Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
W
wine-cw
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
wine
wine-cw
Commits
77ea583a
Commit
77ea583a
authored
Jun 21, 2006
by
Juan Lang
Committed by
Alexandre Julliard
Jun 22, 2006
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
crypt32: Implement CertGetCRLFromStore.
- implement CertGetCRLFromStore, with tests - update tests for CRL revocation functions to show name isn't checked
parent
2a0c37d8
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
131 additions
and
2 deletions
+131
-2
crl.c
dlls/crypt32/crl.c
+41
-1
crypt32.spec
dlls/crypt32/crypt32.spec
+1
-1
crl.c
dlls/crypt32/tests/crl.c
+86
-0
wincrypt.h
include/wincrypt.h
+3
-0
No files found.
dlls/crypt32/crl.c
View file @
77ea583a
...
@@ -184,6 +184,47 @@ PCCRL_CONTEXT WINAPI CertFindCRLInStore(HCERTSTORE hCertStore,
...
@@ -184,6 +184,47 @@ PCCRL_CONTEXT WINAPI CertFindCRLInStore(HCERTSTORE hCertStore,
return
ret
;
return
ret
;
}
}
PCCRL_CONTEXT
WINAPI
CertGetCRLFromStore
(
HCERTSTORE
hCertStore
,
PCCERT_CONTEXT
pIssuerContext
,
PCCRL_CONTEXT
pPrevCrlContext
,
DWORD
*
pdwFlags
)
{
static
const
DWORD
supportedFlags
=
CERT_STORE_SIGNATURE_FLAG
|
CERT_STORE_TIME_VALIDITY_FLAG
|
CERT_STORE_BASE_CRL_FLAG
|
CERT_STORE_DELTA_CRL_FLAG
;
PCCRL_CONTEXT
ret
;
TRACE
(
"(%p, %p, %p, %08lx)
\n
"
,
hCertStore
,
pIssuerContext
,
pPrevCrlContext
,
*
pdwFlags
);
if
(
*
pdwFlags
&
~
supportedFlags
)
{
SetLastError
(
E_INVALIDARG
);
return
NULL
;
}
if
(
pIssuerContext
)
ret
=
CertFindCRLInStore
(
hCertStore
,
pIssuerContext
->
dwCertEncodingType
,
0
,
CRL_FIND_ISSUED_BY
,
pIssuerContext
,
pPrevCrlContext
);
else
ret
=
CertFindCRLInStore
(
hCertStore
,
0
,
0
,
CRL_FIND_ANY
,
NULL
,
pPrevCrlContext
);
if
(
ret
)
{
if
(
*
pdwFlags
&
CERT_STORE_TIME_VALIDITY_FLAG
)
{
if
(
0
==
CertVerifyCRLTimeValidity
(
NULL
,
ret
->
pCrlInfo
))
*
pdwFlags
&=
~
CERT_STORE_TIME_VALIDITY_FLAG
;
}
if
(
*
pdwFlags
&
CERT_STORE_SIGNATURE_FLAG
)
{
if
(
CryptVerifyCertificateSignatureEx
(
0
,
ret
->
dwCertEncodingType
,
CRYPT_VERIFY_CERT_SIGN_SUBJECT_CRL
,
(
void
*
)
ret
,
CRYPT_VERIFY_CERT_SIGN_ISSUER_CERT
,
(
void
*
)
pIssuerContext
,
0
,
NULL
))
*
pdwFlags
&=
~
CERT_STORE_SIGNATURE_FLAG
;
}
}
return
ret
;
}
PCCRL_CONTEXT
WINAPI
CertDuplicateCRLContext
(
PCCRL_CONTEXT
pCrlContext
)
PCCRL_CONTEXT
WINAPI
CertDuplicateCRLContext
(
PCCRL_CONTEXT
pCrlContext
)
{
{
TRACE
(
"(%p)
\n
"
,
pCrlContext
);
TRACE
(
"(%p)
\n
"
,
pCrlContext
);
...
@@ -437,7 +478,6 @@ static PCRL_ENTRY CRYPT_FindCertificateInCRL(PCERT_INFO cert, PCRL_INFO crl)
...
@@ -437,7 +478,6 @@ static PCRL_ENTRY CRYPT_FindCertificateInCRL(PCERT_INFO cert, PCRL_INFO crl)
DWORD
i
;
DWORD
i
;
PCRL_ENTRY
entry
=
NULL
;
PCRL_ENTRY
entry
=
NULL
;
/* FIXME: do I need to compare the issuers of the cert and CRL? */
for
(
i
=
0
;
!
entry
&&
i
<
crl
->
cCRLEntry
;
i
++
)
for
(
i
=
0
;
!
entry
&&
i
<
crl
->
cCRLEntry
;
i
++
)
if
(
CertCompareIntegerBlob
(
&
crl
->
rgCRLEntry
[
i
].
SerialNumber
,
if
(
CertCompareIntegerBlob
(
&
crl
->
rgCRLEntry
[
i
].
SerialNumber
,
&
cert
->
SerialNumber
))
&
cert
->
SerialNumber
))
...
...
dlls/crypt32/crypt32.spec
View file @
77ea583a
...
@@ -48,7 +48,7 @@
...
@@ -48,7 +48,7 @@
@ stub CertFreeCertificateChainEngine
@ stub CertFreeCertificateChainEngine
@ stdcall CertFreeCertificateContext(ptr)
@ stdcall CertFreeCertificateContext(ptr)
@ stdcall CertGetCRLContextProperty(ptr long ptr ptr)
@ stdcall CertGetCRLContextProperty(ptr long ptr ptr)
@ st
ub CertGetCRLFromStore
@ st
dcall CertGetCRLFromStore(ptr ptr ptr ptr)
@ stdcall CertGetCTLContextProperty(ptr long ptr ptr)
@ stdcall CertGetCTLContextProperty(ptr long ptr ptr)
@ stub CertGetCertificateChain
@ stub CertGetCertificateChain
@ stdcall CertGetCertificateContextProperty(ptr long ptr ptr)
@ stdcall CertGetCertificateContextProperty(ptr long ptr ptr)
...
...
dlls/crypt32/tests/crl.c
View file @
77ea583a
...
@@ -249,6 +249,67 @@ static void testFindCRL(void)
...
@@ -249,6 +249,67 @@ static void testFindCRL(void)
CertCloseStore
(
store
,
0
);
CertCloseStore
(
store
,
0
);
}
}
static
void
testGetCRLFromStore
(
void
)
{
HCERTSTORE
store
=
CertOpenStore
(
CERT_STORE_PROV_MEMORY
,
0
,
0
,
CERT_STORE_CREATE_NEW_FLAG
,
NULL
);
PCCRL_CONTEXT
context
;
PCCERT_CONTEXT
cert
;
DWORD
flags
;
BOOL
ret
;
if
(
!
store
)
return
;
/* Crash
context = CertGetCRLFromStore(NULL, NULL, NULL, NULL);
context = CertGetCRLFromStore(store, NULL, NULL, NULL);
*/
/* Bogus flags */
flags
=
0xffffffff
;
context
=
CertGetCRLFromStore
(
store
,
NULL
,
NULL
,
&
flags
);
ok
(
!
context
&&
GetLastError
()
==
E_INVALIDARG
,
"Expected E_INVALIDARG, got %08lx
\n
"
,
GetLastError
());
/* Test an empty store */
flags
=
0
;
context
=
CertGetCRLFromStore
(
store
,
NULL
,
NULL
,
&
flags
);
ok
(
context
==
NULL
&&
GetLastError
()
==
CRYPT_E_NOT_FOUND
,
"Expected CRYPT_E_NOT_FOUND, got %08lx
\n
"
,
GetLastError
());
ret
=
CertAddEncodedCRLToStore
(
store
,
X509_ASN_ENCODING
,
signedCRL
,
sizeof
(
signedCRL
),
CERT_STORE_ADD_ALWAYS
,
NULL
);
ok
(
ret
,
"CertAddEncodedCRLToStore failed: %08lx
\n
"
,
GetLastError
());
/* NULL matches any CRL */
flags
=
0
;
context
=
CertGetCRLFromStore
(
store
,
NULL
,
NULL
,
&
flags
);
ok
(
context
!=
NULL
,
"Expected a context
\n
"
);
CertFreeCRLContext
(
context
);
/* This cert's issuer isn't in */
cert
=
CertCreateCertificateContext
(
X509_ASN_ENCODING
,
bigCert2
,
sizeof
(
bigCert2
));
ok
(
cert
!=
NULL
,
"CertCreateCertificateContext failed: %08lx
\n
"
,
GetLastError
());
context
=
CertGetCRLFromStore
(
store
,
cert
,
NULL
,
&
flags
);
ok
(
context
==
NULL
&&
GetLastError
()
==
CRYPT_E_NOT_FOUND
,
"Expected CRYPT_E_NOT_FOUND, got %08lx
\n
"
,
GetLastError
());
CertFreeCertificateContext
(
cert
);
/* But this one is */
cert
=
CertCreateCertificateContext
(
X509_ASN_ENCODING
,
bigCert
,
sizeof
(
bigCert
));
ok
(
cert
!=
NULL
,
"CertCreateCertificateContext failed: %08lx
\n
"
,
GetLastError
());
context
=
CertGetCRLFromStore
(
store
,
cert
,
NULL
,
&
flags
);
ok
(
context
!=
NULL
,
"Expected a context
\n
"
);
CertFreeCRLContext
(
context
);
CertFreeCertificateContext
(
cert
);
CertCloseStore
(
store
,
0
);
}
static
void
checkCRLHash
(
const
BYTE
*
data
,
DWORD
dataLen
,
ALG_ID
algID
,
static
void
checkCRLHash
(
const
BYTE
*
data
,
DWORD
dataLen
,
ALG_ID
algID
,
PCCRL_CONTEXT
context
,
DWORD
propID
)
PCCRL_CONTEXT
context
,
DWORD
propID
)
{
{
...
@@ -513,6 +574,13 @@ static void testIsValidCRLForCert(void)
...
@@ -513,6 +574,13 @@ static void testIsValidCRLForCert(void)
CertFreeCertificateContext
(
cert1
);
CertFreeCertificateContext
(
cert1
);
}
}
static
const
BYTE
crlWithDifferentIssuer
[]
=
{
0x30
,
0x47
,
0x02
,
0x01
,
0x01
,
0x30
,
0x02
,
0x06
,
0x00
,
0x30
,
0x15
,
0x31
,
0x13
,
0x30
,
0x11
,
0x06
,
0x03
,
0x55
,
0x04
,
0x03
,
0x13
,
0x0a
,
0x41
,
0x6c
,
0x65
,
0x78
,
0x20
,
0x4c
,
0x61
,
0x6e
,
0x67
,
0x00
,
0x18
,
0x0f
,
0x31
,
0x36
,
0x30
,
0x31
,
0x30
,
0x31
,
0x30
,
0x31
,
0x30
,
0x30
,
0x30
,
0x30
,
0x30
,
0x30
,
0x5a
,
0x30
,
0x16
,
0x30
,
0x14
,
0x02
,
0x01
,
0x01
,
0x18
,
0x0f
,
0x31
,
0x36
,
0x30
,
0x31
,
0x30
,
0x31
,
0x30
,
0x31
,
0x30
,
0x30
,
0x30
,
0x30
,
0x30
,
0x30
,
0x5a
};
static
void
testFindCertInCRL
(
void
)
static
void
testFindCertInCRL
(
void
)
{
{
BOOL
ret
;
BOOL
ret
;
...
@@ -549,6 +617,14 @@ static void testFindCertInCRL(void)
...
@@ -549,6 +617,14 @@ static void testFindCertInCRL(void)
ok
(
entry
!=
NULL
,
"Expected to find an entry in CRL
\n
"
);
ok
(
entry
!=
NULL
,
"Expected to find an entry in CRL
\n
"
);
CertFreeCRLContext
(
crl
);
CertFreeCRLContext
(
crl
);
/* Entry found even though CRL issuer doesn't match cert issuer */
crl
=
CertCreateCRLContext
(
X509_ASN_ENCODING
,
crlWithDifferentIssuer
,
sizeof
(
crlWithDifferentIssuer
));
ret
=
CertFindCertificateInCRL
(
cert
,
crl
,
0
,
NULL
,
&
entry
);
ok
(
ret
,
"CertFindCertificateInCRL failed: %08lx
\n
"
,
GetLastError
());
ok
(
entry
!=
NULL
,
"Expected to find an entry in CRL
\n
"
);
CertFreeCRLContext
(
crl
);
CertFreeCertificateContext
(
cert
);
CertFreeCertificateContext
(
cert
);
}
}
...
@@ -583,6 +659,15 @@ static void testVerifyCRLRevocation(void)
...
@@ -583,6 +659,15 @@ static void testVerifyCRLRevocation(void)
ok
(
!
ret
,
"CertVerifyCRLRevocation should have been revoked
\n
"
);
ok
(
!
ret
,
"CertVerifyCRLRevocation should have been revoked
\n
"
);
CertFreeCRLContext
(
crl
);
CertFreeCRLContext
(
crl
);
/* Check against CRL with different issuer and entry for the cert */
crl
=
CertCreateCRLContext
(
X509_ASN_ENCODING
,
v1CRLWithIssuerAndEntry
,
sizeof
(
v1CRLWithIssuerAndEntry
));
ok
(
crl
!=
NULL
,
"CertCreateCRLContext failed: %08lx
\n
"
,
GetLastError
());
ret
=
CertVerifyCRLRevocation
(
X509_ASN_ENCODING
,
cert
->
pCertInfo
,
1
,
(
PCRL_INFO
*
)
&
crl
->
pCrlInfo
);
ok
(
!
ret
,
"CertVerifyCRLRevocation should have been revoked
\n
"
);
CertFreeCRLContext
(
crl
);
/* Check against CRL without entry for the cert */
/* Check against CRL without entry for the cert */
crl
=
CertCreateCRLContext
(
X509_ASN_ENCODING
,
verisignCRL
,
crl
=
CertCreateCRLContext
(
X509_ASN_ENCODING
,
verisignCRL
,
sizeof
(
verisignCRL
));
sizeof
(
verisignCRL
));
...
@@ -602,6 +687,7 @@ START_TEST(crl)
...
@@ -602,6 +687,7 @@ START_TEST(crl)
testCreateCRL
();
testCreateCRL
();
testAddCRL
();
testAddCRL
();
testFindCRL
();
testFindCRL
();
testGetCRLFromStore
();
testCRLProperties
();
testCRLProperties
();
...
...
include/wincrypt.h
View file @
77ea583a
...
@@ -2881,6 +2881,9 @@ PCCERT_CONTEXT WINAPI CertGetIssuerCertificateFromStore(HCERTSTORE hCertStore,
...
@@ -2881,6 +2881,9 @@ PCCERT_CONTEXT WINAPI CertGetIssuerCertificateFromStore(HCERTSTORE hCertStore,
PCCERT_CONTEXT
WINAPI
CertGetSubjectCertificateFromStore
(
HCERTSTORE
hCertStore
,
PCCERT_CONTEXT
WINAPI
CertGetSubjectCertificateFromStore
(
HCERTSTORE
hCertStore
,
DWORD
dwCertEncodingType
,
PCERT_INFO
pCertId
);
DWORD
dwCertEncodingType
,
PCERT_INFO
pCertId
);
PCCRL_CONTEXT
WINAPI
CertGetCRLFromStore
(
HCERTSTORE
hCertStore
,
PCCERT_CONTEXT
pIssuerContext
,
PCCRL_CONTEXT
pPrevCrlContext
,
DWORD
*
pdwFlags
);
BOOL
WINAPI
CertSerializeCertificateStoreElement
(
PCCERT_CONTEXT
pCertContext
,
BOOL
WINAPI
CertSerializeCertificateStoreElement
(
PCCERT_CONTEXT
pCertContext
,
DWORD
dwFlags
,
BYTE
*
pbElement
,
DWORD
*
pcbElement
);
DWORD
dwFlags
,
BYTE
*
pbElement
,
DWORD
*
pcbElement
);
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment