Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
W
wine-cw
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
wine
wine-cw
Commits
5f3cd853
Commit
5f3cd853
authored
Jul 08, 2022
by
Paul Gofman
Committed by
Alexandre Julliard
Jul 11, 2022
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
crypt32: Support MICROSOFT_ROOT_CERT_CHAIN_POLICY_CHECK_APPLICATION_ROOT_FLAG.
Signed-off-by:
Paul Gofman
<
pgofman@codeweavers.com
>
parent
6f9cc9a0
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
75 additions
and
4 deletions
+75
-4
chain.c
dlls/crypt32/chain.c
+59
-4
chain.c
dlls/crypt32/tests/chain.c
+15
-0
wincrypt.h
include/wincrypt.h
+1
-0
No files found.
dlls/crypt32/chain.c
View file @
5f3cd853
...
@@ -3696,6 +3696,44 @@ static BYTE msPubKey4[] = {
...
@@ -3696,6 +3696,44 @@ static BYTE msPubKey4[] = {
0xa6
,
0xc6
,
0x48
,
0x4c
,
0xc3
,
0x37
,
0x51
,
0x23
,
0xd3
,
0x27
,
0xd7
,
0xb8
,
0x4e
,
0x70
,
0x96
,
0xa6
,
0xc6
,
0x48
,
0x4c
,
0xc3
,
0x37
,
0x51
,
0x23
,
0xd3
,
0x27
,
0xd7
,
0xb8
,
0x4e
,
0x70
,
0x96
,
0xf0
,
0xa1
,
0x44
,
0x76
,
0xaf
,
0x78
,
0xcf
,
0x9a
,
0xe1
,
0x66
,
0x13
,
0x02
,
0x03
,
0x01
,
0x00
,
0xf0
,
0xa1
,
0x44
,
0x76
,
0xaf
,
0x78
,
0xcf
,
0x9a
,
0xe1
,
0x66
,
0x13
,
0x02
,
0x03
,
0x01
,
0x00
,
0x01
};
0x01
};
/* from Microsoft Root Certificate Authority 2011 */
static
BYTE
msPubKey5
[]
=
{
0x30
,
0x82
,
0x02
,
0x0a
,
0x02
,
0x82
,
0x02
,
0x01
,
0x00
,
0xb2
,
0x80
,
0x41
,
0xaa
,
0x35
,
0x38
,
0x4d
,
0x13
,
0x72
,
0x32
,
0x68
,
0x22
,
0x4d
,
0xb8
,
0xb2
,
0xf1
,
0xff
,
0xd5
,
0x52
,
0xbc
,
0x6c
,
0xc7
,
0xf5
,
0xd2
,
0x4a
,
0x8c
,
0x36
,
0xee
,
0xd1
,
0xc2
,
0x5c
,
0x7e
,
0x8c
,
0x8a
,
0xae
,
0xaf
,
0x13
,
0x28
,
0x6f
,
0xc0
,
0x73
,
0xe3
,
0x3a
,
0xce
,
0xd0
,
0x25
,
0xa8
,
0x5a
,
0x3a
,
0x6d
,
0xef
,
0xa8
,
0xb8
,
0x59
,
0xab
,
0x13
,
0x23
,
0x68
,
0xcd
,
0x0c
,
0x29
,
0x87
,
0xd1
,
0x6f
,
0x80
,
0x5c
,
0x8f
,
0x44
,
0x7f
,
0x5d
,
0x90
,
0x01
,
0x52
,
0x58
,
0xac
,
0x51
,
0xc5
,
0x5f
,
0x2a
,
0x87
,
0xdc
,
0xdc
,
0xd8
,
0x0a
,
0x1d
,
0xc1
,
0x03
,
0xb9
,
0x7b
,
0xb0
,
0x56
,
0xe8
,
0xa3
,
0xde
,
0x64
,
0x61
,
0xc2
,
0x9e
,
0xf8
,
0xf3
,
0x7c
,
0xb9
,
0xec
,
0x0d
,
0xb5
,
0x54
,
0xfe
,
0x4c
,
0xb6
,
0x65
,
0x4f
,
0x88
,
0xf0
,
0x9c
,
0x48
,
0x99
,
0x0c
,
0x42
,
0x0b
,
0x09
,
0x7c
,
0x31
,
0x59
,
0x17
,
0x79
,
0x06
,
0x78
,
0x28
,
0x8d
,
0x89
,
0x3a
,
0x4c
,
0x03
,
0x25
,
0xbe
,
0x71
,
0x6a
,
0x5c
,
0x0b
,
0xe7
,
0x84
,
0x60
,
0xa4
,
0x99
,
0x22
,
0xe3
,
0xd2
,
0xaf
,
0x84
,
0xa4
,
0xa7
,
0xfb
,
0xd1
,
0x98
,
0xed
,
0x0c
,
0xa9
,
0xde
,
0x94
,
0x89
,
0xe1
,
0x0e
,
0xa0
,
0xdc
,
0xc0
,
0xce
,
0x99
,
0x3d
,
0xea
,
0x08
,
0x52
,
0xbb
,
0x56
,
0x79
,
0xe4
,
0x1f
,
0x84
,
0xba
,
0x1e
,
0xb8
,
0xb4
,
0xc4
,
0x49
,
0x5c
,
0x4f
,
0x31
,
0x4b
,
0x87
,
0xdd
,
0xdd
,
0x05
,
0x67
,
0x26
,
0x99
,
0x80
,
0xe0
,
0x71
,
0x11
,
0xa3
,
0xb8
,
0xa5
,
0x41
,
0xe2
,
0xa4
,
0x53
,
0xb9
,
0xf7
,
0x32
,
0x29
,
0x83
,
0x0c
,
0x13
,
0xbf
,
0x36
,
0x5e
,
0x04
,
0xb3
,
0x4b
,
0x43
,
0x47
,
0x2f
,
0x6b
,
0xe2
,
0x91
,
0x1e
,
0xd3
,
0x98
,
0x4f
,
0xdd
,
0x42
,
0x07
,
0xc8
,
0xe8
,
0x1d
,
0x12
,
0xfc
,
0x99
,
0xa9
,
0x6b
,
0x3e
,
0x92
,
0x7e
,
0xc8
,
0xd6
,
0x69
,
0x3a
,
0xfc
,
0x64
,
0xbd
,
0xb6
,
0x09
,
0x9d
,
0xca
,
0xfd
,
0x0c
,
0x0b
,
0xa2
,
0x9b
,
0x77
,
0x60
,
0x4b
,
0x03
,
0x94
,
0xa4
,
0x30
,
0x69
,
0x12
,
0xd6
,
0x42
,
0x2d
,
0xc1
,
0x41
,
0x4c
,
0xca
,
0xdc
,
0xaa
,
0xfd
,
0x8f
,
0x5b
,
0x83
,
0x46
,
0x9a
,
0xd9
,
0xfc
,
0xb1
,
0xd1
,
0xe3
,
0xb3
,
0xc9
,
0x7f
,
0x48
,
0x7a
,
0xcd
,
0x24
,
0xf0
,
0x41
,
0x8f
,
0x5c
,
0x74
,
0xd0
,
0xac
,
0xb0
,
0x10
,
0x20
,
0x06
,
0x49
,
0xb7
,
0xc7
,
0x2d
,
0x21
,
0xc8
,
0x57
,
0xe3
,
0xd0
,
0x86
,
0xf3
,
0x03
,
0x68
,
0xfb
,
0xd0
,
0xce
,
0x71
,
0xc1
,
0x89
,
0x99
,
0x4a
,
0x64
,
0x01
,
0x6c
,
0xfd
,
0xec
,
0x30
,
0x91
,
0xcf
,
0x41
,
0x3c
,
0x92
,
0xc7
,
0xe5
,
0xba
,
0x86
,
0x1d
,
0x61
,
0x84
,
0xc7
,
0x5f
,
0x83
,
0x39
,
0x62
,
0xae
,
0xb4
,
0x92
,
0x2f
,
0x47
,
0xf3
,
0x0b
,
0xf8
,
0x55
,
0xeb
,
0xa0
,
0x1f
,
0x59
,
0xd0
,
0xbb
,
0x74
,
0x9b
,
0x1e
,
0xd0
,
0x76
,
0xe6
,
0xf2
,
0xe9
,
0x06
,
0xd7
,
0x10
,
0xe8
,
0xfa
,
0x64
,
0xde
,
0x69
,
0xc6
,
0x35
,
0x96
,
0x88
,
0x02
,
0xf0
,
0x46
,
0xb8
,
0x3f
,
0x27
,
0x99
,
0x6f
,
0xcb
,
0x71
,
0x89
,
0x29
,
0x35
,
0xf7
,
0x48
,
0x16
,
0x02
,
0x35
,
0x8f
,
0xd5
,
0x79
,
0x7c
,
0x4d
,
0x02
,
0xcf
,
0x5f
,
0xeb
,
0x8a
,
0x83
,
0x4f
,
0x45
,
0x71
,
0x88
,
0xf9
,
0xa9
,
0x0d
,
0x4e
,
0x72
,
0xe9
,
0xc2
,
0x9c
,
0x07
,
0xcf
,
0x49
,
0x1b
,
0x4e
,
0x04
,
0x0e
,
0x63
,
0x51
,
0x8c
,
0x5e
,
0xd8
,
0x00
,
0xc1
,
0x55
,
0x2c
,
0xb6
,
0xc6
,
0xe0
,
0xc2
,
0x65
,
0x4e
,
0xc9
,
0x34
,
0x39
,
0xf5
,
0x9c
,
0xb3
,
0xc4
,
0x7e
,
0xe8
,
0x61
,
0x6e
,
0x13
,
0x5f
,
0x15
,
0xc4
,
0x5f
,
0xd9
,
0x7e
,
0xed
,
0x1d
,
0xce
,
0xee
,
0x44
,
0xec
,
0xcb
,
0x2e
,
0x86
,
0xb1
,
0xec
,
0x38
,
0xf6
,
0x70
,
0xed
,
0xab
,
0x5c
,
0x13
,
0xc1
,
0xd9
,
0x0f
,
0x0d
,
0xc7
,
0x80
,
0xb2
,
0x55
,
0xed
,
0x34
,
0xf7
,
0xac
,
0x9b
,
0xe4
,
0xc3
,
0xda
,
0xe7
,
0x47
,
0x3c
,
0xa6
,
0xb5
,
0x8f
,
0x31
,
0xdf
,
0xc5
,
0x4b
,
0xaf
,
0xeb
,
0xf1
,
0x02
,
0x03
,
0x01
,
0x00
,
0x01
};
static
BOOL
WINAPI
verify_ms_root_policy
(
LPCSTR
szPolicyOID
,
static
BOOL
WINAPI
verify_ms_root_policy
(
LPCSTR
szPolicyOID
,
PCCERT_CHAIN_CONTEXT
pChainContext
,
PCERT_CHAIN_POLICY_PARA
pPolicyPara
,
PCCERT_CHAIN_CONTEXT
pChainContext
,
PCERT_CHAIN_POLICY_PARA
pPolicyPara
,
...
@@ -3705,21 +3743,38 @@ static BOOL WINAPI verify_ms_root_policy(LPCSTR szPolicyOID,
...
@@ -3705,21 +3743,38 @@ static BOOL WINAPI verify_ms_root_policy(LPCSTR szPolicyOID,
CERT_PUBLIC_KEY_INFO
msPubKey
=
{
{
0
}
};
CERT_PUBLIC_KEY_INFO
msPubKey
=
{
{
0
}
};
DWORD
i
;
DWORD
i
;
CRYPT_DATA_BLOB
keyBlobs
[]
=
{
static
const
CRYPT_DATA_BLOB
keyBlobs
[]
=
{
{
sizeof
(
msPubKey1
),
msPubKey1
},
{
sizeof
(
msPubKey1
),
msPubKey1
},
{
sizeof
(
msPubKey2
),
msPubKey2
},
{
sizeof
(
msPubKey2
),
msPubKey2
},
{
sizeof
(
msPubKey3
),
msPubKey3
},
{
sizeof
(
msPubKey3
),
msPubKey3
},
{
sizeof
(
msPubKey4
),
msPubKey4
},
{
sizeof
(
msPubKey4
),
msPubKey4
},
};
};
static
const
CRYPT_DATA_BLOB
keyBlobs_approot
[]
=
{
{
sizeof
(
msPubKey5
),
msPubKey5
},
};
PCERT_SIMPLE_CHAIN
rootChain
=
PCERT_SIMPLE_CHAIN
rootChain
=
pChainContext
->
rgpChain
[
pChainContext
->
cChain
-
1
];
pChainContext
->
rgpChain
[
pChainContext
->
cChain
-
1
];
PCCERT_CONTEXT
root
=
PCCERT_CONTEXT
root
=
rootChain
->
rgpElement
[
rootChain
->
cElement
-
1
]
->
pCertContext
;
rootChain
->
rgpElement
[
rootChain
->
cElement
-
1
]
->
pCertContext
;
for
(
i
=
0
;
!
isMSRoot
&&
i
<
ARRAY_SIZE
(
keyBlobs
);
i
++
)
const
CRYPT_DATA_BLOB
*
keys
;
unsigned
int
key_count
;
if
(
pPolicyPara
&&
pPolicyPara
->
dwFlags
&
MICROSOFT_ROOT_CERT_CHAIN_POLICY_CHECK_APPLICATION_ROOT_FLAG
)
{
keys
=
keyBlobs_approot
;
key_count
=
ARRAY_SIZE
(
keyBlobs_approot
);
}
else
{
keys
=
keyBlobs
;
key_count
=
ARRAY_SIZE
(
keyBlobs
);
}
for
(
i
=
0
;
!
isMSRoot
&&
i
<
key_count
;
i
++
)
{
{
msPubKey
.
PublicKey
.
cbData
=
key
Blob
s
[
i
].
cbData
;
msPubKey
.
PublicKey
.
cbData
=
keys
[
i
].
cbData
;
msPubKey
.
PublicKey
.
pbData
=
key
Blob
s
[
i
].
pbData
;
msPubKey
.
PublicKey
.
pbData
=
keys
[
i
].
pbData
;
if
(
CertComparePublicKeyInfo
(
X509_ASN_ENCODING
|
PKCS_7_ASN_ENCODING
,
if
(
CertComparePublicKeyInfo
(
X509_ASN_ENCODING
|
PKCS_7_ASN_ENCODING
,
&
root
->
pCertInfo
->
SubjectPublicKeyInfo
,
&
msPubKey
))
isMSRoot
=
TRUE
;
&
root
->
pCertInfo
->
SubjectPublicKeyInfo
,
&
msPubKey
))
isMSRoot
=
TRUE
;
}
}
...
...
dlls/crypt32/tests/chain.c
View file @
5f3cd853
...
@@ -4958,6 +4958,13 @@ static const ChainPolicyCheck msRootPolicyCheck[] = {
...
@@ -4958,6 +4958,13 @@ static const ChainPolicyCheck msRootPolicyCheck[] = {
{
0
,
CERT_E_UNTRUSTEDROOT
,
0
,
0
,
NULL
},
NULL
,
0
},
{
0
,
CERT_E_UNTRUSTEDROOT
,
0
,
0
,
NULL
},
NULL
,
0
},
};
};
static
const
ChainPolicyCheck
msRootPolicyCheck_approot
[]
=
{
{
{
ARRAY_SIZE
(
chain32
),
chain32
},
{
0
,
CERT_E_UNTRUSTEDROOT
,
0
,
2
,
NULL
},
NULL
,
TODO_ELEMENTS
},
{
{
ARRAY_SIZE
(
chain33
),
chain33
},
{
0
,
0
,
0
,
0
,
NULL
},
NULL
,
0
},
};
static
const
char
*
num_to_str
(
WORD
num
)
static
const
char
*
num_to_str
(
WORD
num
)
{
{
static
char
buf
[
6
];
static
char
buf
[
6
];
...
@@ -5295,8 +5302,16 @@ static void check_ssl_policy(void)
...
@@ -5295,8 +5302,16 @@ static void check_ssl_policy(void)
static
void
check_msroot_policy
(
void
)
static
void
check_msroot_policy
(
void
)
{
{
CERT_CHAIN_POLICY_PARA
para
;
CHECK_CHAIN_POLICY_STATUS_ARRAY
(
CERT_CHAIN_POLICY_MICROSOFT_ROOT
,
NULL
,
CHECK_CHAIN_POLICY_STATUS_ARRAY
(
CERT_CHAIN_POLICY_MICROSOFT_ROOT
,
NULL
,
msRootPolicyCheck
,
&
may2020
,
NULL
);
msRootPolicyCheck
,
&
may2020
,
NULL
);
para
.
cbSize
=
sizeof
(
para
);
para
.
pvExtraPolicyPara
=
NULL
;
para
.
dwFlags
=
MICROSOFT_ROOT_CERT_CHAIN_POLICY_CHECK_APPLICATION_ROOT_FLAG
;
CHECK_CHAIN_POLICY_STATUS_ARRAY
(
CERT_CHAIN_POLICY_MICROSOFT_ROOT
,
NULL
,
msRootPolicyCheck_approot
,
&
may2020
,
&
para
);
}
}
static
void
testVerifyCertChainPolicy
(
void
)
static
void
testVerifyCertChainPolicy
(
void
)
...
...
include/wincrypt.h
View file @
5f3cd853
...
@@ -1086,6 +1086,7 @@ typedef struct _CERT_CHAIN_POLICY_STATUS {
...
@@ -1086,6 +1086,7 @@ typedef struct _CERT_CHAIN_POLICY_STATUS {
#define CERT_CHAIN_POLICY_TRUST_TESTROOT_FLAG 0x00004000
#define CERT_CHAIN_POLICY_TRUST_TESTROOT_FLAG 0x00004000
#define CERT_CHAIN_POLICY_ALLOW_TESTROOT_FLAG 0x00008000
#define CERT_CHAIN_POLICY_ALLOW_TESTROOT_FLAG 0x00008000
#define MICROSOFT_ROOT_CERT_CHAIN_POLICY_ENABLE_TEST_ROOT_FLAG 0x00010000
#define MICROSOFT_ROOT_CERT_CHAIN_POLICY_ENABLE_TEST_ROOT_FLAG 0x00010000
#define MICROSOFT_ROOT_CERT_CHAIN_POLICY_CHECK_APPLICATION_ROOT_FLAG 0x00020000
typedef
struct
_AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_PARA
{
typedef
struct
_AUTHENTICODE_EXTRA_CERT_CHAIN_POLICY_PARA
{
DWORD
cbSize
;
DWORD
cbSize
;
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment