Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
W
wine-cw
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
wine
wine-cw
Commits
c4c70b60
Commit
c4c70b60
authored
Oct 04, 2010
by
Juan Lang
Committed by
Alexandre Julliard
Oct 06, 2010
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
crypt32/tests: Add more tests of verifying the base policy, including flags to…
crypt32/tests: Add more tests of verifying the base policy, including flags to ignore certain errors.
parent
c6a6541d
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
66 additions
and
4 deletions
+66
-4
chain.c
dlls/crypt32/tests/chain.c
+66
-4
No files found.
dlls/crypt32/tests/chain.c
View file @
c4c70b60
...
...
@@ -3745,6 +3745,38 @@ static const ChainPolicyCheck basePolicyCheck[] = {
{
0
,
CERT_E_UNTRUSTEDROOT
,
0
,
0
,
NULL
},
NULL
,
0
},
};
static
const
ChainPolicyCheck
ignoredUnknownCABasePolicyCheck
=
{
{
sizeof
(
chain0
)
/
sizeof
(
chain0
[
0
]),
chain0
},
{
0
,
CERT_E_EXPIRED
,
0
,
0
,
NULL
},
NULL
,
TODO_ERROR
};
/* Windows NT 4 has a different error code when the validity period doesn't
* nest. (It's arguably more correct than other Windows versions, but since
* others do not emulate its behavior, we mark its behavior broken.)
*/
static
const
CERT_CHAIN_POLICY_STATUS
badDateNestingStatus
=
{
0
,
CERT_E_VALIDITYPERIODNESTING
,
0
,
0
,
NULL
};
static
const
ChainPolicyCheck
ignoredBadDateNestingBasePolicyCheck
=
{
{
sizeof
(
chain2
)
/
sizeof
(
chain2
[
0
]),
chain2
},
{
0
,
CERT_E_EXPIRED
,
0
,
1
,
NULL
},
&
badDateNestingStatus
,
TODO_ERROR
};
static
const
ChainPolicyCheck
ignoredInvalidDateBasePolicyCheck
=
{
{
sizeof
(
googleChain
)
/
sizeof
(
googleChain
[
0
]),
googleChain
},
{
0
,
CERT_E_EXPIRED
,
0
,
1
,
NULL
},
NULL
,
TODO_ERROR
};
static
const
ChainPolicyCheck
ignoredInvalidUsageBasePolicyCheck
=
{
{
sizeof
(
chain15
)
/
sizeof
(
chain15
[
0
]),
chain15
},
{
0
,
CERT_E_EXPIRED
,
0
,
1
,
NULL
},
NULL
,
TODO_ERROR
};
static
const
ChainPolicyCheck
invalidUsageBasePolicyCheck
=
{
{
sizeof
(
chain15
)
/
sizeof
(
chain15
[
0
]),
chain15
},
{
0
,
CERT_E_WRONG_USAGE
,
0
,
1
,
NULL
},
NULL
,
TODO_ERROR
};
static
const
ChainPolicyCheck
sslPolicyCheck
[]
=
{
{
{
sizeof
(
chain0
)
/
sizeof
(
chain0
[
0
]),
chain0
},
{
0
,
CERT_E_UNTRUSTEDROOT
,
0
,
1
,
NULL
},
NULL
,
0
},
...
...
@@ -4039,6 +4071,39 @@ static void checkChainPolicyStatus(LPCSTR policy, HCERTCHAINENGINE engine,
}
}
static
void
check_base_policy
(
void
)
{
DWORD
i
;
CERT_CHAIN_POLICY_PARA
policyPara
=
{
0
};
for
(
i
=
0
;
i
<
sizeof
(
basePolicyCheck
)
/
sizeof
(
basePolicyCheck
[
0
]);
i
++
)
checkChainPolicyStatus
(
CERT_CHAIN_POLICY_BASE
,
NULL
,
&
basePolicyCheck
[
i
],
i
,
&
oct2007
,
NULL
);
policyPara
.
cbSize
=
sizeof
(
policyPara
);
policyPara
.
dwFlags
=
CERT_CHAIN_POLICY_ALLOW_UNKNOWN_CA_FLAG
;
checkChainPolicyStatus
(
CERT_CHAIN_POLICY_BASE
,
NULL
,
&
ignoredUnknownCABasePolicyCheck
,
0
,
&
oct2007
,
&
policyPara
);
policyPara
.
dwFlags
=
CERT_CHAIN_POLICY_ALLOW_UNKNOWN_CA_FLAG
|
CERT_CHAIN_POLICY_IGNORE_NOT_TIME_VALID_FLAG
;
checkChainPolicyStatus
(
CERT_CHAIN_POLICY_BASE
,
NULL
,
&
ignoredBadDateNestingBasePolicyCheck
,
0
,
&
oct2007
,
&
policyPara
);
policyPara
.
dwFlags
=
CERT_CHAIN_POLICY_IGNORE_NOT_TIME_VALID_FLAG
;
checkChainPolicyStatus
(
CERT_CHAIN_POLICY_BASE
,
NULL
,
&
ignoredInvalidDateBasePolicyCheck
,
0
,
&
oct2007
,
&
policyPara
);
policyPara
.
dwFlags
=
CERT_CHAIN_POLICY_ALLOW_UNKNOWN_CA_FLAG
|
CERT_CHAIN_POLICY_IGNORE_WRONG_USAGE_FLAG
;
policyPara
.
dwFlags
=
CERT_CHAIN_POLICY_ALLOW_UNKNOWN_CA_FLAG
|
CERT_CHAIN_POLICY_IGNORE_NOT_TIME_VALID_FLAG
|
CERT_CHAIN_POLICY_IGNORE_WRONG_USAGE_FLAG
;
checkChainPolicyStatus
(
CERT_CHAIN_POLICY_BASE
,
NULL
,
&
ignoredInvalidUsageBasePolicyCheck
,
0
,
&
oct2007
,
&
policyPara
);
policyPara
.
dwFlags
=
CERT_CHAIN_POLICY_ALLOW_UNKNOWN_CA_FLAG
|
CERT_CHAIN_POLICY_IGNORE_NOT_TIME_VALID_FLAG
;
checkChainPolicyStatus
(
CERT_CHAIN_POLICY_BASE
,
NULL
,
&
invalidUsageBasePolicyCheck
,
0
,
&
oct2007
,
&
policyPara
);
}
static
void
check_ssl_policy
(
void
)
{
DWORD
i
;
...
...
@@ -4288,10 +4353,7 @@ static void testVerifyCertChainPolicy(void)
pCertFreeCertificateChain
(
chain
);
CertFreeCertificateContext
(
cert
);
for
(
i
=
0
;
i
<
sizeof
(
basePolicyCheck
)
/
sizeof
(
basePolicyCheck
[
0
]);
i
++
)
checkChainPolicyStatus
(
CERT_CHAIN_POLICY_BASE
,
NULL
,
&
basePolicyCheck
[
i
],
i
,
&
oct2007
,
NULL
);
check_base_policy
();
check_ssl_policy
();
/* The authenticode policy doesn't seem to check anything beyond the base
* policy. It might check for chains signed by the MS test cert, but none
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment