Commit 391f826d authored by Juan Lang's avatar Juan Lang Committed by Alexandre Julliard

crypt32: Add a function to create a certificate chain engine potentially before…

crypt32: Add a function to create a certificate chain engine potentially before the root store is created.
parent 29ae673c
...@@ -104,12 +104,48 @@ static BOOL CRYPT_CheckRestrictedRoot(HCERTSTORE store) ...@@ -104,12 +104,48 @@ static BOOL CRYPT_CheckRestrictedRoot(HCERTSTORE store)
return ret; return ret;
} }
BOOL WINAPI CertCreateCertificateChainEngine(PCERT_CHAIN_ENGINE_CONFIG pConfig, HCERTCHAINENGINE CRYPT_CreateChainEngine(HCERTSTORE root,
HCERTCHAINENGINE *phChainEngine) PCERT_CHAIN_ENGINE_CONFIG pConfig)
{ {
static const WCHAR caW[] = { 'C','A',0 }; static const WCHAR caW[] = { 'C','A',0 };
static const WCHAR myW[] = { 'M','y',0 }; static const WCHAR myW[] = { 'M','y',0 };
static const WCHAR trustW[] = { 'T','r','u','s','t',0 }; static const WCHAR trustW[] = { 'T','r','u','s','t',0 };
PCertificateChainEngine engine =
CryptMemAlloc(sizeof(CertificateChainEngine));
if (engine)
{
HCERTSTORE worldStores[4];
engine->ref = 1;
engine->hRoot = root;
engine->hWorld = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0,
CERT_STORE_CREATE_NEW_FLAG, NULL);
worldStores[0] = CertDuplicateStore(engine->hRoot);
worldStores[1] = CertOpenSystemStoreW(0, caW);
worldStores[2] = CertOpenSystemStoreW(0, myW);
worldStores[3] = CertOpenSystemStoreW(0, trustW);
CRYPT_AddStoresToCollection(engine->hWorld,
sizeof(worldStores) / sizeof(worldStores[0]), worldStores);
CRYPT_AddStoresToCollection(engine->hWorld,
pConfig->cAdditionalStore, pConfig->rghAdditionalStore);
CRYPT_CloseStores(sizeof(worldStores) / sizeof(worldStores[0]),
worldStores);
engine->dwFlags = pConfig->dwFlags;
engine->dwUrlRetrievalTimeout = pConfig->dwUrlRetrievalTimeout;
engine->MaximumCachedCertificates =
pConfig->MaximumCachedCertificates;
if (pConfig->CycleDetectionModulus)
engine->CycleDetectionModulus = pConfig->CycleDetectionModulus;
else
engine->CycleDetectionModulus = DEFAULT_CYCLE_MODULUS;
}
return (HCERTCHAINENGINE)engine;
}
BOOL WINAPI CertCreateCertificateChainEngine(PCERT_CHAIN_ENGINE_CONFIG pConfig,
HCERTCHAINENGINE *phChainEngine)
{
BOOL ret; BOOL ret;
TRACE("(%p, %p)\n", pConfig, phChainEngine); TRACE("(%p, %p)\n", pConfig, phChainEngine);
...@@ -123,39 +159,17 @@ BOOL WINAPI CertCreateCertificateChainEngine(PCERT_CHAIN_ENGINE_CONFIG pConfig, ...@@ -123,39 +159,17 @@ BOOL WINAPI CertCreateCertificateChainEngine(PCERT_CHAIN_ENGINE_CONFIG pConfig,
ret = CRYPT_CheckRestrictedRoot(pConfig->hRestrictedRoot); ret = CRYPT_CheckRestrictedRoot(pConfig->hRestrictedRoot);
if (ret) if (ret)
{ {
PCertificateChainEngine engine = HCERTSTORE root;
CryptMemAlloc(sizeof(CertificateChainEngine)); HCERTCHAINENGINE engine;
if (pConfig->hRestrictedRoot)
root = CertDuplicateStore(pConfig->hRestrictedRoot);
else
root = CertOpenSystemStoreW(0, rootW);
engine = CRYPT_CreateChainEngine(root, pConfig);
if (engine) if (engine)
{ {
HCERTSTORE worldStores[4]; *phChainEngine = engine;
engine->ref = 1;
if (pConfig->hRestrictedRoot)
engine->hRoot = CertDuplicateStore(pConfig->hRestrictedRoot);
else
engine->hRoot = CertOpenSystemStoreW(0, rootW);
engine->hWorld = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0,
CERT_STORE_CREATE_NEW_FLAG, NULL);
worldStores[0] = CertDuplicateStore(engine->hRoot);
worldStores[1] = CertOpenSystemStoreW(0, caW);
worldStores[2] = CertOpenSystemStoreW(0, myW);
worldStores[3] = CertOpenSystemStoreW(0, trustW);
CRYPT_AddStoresToCollection(engine->hWorld,
sizeof(worldStores) / sizeof(worldStores[0]), worldStores);
CRYPT_AddStoresToCollection(engine->hWorld,
pConfig->cAdditionalStore, pConfig->rghAdditionalStore);
CRYPT_CloseStores(sizeof(worldStores) / sizeof(worldStores[0]),
worldStores);
engine->dwFlags = pConfig->dwFlags;
engine->dwUrlRetrievalTimeout = pConfig->dwUrlRetrievalTimeout;
engine->MaximumCachedCertificates =
pConfig->MaximumCachedCertificates;
if (pConfig->CycleDetectionModulus)
engine->CycleDetectionModulus = pConfig->CycleDetectionModulus;
else
engine->CycleDetectionModulus = DEFAULT_CYCLE_MODULUS;
*phChainEngine = (HCERTCHAINENGINE)engine;
ret = TRUE; ret = TRUE;
} }
else else
......
...@@ -251,6 +251,13 @@ PWINECRYPT_CERTSTORE CRYPT_FileNameOpenStoreA(HCRYPTPROV hCryptProv, ...@@ -251,6 +251,13 @@ PWINECRYPT_CERTSTORE CRYPT_FileNameOpenStoreA(HCRYPTPROV hCryptProv,
PWINECRYPT_CERTSTORE CRYPT_FileNameOpenStoreW(HCRYPTPROV hCryptProv, PWINECRYPT_CERTSTORE CRYPT_FileNameOpenStoreW(HCRYPTPROV hCryptProv,
DWORD dwFlags, const void *pvPara); DWORD dwFlags, const void *pvPara);
/* Allocates and initializes a certificate chain engine, but without creating
* the root store. Instead, it uses root, and assumes the caller has done any
* checking necessary.
*/
HCERTCHAINENGINE CRYPT_CreateChainEngine(HCERTSTORE root,
PCERT_CHAIN_ENGINE_CONFIG pConfig);
/* Helper function for store reading functions and /* Helper function for store reading functions and
* CertAddSerializedElementToStore. Returns a context of the appropriate type * CertAddSerializedElementToStore. Returns a context of the appropriate type
* if it can, or NULL otherwise. Doesn't validate any of the properties in * if it can, or NULL otherwise. Doesn't validate any of the properties in
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment