DATA_BLOB out_blob;
876         struct bkrp_client_side_unwrapped resp;
877         enum dcerpc_AuthType auth_type;
878         enum dcerpc_AuthLevel auth_level;
879
880         dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level);
881
882         if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
883                 struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 3, &out_blob,
884                                         false, false, false, false, false, false, false);
885                 torture_assert(tctx, r != NULL, "createRestoreGUIDStruct failed");
886                 torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID");
887                 out_blob.length = *r->out.data_out_len;
888                 ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped);
889                 torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 1, "Unable to unmarshall bkrp_client_side_unwrapped");
890                 torture_assert_werr_equal(tctx, r->out.result, WERR_OK, "Restore GUID");
891                 torture_assert_str_equal(tctx, (char*)resp.secret.data, secret, "Wrong secret");
892         } else {
893                 struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob);
894                 torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r),
895                         NT_STATUS_ACCESS_DENIED, "Get GUID");
896         }
897         return true;
898 }
899
900 static bool test_RestoreGUID(struct torture_context *tctx,
901                              struct dcerpc_pipe *p)
902 {
903         struct dcerpc_binding_handle *b = p->binding_handle;
904         DATA_BLOB out_blob;
905         struct bkrp_client_side_unwrapped resp;
906         enum dcerpc_AuthType auth_type;
907         enum dcerpc_AuthLevel auth_level;
908
909         dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level);
910
911         if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
912                 struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 2, &out_blob,
913                                         false, false, false, false, false, false, false);
914                 torture_assert(tctx, r != NULL, "createRestoreGUIDStruct failed");
915                 torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID");
916                 out_blob.length = *r->out.data_out_len;
917                 torture_assert_werr_equal(tctx, r->out.result, WERR_OK, "Restore GUID");
918                 torture_assert_ndr_err_equal(tctx,
919                                              ndr_pull_struct_blob(&out_blob, tctx, &resp,
920                                                                 (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped),
921                                              NDR_ERR_SUCCESS,
922                                              "Unable to unmarshall bkrp_client_side_unwrapped");
923                 torture_assert_str_equal(tctx, (char*)resp.secret.data, secret, "Wrong secret");
924         } else {
925                 struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob);
926                 torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r),
927                         NT_STATUS_ACCESS_DENIED, "Get GUID");
928         }
929         return true;
930 }
931
932 static bool test_RestoreGUID_badmagiconsecret(struct torture_context *tctx,
933                                               struct dcerpc_pipe *p)
934 {
935         enum ndr_err_code ndr_err;
936         struct dcerpc_binding_handle *b = p->binding_handle;
937         DATA_BLOB out_blob;
938         struct bkrp_client_side_unwrapped resp;
939         enum dcerpc_AuthType auth_type;
940         enum dcerpc_AuthLevel auth_level;
941
942         dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level);
943
944         if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
945                 struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 3, &out_blob,
946                                         false, false, false, true, false, false, false);
947                 torture_assert(tctx, r != NULL, "createRestoreGUIDStruct failed");
948                 torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID");
949                 out_blob.length = *r->out.data_out_len;
950                 ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped);
951                 torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 0, "Unable to unmarshall bkrp_client_side_unwrapped");
952                 torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_DATA, "Wrong error code while providing bad magic in secret");
953         } else {
954                 struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob);
955                 torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r),
956                         NT_STATUS_ACCESS_DENIED, "Get GUID");
957         }
958         return true;
959 }
960
961 static bool test_RestoreGUID_emptyrequest(struct torture_context *tctx,
962                                           struct dcerpc_pipe *p)
963 {
964         struct dcerpc_binding_handle *b = p->binding_handle;
965         DATA_BLOB out_blob;
966         enum dcerpc_AuthType auth_type;
967         enum dcerpc_AuthLevel auth_level;
968
969         dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level);
970
971         if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
972                 struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 3, &out_blob,
973                                         false, false, false, true, false, false, true);
974
975                 torture_assert(tctx, r != NULL, "createRestoreGUIDStruct failed");
976                 r->in.data_in = talloc(tctx, uint8_t);
977                 r->in.data_in_len = 0;
978                 r->in.param = 0;
979                 torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID");
980                 out_blob.length = *r->out.data_out_len;
981                 torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_PARAMETER, "Bad error code on wrong has in access check");
982         } else {
983                 struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob);
984                 torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r),
985                         NT_STATUS_ACCESS_DENIED, "Get GUID");
986         }
987         return true;
988 }
989
990 static bool test_RestoreGUID_badcertguid(struct torture_context *tctx,
991                                          struct dcerpc_pipe *p)
992 {
993         enum ndr_err_code ndr_err;
994         struct dcerpc_binding_handle *b = p->binding_handle;
995         DATA_BLOB out_blob;
996         struct bkrp_client_side_unwrapped resp;
997         enum dcerpc_AuthType auth_type;
998         enum dcerpc_AuthLevel auth_level;
999
1000         dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level);
1001
1002         if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
1003                 struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 3, &out_blob,
1004                                         false, false, false, false, false, false, true);
1005                 torture_assert(tctx, r != NULL, "createRestoreGUIDStruct() failed");
1006                 torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID");
1007                 out_blob.length = *r->out.data_out_len;
1008                 ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped);
1009                 torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 0, "Unable to unmarshall bkrp_client_side_unwrapped");
1010
1011                 /*
1012                  * Windows 2012R2 has, presumably, a programming error
1013                  * returning an NTSTATUS code on this interface
1014                  */
1015                 if (W_ERROR_V(r->out.result) != NT_STATUS_V(NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
1016                         torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_DATA, "Bad error code on wrong has in access check");
1017                 }
1018         } else {
1019                 struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob);
1020                 torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r),
1021                         NT_STATUS_ACCESS_DENIED, "Get GUID");
1022         }
1023         return true;
1024 }
1025
1026 static bool test_RestoreGUID_badmagicaccesscheck(struct torture_context *tctx,
1027                                                  struct dcerpc_pipe *p)
1028 {
1029         enum ndr_err_code ndr_err;
1030         struct dcerpc_binding_handle *b = p->binding_handle;
1031         DATA_BLOB out_blob;
1032         struct bkrp_client_side_unwrapped resp;
1033         enum dcerpc_AuthType auth_type;
1034         enum dcerpc_AuthLevel auth_level;
1035
1036         dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level);
1037
1038         if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
1039                 struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 2, &out_blob,
1040                                         false, false, false, false, true, false, false);
1041                 torture_assert(tctx, r != NULL, "createRestoreGUIDStruct failed");
1042                 torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID");
1043                 out_blob.length = *r->out.data_out_len;
1044                 ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped);
1045                 torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 0, "Unable to unmarshall bkrp_client_side_unwrapped");
1046                 torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_DATA, "Bad error code on wrong has in access check");
1047         } else {
1048                 struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob);
1049                 torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r),
1050                         NT_STATUS_ACCESS_DENIED, "Get GUID");
1051         }
1052         return true;
1053 }
1054
1055 static bool test_RestoreGUID_badhashaccesscheck(struct torture_context *tctx,
1056                                                 struct dcerpc_pipe *p)
1057 {
1058         enum ndr_err_code ndr_err;
1059         struct dcerpc_binding_handle *b = p->binding_handle;
1060         DATA_BLOB out_blob;
1061         struct bkrp_client_side_unwrapped resp;
1062         enum dcerpc_AuthType auth_type;
1063         enum dcerpc_AuthLevel auth_level;
1064
1065         dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level);
1066
1067         if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
1068                 struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 2, &out_blob,
1069                                         false, false, false, false, false, true, false);
1070                 torture_assert(tctx, r != NULL, "createRestoreGUIDStruct failed");
1071                 torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID");
1072                 out_blob.length = *r->out.data_out_len;
1073                 ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped);
1074                 torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 0, "Unable to unmarshall bkrp_client_side_unwrapped");
1075                 torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_DATA, "Bad error code on wrong has in access check");
1076         } else {
1077                 struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob);
1078                 torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r),
1079                         NT_STATUS_ACCESS_DENIED, "Get GUID");
1080         }
1081         return true;
1082 }
1083
1084 /*
1085  * Check that the RSA modulus in the certificate of the DCs has 2048 bits.
1086  */
1087 static bool test_RetrieveBackupKeyGUID_2048bits(struct torture_context *tctx,
1088                                         struct dcerpc_pipe *p)
1089 {
1090         struct dcerpc_binding_handle *b = p->binding_handle;
1091         DATA_BLOB out_blob;
1092         struct bkrp_BackupKey *r = createRetrieveBackupKeyGUIDStruct(tctx, p, 2, &out_blob);
1093         enum dcerpc_AuthType auth_type;
1094         enum dcerpc_AuthLevel auth_level;
1095
1096         hx509_context hctx;
1097         int hret;
1098         hx509_cert cert;
1099         SubjectPublicKeyInfo spki;
1100         RSA *rsa;
1101         int RSA_returned_bits;
1102
1103         torture_assert(tctx, r != NULL, "createRetrieveBackupKeyGUIDStruct failed");
1104
1105         hx509_context_init(&hctx);
1106
1107         if (r == NULL) {
1108                 return false;
1109         }
1110
1111         dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level);
1112
1113         if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
1114                 const unsigned char *spki_spk_data;
1115                 torture_assert_ntstatus_ok(tctx,
1116                                 dcerpc_bkrp_BackupKey_r(b, tctx, r),
1117                                 "Get GUID");
1118
1119                 torture_assert_werr_ok(tctx, r->out.result,
1120                                        "Get GUID");
1121
1122                 out_blob.length = *r->out.data_out_len;
1123
1124                 hret = hx509_cert_init_data(hctx, out_blob.data, out_blob.length, &cert);
1125                 torture_assert_int_equal(tctx, hret, 0, "hx509_cert_init_data failed");
1126
1127                 hret = hx509_cert_get_SPKI(hctx, cert , &spki);
1128                 torture_assert_int_equal(tctx, hret, 0, "hx509_cert_get_SPKI failed");
1129
1130                 /* We must take a copy, as d2i_RSAPublicKey *changes* the input parameter */
1131                 spki_spk_data = spki.subjectPublicKey.data;
1132                 rsa = d2i_RSAPublicKey(NULL, &spki_spk_data, spki.subjectPublicKey.length / 8);
1133                 torture_assert_int_equal(tctx, rsa != NULL, 1, "d2i_RSAPublicKey failed");
1134
1135                 RSA_returned_bits = BN_num_bits(rsa->n);
1136                 torture_assert_int_equal(tctx,
1137                                                 RSA_returned_bits,
1138                                                 2048,
1139                                                 "RSA Key doesn't have 2048 bits");
1140
1141                 RSA_free(rsa);
1142
1143                 /*
1144                  * Because we prevented spki from being changed above,
1145                  * we can now safely call this to free it
1146                  */
1147                 free_SubjectPublicKeyInfo(&spki);
1148                 hx509_cert_free(cert);
1149                 hx509_context_free(&hctx);
1150
1151         } else {
1152                 torture_assert_ntstatus_equal(tctx,
1153                                                 dcerpc_bkrp_BackupKey_r(b, tctx, r),
1154                                                 NT_STATUS_ACCESS_DENIED,
1155                                                 "Get GUID");
1156         }
1157         return true;
1158 }
1159
1160 static bool test_ServerWrap_encrypt_decrypt(struct torture_context *tctx,
1161                                             struct dcerpc_pipe *p)
1162 {
1163         struct bkrp_BackupKey r;
1164         struct GUID guid;
1165         DATA_BLOB plaintext = data_blob_const(secret, sizeof(secret));
1166         DATA_BLOB encrypted;
1167         uint32_t enclen;
1168         DATA_BLOB decrypted;
1169         uint32_t declen;
1170         struct dcerpc_binding_handle *b = p->binding_handle;
1171         enum dcerpc_AuthType auth_type;
1172         enum dcerpc_AuthLevel auth_level;
1173         ZERO_STRUCT(r);
1174
1175         dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level);
1176
1177         /* Encrypt */
1178         torture_assert_ntstatus_ok(tctx,
1179                                    GUID_from_string(BACKUPKEY_BACKUP_GUID, &guid),
1180                                    "obtain GUID");
1181
1182         r.in.guidActionAgent = &guid;
1183         r.in.data_in = plaintext.data;
1184         r.in.data_in_len = plaintext.length;
1185         r.in.param = 0;
1186         r.out.data_out = &encrypted.data;
1187         r.out.data_out_len = &enclen;
1188         if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
1189                 torture_assert_ntstatus_ok(tctx,
1190                                            dcerpc_bkrp_BackupKey_r(b, tctx, &r),
1191                                            "encrypt");
1192         } else {
1193                 torture_assert_ntstatus_equal(tctx,
1194                                               dcerpc_bkrp_BackupKey_r(b, tctx, &r),
1195                                               NT_STATUS_ACCESS_DENIED,
1196                                               "encrypt");
1197                 return true;
1198         }
1199         torture_assert_werr_ok(tctx,
1200                                r.out.result,
1201                                "encrypt");
1202         encrypted.length = *r.out.data_out_len;
1203
1204         /* Decrypt */
1205         torture_assert_ntstatus_ok(tctx,
1206                                    GUID_from_string(BACKUPKEY_RESTORE_GUID, &guid),
1207                                    "obtain GUID");
1208
1209         r.in.guidActionAgent = &guid;
1210         r.in.data_in = encrypted.data;
1211         r.in.data_in_len = encrypted.length;
1212         r.in.param = 0;
1213         r.out.data_out = &(decrypted.data);
1214         r.out.data_out_len = &declen;
1215         torture_assert_ntstatus_ok(tctx,
1216                                    dcerpc_bkrp_BackupKey_r(b, tctx, &r),
1217                                    "decrypt");
1218         torture_assert_werr_ok(tctx,
1219                                r.out.result,
1220                                "decrypt");
1221         decrypted.length = *r.out.data_out_len;
1222
1223         /* Compare */
1224         torture_assert_data_blob_equal(tctx, plaintext, decrypted, "Decrypt failed");
1225
1226         /* Decrypt */
1227         torture_assert_ntstatus_ok(tctx,
1228                                    GUID_from_string(BACKUPKEY_RESTORE_GUID_WIN2K, &guid),
1229                                    "obtain GUID");
1230
1231         r.in.guidActionAgent = &guid;
1232         r.in.data_in = encrypted.data;
1233         r.in.data_in_len = encrypted.length;
1234         r.in.param = 0;
1235         r.out.data_out = &(decrypted.data);
1236         r.out.data_out_len = &declen;
1237         torture_assert_ntstatus_ok(tctx,
1238                                    dcerpc_bkrp_BackupKey_r(b, tctx, &r),
1239                                    "decrypt");
1240         torture_assert_werr_ok(tctx,
1241                                r.out.result,
1242                                "decrypt");
1243         decrypted.length = *r.out.data_out_len;
1244
1245         /* Compare */
1246         torture_assert_data_blob_equal(tctx, plaintext, decrypted, "Decrypt failed");
1247         return true;
1248 }
1249
1250 static bool test_ServerWrap_decrypt_wrong_keyGUID(struct torture_context *tctx,
1251                                                   struct dcerpc_pipe *p)
1252 {
1253         struct bkrp_BackupKey r;
1254         struct GUID guid;
1255         DATA_BLOB plaintext = data_blob_const(secret, sizeof(secret));
1256         DATA_BLOB encrypted;
1257         uint32_t enclen;
1258         DATA_BLOB decrypted;
1259         uint32_t declen;
1260         struct dcerpc_binding_handle *b = p->binding_handle;
1261         enum ndr_err_code ndr_err;
1262         struct bkrp_server_side_wrapped server_side_wrapped;
1263         enum dcerpc_AuthType auth_type;
1264         enum dcerpc_AuthLevel auth_level;
1265         ZERO_STRUCT(r);
1266
1267         dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level);
1268
1269         /* Encrypt */
1270         torture_assert_ntstatus_ok(tctx,
1271                                    GUID_from_string(BACKUPKEY_BACKUP_GUID, &guid),
1272                                    "obtain GUID");
1273
1274         r.in.guidActionAgent = &guid;
1275         r.in.data_in = plaintext.data;
1276         r.in.data_in_len = plaintext.length;
1277         r.in.param = 0;
1278         r.out.data_out = &encrypted.data;
1279         r.out.data_out_len = &enclen;
1280         if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
1281                 torture_assert_ntstatus_ok(tctx,
1282                                            dcerpc_bkrp_BackupKey_r(b, tctx, &r),
1283                                            "encrypt");
1284         } else {
1285                 torture_assert_ntstatus_equal(tctx,
1286                                               dcerpc_bkrp_BackupKey_r(b, tctx, &r),
1287                                               NT_STATUS_ACCESS_DENIED,
1288                                               "encrypt");
1289                 return true;
1290         }
1291         torture_assert_werr_ok(tctx,
1292                                r.out.result,
1293                                "encrypt");
1294         encrypted.length = *r.out.data_out_len;
1295
1296         ndr_err = ndr_pull_struct_blob(&encrypted, tctx, &server_side_wrapped,
1297                                        (ndr_pull_flags_fn_t)ndr_pull_bkrp_server_side_wrapped);
1298         torture_assert_ndr_err_equal(tctx, ndr_err, NDR_ERR_SUCCESS, "pull of server_side_wrapped");
1299
1300         /* Change the GUID */
1301         server_side_wrapped.guid = GUID_random();
1302
1303         ndr_err = ndr_push_struct_blob(&encrypted, tctx, &server_side_wrapped,
1304                                        (ndr_push_flags_fn_t)ndr_push_bkrp_server_side_wrapped);
1305         torture_assert_ndr_err_equal(tctx, ndr_err, NDR_ERR_SUCCESS, "push of server_side_wrapped");
1306
1307         /* Decrypt */
1308         torture_assert_ntstatus_ok(tctx,
1309                                    GUID_from_string(BACKUPKEY_RESTORE_GUID, &guid),
1310                                    "obtain GUID");
1311
1312         r.in.guidActionAgent = &guid;
1313         r.in.data_in = encrypted.data;
1314         r.in.data_in_len = encrypted.length;
1315         r.in.param = 0;
1316         r.out.data_out = &(decrypted.data);
1317         r.out.data_out_len = &declen;
1318         torture_assert_ntstatus_ok(tctx,
1319                                    dcerpc_bkrp_BackupKey_r(b, tctx, &r),
1320                                    "decrypt");
1321         torture_assert_werr_equal(tctx,
1322                                   r.out.result,
1323                                   WERR_INVALID_DATA,
1324                                   "decrypt should fail with WERR_INVALID_DATA");
1325
1326         /* Decrypt */
1327         torture_assert_ntstatus_ok(tctx,
1328                                    GUID_from_string(BACKUPKEY_RESTORE_GUID_WIN2K, &guid),
1329                                    "obtain GUID");
1330
1331         r.in.guidActionAgent = &guid;
1332         r.in.data_in = encrypted.data;
1333         r.in.data_in_len = encrypted.length;
1334         r.in.param = 0;
1335         r.out.data_out = &(decrypted.data);
1336         r.out.data_out_len = &declen;
1337         torture_assert_ntstatus_ok(tctx,
1338                                    dcerpc_bkrp_BackupKey_r(b, tctx, &r),
1339                                    "decrypt");
1340         torture_assert_werr_equal(tctx,
1341                                   r.out.result,
1342                                   WERR_INVALID_DATA,
1343                                   "decrypt should fail with WERR_INVALID_DATA");
1344
1345         return true;
1346 }
1347
1348 static bool test_ServerWrap_decrypt_empty_request(struct torture_context *tctx,
1349                                                  struct dcerpc_pipe *p)
1350 {
1351         struct bkrp_BackupKey r;
1352         struct GUID guid;
1353         DATA_BLOB decrypted;
1354         uint32_t declen;
1355         struct dcerpc_binding_handle *b = p->binding_handle;
1356         uint8_t short_request[4] = { 1, 0, 0, 0 };
1357         enum dcerpc_AuthType auth_type;
1358         enum dcerpc_AuthLevel auth_level;
1359         ZERO_STRUCT(r);
1360
1361         dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level);
1362
1363         /* Decrypt */
1364         torture_assert_ntstatus_ok(tctx,
1365                                    GUID_from_string(BACKUPKEY_RESTORE_GUID, &guid),
1366                                    "obtain GUID");
1367
1368         r.in.guidActionAgent = &guid;
1369         r.in.data_in = short_request;
1370         r.in.data_in_len = 0;
1371         r.in.param = 0;
1372         r.out.data_out = &(decrypted.data);
1373         r.out.data_out_len = &declen;
1374         if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
1375                 torture_assert_ntstatus_ok(tctx,
1376                                            dcerpc_bkrp_BackupKey_r(b, tctx, &r),
1377                                            "encrypt");
1378         } else {
1379                 torture_assert_ntstatus_equal(tctx,
1380                                               dcerpc_bkrp_BackupKey_r(b, tctx, &r),
1381                                               NT_STATUS_ACCESS_DENIED,
1382                                               "encrypt");
1383                 return true;
1384         }
1385         torture_assert_werr_equal(tctx,
1386                                   r.out.result,
1387                                   WERR_INVALID_PARAMETER,
1388                                   "decrypt should fail with WERR_INVALID_PARAMETER");
1389
1390         /* Decrypt */
1391         torture_assert_ntstatus_ok(tctx,
1392                                    GUID_from_string(BACKUPKEY_RESTORE_GUID_WIN2K, &guid),
1393                                    "obtain GUID");
1394
1395         r.in.guidActionAgent = &guid;
1396         r.in.data_in = short_request;
1397         r.in.data_in_len = 0;
1398         r.in.param = 0;
1399         r.out.data_out = &(decrypted.data);
1400         r.out.data_out_len = &declen;
1401         torture_assert_ntstatus_ok(tctx,
1402                                    dcerpc_bkrp_BackupKey_r(b, tctx, &r),
1403                                    "decrypt");
1404         torture_assert_werr_equal(tctx,
1405                                   r.out.result,
1406                                   WERR_INVALID_PARAMETER,
1407                                   "decrypt should fail with WERR_INVALID_PARAMETER");
1408
1409         /* Decrypt */
1410         torture_assert_ntstatus_ok(tctx,
1411                                    GUID_from_string(BACKUPKEY_RESTORE_GUID, &guid),
1412                                    "obtain GUID");
1413
1414         r.in.guidActionAgent = &guid;
1415         r.in.data_in = NULL;
1416         r.in.data_in_len = 0;
1417         r.in.param = 0;
1418         r.out.data_out = &(decrypted.data);
1419         r.out.data_out_len = &declen;
1420         torture_assert_ntstatus_equal(tctx,
1421                                       dcerpc_bkrp_BackupKey_r(b, tctx, &r),
1422                                       NT_STATUS_INVALID_PARAMETER_MIX,
1423                                       "decrypt");
1424
1425         /* Decrypt */
1426         torture_assert_ntstatus_ok(tctx,
1427                                    GUID_from_string(BACKUPKEY_RESTORE_GUID_WIN2K, &guid),
1428                                    "obtain GUID");
1429
1430         r.in.guidActionAgent = &guid;
1431         r.in.data_in = NULL;
1432         r.in.data_in_len = 0;
1433         r.in.param = 0;
1434         r.out.data_out = &(decrypted.data);
1435         r.out.data_out_len = &declen;
1436         torture_assert_ntstatus_equal(tctx,
1437                                       dcerpc_bkrp_BackupKey_r(b, tctx, &r),
1438                                       NT_STATUS_INVALID_PARAMETER_MIX,
1439                                       "decrypt");
1440
1441         return true;
1442 }
1443
1444
1445 static bool test_ServerWrap_decrypt_short_request(struct torture_context *tctx,
1446                                                  struct dcerpc_pipe *p)
1447 {
1448         struct bkrp_BackupKey r;
1449         struct GUID guid;
1450         DATA_BLOB decrypted;
1451         uint32_t declen;
1452         struct dcerpc_binding_handle *b = p->binding_handle;
1453         uint8_t short_request[4] = { 1, 0, 0, 0 };
1454         enum dcerpc_AuthType auth_type;
1455         enum dcerpc_AuthLevel auth_level;
1456         ZERO_STRUCT(r);
1457
1458         dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level);
1459
1460         /* Decrypt */
1461         torture_assert_ntstatus_ok(tctx,
1462                                    GUID_from_string(BACKUPKEY_RESTORE_GUID, &guid),
1463                                    "obtain GUID");
1464
1465         r.in.guidActionAgent = &guid;
1466         r.in.data_in = short_request;
1467         r.in.data_in_len = 4;
1468         r.in.param = 0;
1469         r.out.data_out = &(decrypted.data);
1470         r.out.data_out_len = &declen;
1471         if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
1472                 torture_assert_ntstatus_ok(tctx,
1473                                            dcerpc_bkrp_BackupKey_r(b, tctx, &r),
1474                                            "encrypt");
1475         } else {
1476                 torture_assert_ntstatus_equal(tctx,
1477                                               dcerpc_bkrp_BackupKey_r(b, tctx, &r),
1478                                               NT_STATUS_ACCESS_DENIED,
1479                                               "encrypt");
1480                 return true;
1481         }
1482         torture_assert_werr_equal(tctx,
1483                                   r.out.result,
1484                                   WERR_INVALID_PARAMETER,
1485                                   "decrypt should fail with WERR_INVALID_PARAMETER");
1486
1487         /* Decrypt */
1488         torture_assert_ntstatus_ok(tctx,
1489                                    GUID_from_string(BACKUPKEY_RESTORE_GUID_WIN2K, &guid),
1490                                    "obtain GUID");
1491
1492         r.in.guidActionAgent = &guid;
1493         r.in.data_in = short_request;
1494         r.in.data_in_len = 4;
1495         r.in.param = 0;
1496         r.out.data_out = &(decrypted.data);
1497         r.out.data_out_len = &declen;
1498         torture_assert_ntstatus_ok(tctx,
1499                                    dcerpc_bkrp_BackupKey_r(b, tctx, &r),
1500                                    "decrypt");
1501         torture_assert_werr_equal(tctx,
1502                                   r.out.result,
1503                                   WERR_INVALID_PARAMETER,
1504                                   "decrypt should fail with WERR_INVALID_PARAMETER");
1505
1506         /* Decrypt */
1507         torture_assert_ntstatus_ok(tctx,
1508                                    GUID_from_string(BACKUPKEY_RESTORE_GUID, &guid),
1509                                    "obtain GUID");
1510
1511         r.in.guidActionAgent = &guid;
1512         r.in.data_in = short_request;
1513         r.in.data_in_len = 1;
1514         r.in.param = 0;
1515         r.out.data_out = &(decrypted.data);
1516         r.out.data_out_len = &declen;
1517         torture_assert_ntstatus_ok(tctx,
1518                                    dcerpc_bkrp_BackupKey_r(b, tctx, &r),
1519                                    "decrypt");
1520         torture_assert_werr_equal(tctx,
1521                                   r.out.result,
1522                                   WERR_INVALID_PARAMETER,
1523                                   "decrypt should fail with WERR_INVALID_PARAMETER");
1524
1525         /* Decrypt */
1526         torture_assert_ntstatus_ok(tctx,
1527                                    GUID_from_string(BACKUPKEY_RESTORE_GUID_WIN2K, &guid),
1528                                    "obtain GUID");
1529
1530         r.in.guidActionAgent = &guid;
1531         r.in.data_in = short_request;
1532         r.in.data_in_len = 1;
1533         r.in.param = 0;
1534         r.out.data_out = &(decrypted.data);
1535         r.out.data_out_len = &declen;
1536         torture_assert_ntstatus_ok(tctx,
1537                                    dcerpc_bkrp_BackupKey_r(b, tctx, &r),
1538                                    "decrypt");
1539         torture_assert_werr_equal(tctx,
1540                                   r.out.result,
1541                                   WERR_INVALID_PARAMETER,
1542                                   "decrypt should fail with WERR_INVALID_PARAMETER");
1543
1544         return true;
1545 }
1546
1547 static bool test_ServerWrap_encrypt_decrypt_manual(struct torture_context *tctx,
1548                                                    struct bkrp_server_side_wrapped *server_side_wrapped,
1549                                                    enum test_wrong wrong)
1550 {
1551         char *lsa_binding_string = NULL;
1552         struct dcerpc_binding *lsa_binding = NULL;
1553         struct dcerpc_pipe *lsa_p = NULL;
1554         struct dcerpc_binding_handle *lsa_b = NULL;
1555         struct lsa_OpenSecret r_secret;
1556         struct lsa_QuerySecret r_query_secret;
1557         struct policy_handle *handle, sec_handle;
1558         struct bkrp_BackupKey r;
1559         struct GUID preferred_key_guid;
1560         DATA_BLOB plaintext = data_blob_const(secret, sizeof(secret));
1561         DATA_BLOB preferred_key, preferred_key_clear, session_key,
1562                 decrypt_key, decrypt_key_clear, encrypted_blob, symkey_blob,
1563                 sid_blob;
1564         struct bkrp_dc_serverwrap_key server_key;
1565         struct lsa_DATA_BUF_PTR bufp1;
1566         char *key_guid_string;
1567         struct bkrp_rc4encryptedpayload rc4payload;
1568         struct dom_sid *caller_sid;
1569         uint8_t symkey[20]; /* SHA-1 hash len */
1570         uint8_t mackey[20]; /* SHA-1 hash len */
1571         uint8_t mac[20]; /* SHA-1 hash len */
1572         unsigned int hash_len;
1573         HMAC_CTX ctx;
1574         ZERO_STRUCT(r);
1575         ZERO_STRUCT(r_secret);
1576         ZERO_STRUCT(r_query_secret);
1577
1578         /* Now read BCKUPKEY_P and prove we can do a matching decrypt and encrypt */
1579
1580         /* lsa_OpenSecret only works with ncacn_np and AUTH_LEVEL_NONE */
1581         lsa_binding_string = talloc_asprintf(tctx, "ncacn_np:%s",
1582                                 torture_setting_string(tctx, "host", NULL));
1583         torture_assert(tctx, lsa_binding_string != NULL, "lsa_binding_string");
1584
1585         torture_assert_ntstatus_ok(tctx,
1586                 dcerpc_parse_binding(tctx, lsa_binding_string, &lsa_binding),
1587                 "Failed to parse dcerpc binding");
1588
1589         torture_assert_ntstatus_ok(tctx,
1590                                    dcerpc_pipe_connect_b(tctx, &lsa_p,
1591                                         lsa_binding, &ndr_table_lsarpc,
1592                                         cmdline_credentials, tctx->ev, tctx->lp_ctx),
1593                                    "Opening LSA pipe");
1594         lsa_b = lsa_p->binding_handle;
1595
1596         torture_assert(tctx, test_lsa_OpenPolicy2(lsa_b, tctx, &handle), "OpenPolicy failed");
1597         r_secret.in.name.string = "G$BCKUPKEY_P";
1598
1599         r_secret.in.handle = handle;
1600         r_secret.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1601         r_secret.out.sec_handle = &sec_handle;
1602
1603         torture_comment(tctx, "Testing OpenSecret\n");
1604
1605         torture_assert_ntstatus_ok(tctx, dcerpc_lsa_OpenSecret_r(lsa_b, tctx, &r_secret),
1606                                    "OpenSecret failed");
1607         torture_assert_ntstatus_ok(tctx, r_secret.out.result,
1608                                    "OpenSecret failed");
1609
1610         r_query_secret.in.sec_handle = &sec_handle;
1611         r_query_secret.in.new_val = &bufp1;
1612         bufp1.buf = NULL;
1613
1614         torture_assert_ntstatus_ok(tctx, dcerpc_lsa_QuerySecret_r(lsa_b, tctx, &r_query_secret),
1615                 "QuerySecret failed");
1616         torture_assert_ntstatus_ok(tctx, r_query_secret.out.result,
1617                                    "QuerySecret failed");
1618
1619
1620         preferred_key.data = r_query_secret.out.new_val->buf->data;
1621         preferred_key.length = r_query_secret.out.new_val->buf->size;
1622         torture_assert_ntstatus_ok(tctx, dcerpc_fetch_session_key(lsa_p, &session_key),
1623                                    "dcerpc_fetch_session_key failed");
1624
1625         torture_assert_ntstatus_ok(tctx,
1626                                    sess_decrypt_blob(tctx,
1627                                                      &preferred_key, &session_key, &preferred_key_clear),
1628                                    "sess_decrypt_blob failed");
1629
1630         torture_assert_ntstatus_ok(tctx, GUID_from_ndr_blob(&preferred_key_clear, &preferred_key_guid),
1631                                    "GUID parse failed");
1632
1633         torture_assert_guid_equal(tctx, server_side_wrapped->guid,
1634                                   preferred_key_guid,
1635                                   "GUID didn't match value pointed at by G$BCKUPKEY_P");
1636
1637         /* And read BCKUPKEY_<guid> and get the actual key */
1638
1639         key_guid_string = GUID_string(tctx, &server_side_wrapped->guid);
1640         r_secret.in.name.string = talloc_asprintf(tctx, "G$BCKUPKEY_%s", key_guid_string);
1641
1642         r_secret.in.handle = handle;
1643         r_secret.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1644         r_secret.out.sec_handle = &sec_handle;
1645
1646         torture_comment(tctx, "Testing OpenSecret\n");
1647
1648         torture_assert_ntstatus_ok(tctx, dcerpc_lsa_OpenSecret_r(lsa_b, tctx, &r_secret),
1649                                    "OpenSecret failed");
1650         torture_assert_ntstatus_ok(tctx, r_secret.out.result,
1651                                    "OpenSecret failed");
1652
1653         r_query_secret.in.sec_handle = &sec_handle;
1654         r_query_secret.in.new_val = &bufp1;
1655
1656         torture_assert_ntstatus_ok(tctx, dcerpc_lsa_QuerySecret_r(lsa_b, tctx, &r_query_secret),
1657                                    "QuerySecret failed");
1658         torture_assert_ntstatus_ok(tctx, r_query_secret.out.result,
1659                                    "QuerySecret failed");
1660
1661
1662         decrypt_key.data = r_query_secret.out.new_val->buf->data;
1663         decrypt_key.length = r_query_secret.out.new_val->buf->size;
1664
1665         torture_assert_ntstatus_ok(tctx,
1666                                    sess_decrypt_blob(tctx,
1667                                                      &decrypt_key, &session_key, &decrypt_key_clear),
1668                                    "sess_decrypt_blob failed");
1669
1670         torture_assert_ndr_err_equal(tctx, ndr_pull_struct_blob(&decrypt_key_clear, tctx, &server_key,
1671                                                                 (ndr_pull_flags_fn_t)ndr_pull_bkrp_dc_serverwrap_key),
1672                                      NDR_ERR_SUCCESS, "Failed to parse server_key");
1673
1674         torture_assert_int_equal(tctx, server_key.magic, 1, "Failed to correctly decrypt server key");
1675
1676         /*
1677          * This is *not* the leading 64 bytes, as indicated in MS-BKRP 3.1.4.1.1
1678          * BACKUPKEY_BACKUP_GUID, it really is the whole key
1679          */
1680         HMAC(EVP_sha1(), server_key.key, sizeof(server_key.key),
1681              server_side_wrapped->r2, sizeof(server_side_wrapped->r2),
1682              symkey, &hash_len);
1683
1684         /* rc4 decrypt sid and secret using sym key */
1685         symkey_blob = data_blob_const(symkey, sizeof(symkey));
1686
1687         encrypted_blob = data_blob_talloc(tctx, server_side_wrapped->rc4encryptedpayload,
1688                                           server_side_wrapped->ciphertext_length);
1689
1690         arcfour_crypt_blob(encrypted_blob.data, encrypted_blob.length, &symkey_blob);
1691
1692         torture_assert_ndr_err_equal(tctx, ndr_pull_struct_blob(&encrypted_blob, tctx, &rc4payload,
1693                                        (ndr_pull_flags_fn_t)ndr_pull_bkrp_rc4encryptedpayload),
1694                                      NDR_ERR_SUCCESS, "Failed to parse rc4encryptedpayload");
1695
1696         torture_assert_int_equal(tctx, rc4payload.secret_data.length,
1697                                  server_side_wrapped->payload_length,
1698                                  "length of decrypted payload not the length declared in surrounding structure");
1699
1700         /*
1701          * This is *not* the leading 64 bytes, as indicated in MS-BKRP 3.1.4.1.1
1702          * BACKUPKEY_BACKUP_GUID, it really is the whole key
1703          */
1704         HMAC(EVP_sha1(), server_key.key, sizeof(server_key.key),
1705              rc4payload.r3, sizeof(rc4payload.r3),
1706              mackey, &hash_len);
1707
1708         torture_assert_ndr_err_equal(tctx, ndr_push_struct_blob(&sid_blob, tctx, &rc4payload.sid,
1709                                                                 (ndr_push_flags_fn_t)ndr_push_dom_sid),
1710                                      NDR_ERR_SUCCESS, "unable to push SID");
1711
1712         HMAC_CTX_init(&ctx);
1713         HMAC_Init_ex(&ctx, mackey, hash_len, EVP_sha1(), NULL);
1714         /* SID field */
1715         HMAC_Update(&ctx, sid_blob.data, sid_blob.length);
1716         /* Secret field */
1717         HMAC_Update(&ctx, rc4payload.secret_data.data, rc4payload.secret_data.length);
1718         HMAC_Final(&ctx, mac, &hash_len);
1719         HMAC_CTX_cleanup(&ctx);
1720
1721         torture_assert_mem_equal(tctx, mac, rc4payload.mac, sizeof(mac), "mac not correct");
1722         torture_assert_int_equal(tctx, rc4payload.secret_data.length,
1723                                  plaintext.length, "decrypted data is not correct length");
1724         torture_assert_mem_equal(tctx, rc4payload.secret_data.data,
1725                                  plaintext.data, plaintext.length,
1726                                  "decrypted data is not correct");
1727
1728         /* Not strictly correct all the time, but good enough for this test */
1729         caller_sid = get_user_sid(tctx, tctx, cli_credentials_get_username(cmdline_credentials));
1730
1731         torture_assert_sid_equal(tctx, &rc4payload.sid, caller_sid, "Secret saved with wrong SID");
1732
1733
1734         /* RE-encrypt */
1735
1736         if (wrong == WRONG_SID) {
1737                 rc4payload.sid.sub_auths[rc4payload.sid.num_auths - 1] = DOMAIN_RID_KRBTGT;
1738         }
1739
1740         dump_data_pw("mackey: \n", mackey, sizeof(mackey));
1741
1742         torture_assert_ndr_err_equal(tctx,
1743                                      ndr_push_struct_blob(&sid_blob, tctx, &rc4payload.sid,
1744                                                           (ndr_push_flags_fn_t)ndr_push_dom_sid),
1745                                      NDR_ERR_SUCCESS,
1746                                      "push of sid failed");
1747
1748         HMAC_CTX_init(&ctx);
1749         HMAC_Init_ex(&ctx, mackey, 20, EVP_sha1(), NULL);
1750         /* SID field */
1751         HMAC_Update(&ctx, sid_blob.data, sid_blob.length);
1752         /* Secret field */
1753         HMAC_Update(&ctx, rc4payload.secret_data.data, rc4payload.secret_data.length);
1754         HMAC_Final(&ctx, rc4payload.mac, &hash_len);
1755         HMAC_CTX_cleanup(&ctx);
1756
1757         dump_data_pw("rc4payload.mac: \n", rc4payload.mac, sizeof(rc4payload.mac));
1758
1759         torture_assert_ndr_err_equal(tctx,
1760                                      ndr_push_struct_blob(&encrypted_blob, tctx, &rc4payload,
1761                                                           (ndr_push_flags_fn_t)ndr_push_bkrp_rc4encryptedpayload),
1762                                      NDR_ERR_SUCCESS,
1763                                      "push of rc4payload failed");
1764
1765         if (wrong == WRONG_KEY) {
1766                 symkey_blob.data[0] = 78;
1767                 symkey_blob.data[1] = 78;
1768                 symkey_blob.data[2] = 78;
1769         }
1770
1771         /* rc4 encrypt sid and secret using sym key */
1772         arcfour_crypt_blob(encrypted_blob.data, encrypted_blob.length, &symkey_blob);
1773
1774         /* re-create server wrap structure */
1775
1776         torture_assert_int_equal(tctx, encrypted_blob.length,
1777                                  server_side_wrapped->ciphertext_length,
1778                                  "expected encrypted length not to change");
1779         if (wrong == RIGHT_KEY) {
1780                 torture_assert_mem_equal(tctx, server_side_wrapped->rc4encryptedpayload,
1781                                          encrypted_blob.data,
1782                                          encrypted_blob.length,
1783                                          "expected encrypted data not to change");
1784         }
1785
1786         server_side_wrapped->payload_length = rc4payload.secret_data.length;
1787         server_side_wrapped->ciphertext_length = encrypted_blob.length;
1788         server_side_wrapped->rc4encryptedpayload = encrypted_blob.data;
1789
1790         return true;
1791 }
1792
1793
1794 static bool test_ServerWrap_decrypt_wrong_stuff(struct torture_context *tctx,
1795                                                 struct dcerpc_pipe *p,
1796                                                 enum test_wrong wrong)
1797 {
1798         struct bkrp_BackupKey r;
1799         struct GUID guid;
1800         DATA_BLOB plaintext = data_blob_const(secret, sizeof(secret));
1801         DATA_BLOB encrypted;
1802         uint32_t enclen;
1803         DATA_BLOB decrypted;
1804         uint32_t declen;
1805         struct dcerpc_binding_handle *b = p->binding_handle;
1806         enum ndr_err_code ndr_err;
1807         struct bkrp_server_side_wrapped server_side_wrapped;
1808         bool repush = false;
1809         enum dcerpc_AuthType auth_type;
1810         enum dcerpc_AuthLevel auth_level;
1811         ZERO_STRUCT(r);
1812
1813         dcerpc_binding_handle_auth_info(b, &auth_type, &auth_level);
1814
1815         /* Encrypt */
1816         torture_assert_ntstatus_ok(tctx,
1817                                    GUID_from_string(BACKUPKEY_BACKUP_GUID, &guid),
1818                                    "obtain GUID");
1819
1820         r.in.guidActionAgent = &guid;
1821         r.in.data_in = plaintext.data;
1822         r.in.data_in_len = plaintext.length;
1823         r.in.param = 0;
1824         r.out.data_out = &encrypted.data;
1825         r.out.data_out_len = &enclen;
1826         if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
1827                 torture_assert_ntstatus_ok(tctx,
1828                                            dcerpc_bkrp_BackupKey_r(b, tctx, &r),
1829                                            "encrypt");
1830         } else {
1831                 torture_assert_ntstatus_equal(tctx,
1832                                               dcerpc_bkrp_BackupKey_r(b, tctx, &r),
1833                                               NT_STATUS_ACCESS_DENIED,
1834                                               "encrypt");
1835                 return true;
1836         }
1837         torture_assert_werr_ok(tctx,
1838                                r.out.result,
1839                                "encrypt");
1840         encrypted.length = *r.out.data_out_len;
1841
1842         ndr_err = ndr_pull_struct_blob(&encrypted, tctx, &server_side_wrapped,
1843                                        (ndr_pull_flags_fn_t)ndr_pull_bkrp_server_side_wrapped);
1844         torture_assert_ndr_err_equal(tctx, ndr_err, NDR_ERR_SUCCESS, "pull of server_side_wrapped");
1845
1846         torture_assert_int_equal(tctx, server_side_wrapped.payload_length, plaintext.length,
1847                                  "wrong payload length");
1848
1849         switch (wrong) {
1850         case WRONG_MAGIC:
1851                 /* Change the magic.  Forced by our NDR layer, so do it raw */
1852                 SIVAL(encrypted.data, 0, 78);  /* valid values are 1-3 */
1853                 break;
1854         case WRONG_R2:
1855                 server_side_wrapped.r2[0] = 78;
1856                 server_side_wrapped.r2[1] = 78;
1857                 server_side_wrapped.r2[3] = 78;
1858                 repush = true;
1859                 break;
1860         case WRONG_PAYLOAD_LENGTH:
1861                 server_side_wrapped.payload_length = UINT32_MAX - 8;
1862                 repush = true;
1863                 break;
1864         case WRONG_CIPHERTEXT_LENGTH:
1865                 /*
1866                  * Change the ciphertext len.  We can't push this if
1867                  * we have it wrong, so do it raw
1868                  */
1869                 SIVAL(encrypted.data, 8, UINT32_MAX - 8);  /* valid values are 1-3 */
1870                 break;
1871         case SHORT_PAYLOAD_LENGTH:
1872                 server_side_wrapped.payload_length = server_side_wrapped.payload_length - 8;
1873                 repush = true;
1874                 break;
1875         case SHORT_CIPHERTEXT_LENGTH:
1876                 /*
1877                  * Change the ciphertext len.  We can't push this if
1878                  * we have it wrong, so do it raw
1879                  */
1880                 SIVAL(encrypted.data, 8, server_side_wrapped.ciphertext_length - 8);  /* valid values are 1-3 */
1881                 break;
1882         case ZERO_PAYLOAD_LENGTH:
1883                 server_side_wrapped.payload_length = 0;
1884                 repush = true;
1885                 break;
1886         case ZERO_CIPHERTEXT_LENGTH:
1887                 /*
1888                  * Change the ciphertext len.  We can't push this if
1889                  * we have it wrong, so do it raw
1890                  */
1891                 SIVAL(encrypted.data, 8, 0);  /* valid values are 1-3 */
1892                 break;
1893
1894         case RIGHT_KEY:
1895         case WRONG_KEY:
1896         case WRONG_SID:
1897                 torture_assert(tctx,
1898                                test_ServerWrap_encrypt_decrypt_manual(tctx, &server_side_wrapped, wrong),
1899                                "test_ServerWrap_encrypt_decrypt_manual failed");
1900                 repush = true;
1901                 break;
1902         }
1903
1904         if (repush) {
1905                 ndr_err = ndr_push_struct_blob(&encrypted, tctx, &server_side_wrapped,
1906                                                (ndr_push_flags_fn_t)ndr_push_bkrp_server_side_wrapped);
1907                 torture_assert_ndr_err_equal(tctx, ndr_err, NDR_ERR_SUCCESS, "push of server_side_wrapped");
1908         }
1909
1910         /* Decrypt */
1911         torture_assert_ntstatus_ok(tctx,
1912                                    GUID_from_string(BACKUPKEY_RESTORE_GUID, &guid),
1913                                    "obtain GUID");
1914
1915         r.in.guidActionAgent = &guid;
1916         r.in.data_in = encrypted.data;
1917         r.in.data_in_len = encrypted.length;
1918         r.in.param = 0;
1919         r.out.data_out = &(decrypted.data);
1920         r.out.data_out_len = &declen;
1921         torture_assert_ntstatus_ok(tctx,
1922                                    dcerpc_bkrp_BackupKey_r(b, tctx, &r),
1923                                    "decrypt");
1924
1925         if ((wrong == WRONG_R2 || wrong == WRONG_KEY)
1926             && W_ERROR_EQUAL(r.out.result, WERR_INVALID_SID)) {
1927                 torture_assert_werr_equal(tctx,
1928                                           r.out.result,
1929                                           WERR_INVALID_SID,
1930                                           "decrypt should fail with WERR_INVALID_SID or WERR_INVALID_PARAMETER");
1931         } else if (wrong == RIGHT_KEY) {
1932                 torture_assert_werr_equal(tctx,
1933                                           r.out.result,
1934                                           WERR_OK,
1935                                           "decrypt should succeed!");
1936         } else if (wrong == WRONG_SID) {
1937                 torture_assert_werr_equal(tctx,
1938                                           r.out.result,
1939                                           WERR_INVALID_ACCESS,
1940                                           "decrypt should fail with WERR_INVALID_ACCESS");
1941         } else {
1942                 if (!W_ERROR_EQUAL(r.out.result, WERR_INVALID_PARAMETER)) {
1943                         torture_assert_werr_equal(tctx,
1944                                                   r.out.result,
1945                                                   WERR_INVALID_ACCESS,
1946                                                   "decrypt should fail with WERR_INVALID_ACCESS or WERR_INVALID_PARAMETER");
1947                 }
1948         }
1949
1950         /* Decrypt */
1951         torture_assert_ntstatus_ok(tctx,
1952                                    GUID_from_string(BACKUPKEY_RESTORE_GUID_WIN2K, &guid),
1953                                    "obtain GUID");
1954
1955         r.in.guidActionAgent = &guid;
1956         r.in.data_in = encrypted.data;
1957         r.in.data_in_len = encrypted.length;
1958         r.in.param = 0;
1959         r.out.data_out = &(decrypted.data);
1960         r.out.data_out_len = &declen;
1961         torture_assert_ntstatus_ok(tctx,
1962                                    dcerpc_bkrp_BackupKey_r(b, tctx, &r),
1963                                    "decrypt");
1964
1965         if ((wrong == WRONG_R2 || wrong == WRONG_KEY)
1966             && W_ERROR_EQUAL(r.out.result, WERR_INVALID_SID)) {
1967                 torture_assert_werr_equal(tctx,
1968                                           r.out.result,
1969                                           WERR_INVALID_SID,
1970                                           "decrypt should fail with WERR_INVALID_SID or WERR_INVALID_PARAMETER");
1971         } else if (wrong == RIGHT_KEY) {
1972                 torture_assert_werr_equal(tctx,
1973                                           r.out.result,
1974                                           WERR_OK,
1975                                           "decrypt should succeed!");
1976         } else if (wrong == WRONG_SID) {
1977                 torture_assert_werr_equal(tctx,
1978                                           r.out.result,
1979                                           WERR_INVALID_ACCESS,
1980                                           "decrypt should fail with WERR_INVALID_ACCESS");
1981         } else {
1982                 if (!W_ERROR_EQUAL(r.out.result, WERR_INVALID_ACCESS)
1983                     && !W_ERROR_EQUAL(r.out.result, WERR_INVALID_PARAMETER)) {
1984                         torture_assert_werr_equal(tctx, r.out.result,
1985                                                   WERR_INVALID_DATA,
1986                                                   "decrypt should fail with WERR_INVALID_ACCESS, WERR_INVALID_PARAMETER or WERR_INVALID_DATA");
1987                 }
1988         }
1989
1990         return true;
1991 }
1992
1993 static bool test_ServerWrap_decrypt_wrong_magic(struct torture_context *tctx,
1994                                                 struct dcerpc_pipe *p)
1995 {
1996         return test_ServerWrap_decrypt_wrong_stuff(tctx, p, WRONG_MAGIC);
1997 }
1998
1999 static bool test_ServerWrap_decrypt_wrong_r2(struct torture_context *tctx,
2000                                                 struct dcerpc_pipe *p)
2001 {
2002         return test_ServerWrap_decrypt_wrong_stuff(tctx, p, WRONG_R2);
2003 }
2004
2005 static bool test_ServerWrap_decrypt_wrong_payload_length(struct torture_context *tctx,
2006                                                          struct dcerpc_pipe *p)
2007 {
2008         return test_ServerWrap_decrypt_wrong_stuff(tctx, p, WRONG_PAYLOAD_LENGTH);
2009 }
2010
2011 static bool test_ServerWrap_decrypt_short_payload_length(struct torture_context *tctx,
2012                                                          struct dcerpc_pipe *p)
2013 {
2014         return test_ServerWrap_decrypt_wrong_stuff(tctx, p, SHORT_PAYLOAD_LENGTH);
2015 }
2016
2017 static bool test_ServerWrap_decrypt_zero_payload_length(struct torture_context *tctx,
2018                                                          struct dcerpc_pipe *p)
2019 {
2020         return test_ServerWrap_decrypt_wrong_stuff(tctx, p, ZERO_PAYLOAD_LENGTH);
2021 }
2022
2023 static bool test_ServerWrap_decrypt_wrong_ciphertext_length(struct torture_context *tctx,
2024                                                          struct dcerpc_pipe *p)
2025 {
2026         return test_ServerWrap_decrypt_wrong_stuff(tctx, p, WRONG_CIPHERTEXT_LENGTH);
2027 }
2028
2029 static bool test_ServerWrap_decrypt_short_ciphertext_length(struct torture_context *tctx,
2030                                                          struct dcerpc_pipe *p)
2031 {
2032         return test_ServerWrap_decrypt_wrong_stuff(tctx, p, SHORT_CIPHERTEXT_LENGTH);
2033 }
2034
2035 static bool test_ServerWrap_decrypt_zero_ciphertext_length(struct torture_context *tctx,
2036                                                            struct dcerpc_pipe *p)
2037 {
2038         return test_ServerWrap_decrypt_wrong_stuff(tctx, p, ZERO_CIPHERTEXT_LENGTH);
2039 }
2040
2041 static bool test_ServerWrap_encrypt_decrypt_remote_key(struct torture_context *tctx,
2042                                                        struct dcerpc_pipe *p)
2043 {
2044         return test_ServerWrap_decrypt_wrong_stuff(tctx, p, RIGHT_KEY);
2045 }
2046
2047 static bool test_ServerWrap_encrypt_decrypt_wrong_key(struct torture_context *tctx,
2048                                                        struct dcerpc_pipe *p)
2049 {
2050         return test_ServerWrap_decrypt_wrong_stuff(tctx, p, WRONG_KEY);
2051 }
2052
2053 static bool test_ServerWrap_encrypt_decrypt_wrong_sid(struct torture_context *tctx,
2054                                                       struct dcerpc_pipe *p)
2055 {
2056         return test_ServerWrap_decrypt_wrong_stuff(tctx, p, WRONG_SID);
2057 }
2058
2059 struct torture_suite *torture_rpc_backupkey(TALLOC_CTX *mem_ctx)
2060 {
2061         struct torture_suite *suite = torture_suite_create(mem_ctx, "backupkey");
2062
2063         struct torture_rpc_tcase *tcase;
2064
2065         tcase = torture_suite_add_rpc_iface_tcase(suite, "backupkey",
2066                                                   &ndr_table_backupkey);
2067
2068         torture_rpc_tcase_add_test(tcase, "retreive_backup_key_guid",
2069                                    test_RetrieveBackupKeyGUID);
2070
2071         torture_rpc_tcase_add_test(tcase, "restore_guid",
2072                                    test_RestoreGUID);
2073
2074         torture_rpc_tcase_add_test(tcase, "restore_guid version 3",
2075                                    test_RestoreGUID_v3);
2076
2077 /* We double the test in order to be sure that we don't mess stuff (ie. freeing static stuff) */
2078
2079         torture_rpc_tcase_add_test(tcase, "restore_guid_2nd",
2080                                    test_RestoreGUID);
2081
2082         torture_rpc_tcase_add_test(tcase, "unable_to_decrypt_secret",
2083                                    test_RestoreGUID_ko);
2084
2085         torture_rpc_tcase_add_test(tcase, "wrong_user_restore_guid",
2086                                    test_RestoreGUID_wronguser);
2087
2088         torture_rpc_tcase_add_test(tcase, "wrong_version_restore_guid",
2089                                    test_RestoreGUID_wrongversion);
2090
2091         torture_rpc_tcase_add_test(tcase, "bad_magic_on_secret_restore_guid",
2092                                    test_RestoreGUID_badmagiconsecret);
2093
2094         torture_rpc_tcase_add_test(tcase, "bad_hash_on_secret_restore_guid",
2095                                    test_RestoreGUID_badhashaccesscheck);
2096
2097         torture_rpc_tcase_add_test(tcase, "bad_magic_on_accesscheck_restore_guid",
2098                                    test_RestoreGUID_badmagicaccesscheck);
2099
2100         torture_rpc_tcase_add_test(tcase, "bad_cert_guid_restore_guid",
2101                                    test_RestoreGUID_badcertguid);
2102
2103         torture_rpc_tcase_add_test(tcase, "empty_request_restore_guid",
2104                                    test_RestoreGUID_emptyrequest);
2105
2106         torture_rpc_tcase_add_test(tcase, "retreive_backup_key_guid_2048_bits",
2107                                    test_RetrieveBackupKeyGUID_2048bits);
2108
2109         torture_rpc_tcase_add_test(tcase, "server_wrap_encrypt_decrypt",
2110                                    test_ServerWrap_encrypt_decrypt);
2111
2112         torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_wrong_keyGUID",
2113                                    test_ServerWrap_decrypt_wrong_keyGUID);
2114
2115         torture_rpc_tcase_add_test(tcase, "server_wrap_empty_request",
2116                                    test_ServerWrap_decrypt_empty_request);
2117
2118         torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_short_request",
2119                                    test_ServerWrap_decrypt_short_request);
2120
2121         torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_wrong_magic",
2122                                    test_ServerWrap_decrypt_wrong_magic);
2123
2124         torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_wrong_r2",
2125                                    test_ServerWrap_decrypt_wrong_r2);
2126
2127         torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_wrong_payload_length",
2128                                    test_ServerWrap_decrypt_wrong_payload_length);
2129
2130         torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_short_payload_length",
2131                                    test_ServerWrap_decrypt_short_payload_length);
2132
2133         torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_zero_payload_length",
2134                                    test_ServerWrap_decrypt_zero_payload_length);
2135
2136         torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_wrong_ciphertext_length",
2137                                    test_ServerWrap_decrypt_wrong_ciphertext_length);
2138
2139         torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_short_ciphertext_length",
2140                                    test_ServerWrap_decrypt_short_ciphertext_length);
2141
2142         torture_rpc_tcase_add_test(tcase, "server_wrap_decrypt_zero_ciphertext_length",
2143                                    test_ServerWrap_decrypt_zero_ciphertext_length);
2144
2145         torture_rpc_tcase_add_test(tcase, "server_wrap_encrypt_decrypt_remote_key",
2146                                    test_ServerWrap_encrypt_decrypt_remote_key);
2147
2148         torture_rpc_tcase_add_test(tcase, "server_wrap_encrypt_decrypt_wrong_key",
2149                                    test_ServerWrap_encrypt_decrypt_wrong_key);
2150
2151         torture_rpc_tcase_add_test(tcase, "server_wrap_encrypt_decrypt_wrong_sid",
2152                                    test_ServerWrap_encrypt_decrypt_wrong_sid);
2153
2154         return suite;
2155 }