Commit c4e07a5b authored by Juan Lang's avatar Juan Lang Committed by Alexandre Julliard

crypt32: Separate allocating a simple chain and checking it from building it.

parent a82b36ac
...@@ -515,15 +515,43 @@ static BOOL CRYPT_CheckSimpleChain(PCertificateChainEngine engine, ...@@ -515,15 +515,43 @@ static BOOL CRYPT_CheckSimpleChain(PCertificateChainEngine engine,
return ret; return ret;
} }
static BOOL CRYPT_BuildSimpleChain(HCERTCHAINENGINE hChainEngine, /* Builds a simple chain by finding an issuer for the last cert in the chain,
* until reaching a self-signed cert, or until no issuer can be found.
*/
static BOOL CRYPT_BuildSimpleChain(PCertificateChainEngine engine,
HCERTSTORE world, PCERT_SIMPLE_CHAIN chain)
{
BOOL ret = TRUE;
PCCERT_CONTEXT cert = chain->rgpElement[chain->cElement - 1]->pCertContext;
while (ret && !CRYPT_IsSimpleChainCyclic(chain) &&
!CRYPT_IsCertificateSelfSigned(cert))
{
DWORD flags;
PCCERT_CONTEXT issuer = CRYPT_GetIssuerFromStore(world, cert, &flags);
if (issuer)
{
ret = CRYPT_AddCertToSimpleChain(engine, chain, issuer, flags);
cert = issuer;
}
else
{
TRACE("Couldn't find issuer, halting chain creation\n");
break;
}
}
return ret;
}
static BOOL CRYPT_GetSimpleChainForCert(PCertificateChainEngine engine,
HCERTSTORE world, PCCERT_CONTEXT cert, LPFILETIME pTime, HCERTSTORE world, PCCERT_CONTEXT cert, LPFILETIME pTime,
PCERT_SIMPLE_CHAIN *ppChain) PCERT_SIMPLE_CHAIN *ppChain)
{ {
BOOL ret = FALSE; BOOL ret = FALSE;
PCertificateChainEngine engine = (PCertificateChainEngine)hChainEngine;
PCERT_SIMPLE_CHAIN chain; PCERT_SIMPLE_CHAIN chain;
TRACE("(%p, %p, %p, %p)\n", hChainEngine, world, cert, pTime); TRACE("(%p, %p, %p, %p)\n", engine, world, cert, pTime);
chain = CryptMemAlloc(sizeof(CERT_SIMPLE_CHAIN)); chain = CryptMemAlloc(sizeof(CERT_SIMPLE_CHAIN));
if (chain) if (chain)
...@@ -531,26 +559,12 @@ static BOOL CRYPT_BuildSimpleChain(HCERTCHAINENGINE hChainEngine, ...@@ -531,26 +559,12 @@ static BOOL CRYPT_BuildSimpleChain(HCERTCHAINENGINE hChainEngine,
memset(chain, 0, sizeof(CERT_SIMPLE_CHAIN)); memset(chain, 0, sizeof(CERT_SIMPLE_CHAIN));
chain->cbSize = sizeof(CERT_SIMPLE_CHAIN); chain->cbSize = sizeof(CERT_SIMPLE_CHAIN);
ret = CRYPT_AddCertToSimpleChain(engine, chain, cert, 0); ret = CRYPT_AddCertToSimpleChain(engine, chain, cert, 0);
while (ret && !CRYPT_IsSimpleChainCyclic(chain) && if (ret)
!CRYPT_IsCertificateSelfSigned(cert))
{ {
DWORD flags; ret = CRYPT_BuildSimpleChain(engine, world, chain);
PCCERT_CONTEXT issuer = CRYPT_GetIssuerFromStore(world, cert, if (ret)
&flags); ret = CRYPT_CheckSimpleChain(engine, chain, pTime);
if (issuer)
{
ret = CRYPT_AddCertToSimpleChain(engine, chain, issuer, flags);
cert = issuer;
}
else
{
TRACE("Couldn't find issuer, halting chain creation\n");
break;
}
} }
if (ret)
ret = CRYPT_CheckSimpleChain(engine, chain, pTime);
if (!ret) if (!ret)
{ {
CRYPT_FreeSimpleChain(chain); CRYPT_FreeSimpleChain(chain);
...@@ -578,7 +592,7 @@ static BOOL CRYPT_BuildCandidateChainFromCert(HCERTCHAINENGINE hChainEngine, ...@@ -578,7 +592,7 @@ static BOOL CRYPT_BuildCandidateChainFromCert(HCERTCHAINENGINE hChainEngine,
/* FIXME: only simple chains are supported for now, as CTLs aren't /* FIXME: only simple chains are supported for now, as CTLs aren't
* supported yet. * supported yet.
*/ */
if ((ret = CRYPT_BuildSimpleChain(hChainEngine, world, cert, pTime, if ((ret = CRYPT_GetSimpleChainForCert(engine, world, cert, pTime,
&simpleChain))) &simpleChain)))
{ {
PCertificateChain chain = CryptMemAlloc(sizeof(CertificateChain)); PCertificateChain chain = CryptMemAlloc(sizeof(CertificateChain));
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment