Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
W
wine-cw
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
wine
wine-cw
Commits
e7dd46b8
Commit
e7dd46b8
authored
Feb 11, 2009
by
Juan Lang
Committed by
Alexandre Julliard
Feb 12, 2009
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
crypt32: Add chain debugging channel for debugging certificate chaining errors.
parent
de2c6b86
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
100 additions
and
0 deletions
+100
-0
chain.c
dlls/crypt32/chain.c
+100
-0
No files found.
dlls/crypt32/chain.c
View file @
e7dd46b8
...
@@ -28,6 +28,7 @@
...
@@ -28,6 +28,7 @@
#include "crypt32_private.h"
#include "crypt32_private.h"
WINE_DEFAULT_DEBUG_CHANNEL
(
crypt
);
WINE_DEFAULT_DEBUG_CHANNEL
(
crypt
);
WINE_DECLARE_DEBUG_CHANNEL
(
chain
);
#define DEFAULT_CYCLE_MODULUS 7
#define DEFAULT_CYCLE_MODULUS 7
...
@@ -709,6 +710,101 @@ static void CRYPT_CheckChainNameConstraints(PCERT_SIMPLE_CHAIN chain)
...
@@ -709,6 +710,101 @@ static void CRYPT_CheckChainNameConstraints(PCERT_SIMPLE_CHAIN chain)
}
}
}
}
static
void
dump_basic_constraints
(
PCERT_EXTENSION
ext
)
{
CERT_BASIC_CONSTRAINTS_INFO
*
info
;
DWORD
size
=
0
;
if
(
CryptDecodeObjectEx
(
X509_ASN_ENCODING
,
szOID_BASIC_CONSTRAINTS
,
ext
->
Value
.
pbData
,
ext
->
Value
.
cbData
,
CRYPT_DECODE_ALLOC_FLAG
,
NULL
,
&
info
,
&
size
))
{
TRACE_
(
chain
)(
"SubjectType: %02x
\n
"
,
info
->
SubjectType
.
pbData
[
0
]);
TRACE_
(
chain
)(
"%s path length constraint
\n
"
,
info
->
fPathLenConstraint
?
"has"
:
"doesn't have"
);
TRACE_
(
chain
)(
"path length=%d
\n
"
,
info
->
dwPathLenConstraint
);
LocalFree
(
info
);
}
}
static
void
dump_basic_constraints2
(
PCERT_EXTENSION
ext
)
{
CERT_BASIC_CONSTRAINTS2_INFO
constraints
;
DWORD
size
=
sizeof
(
CERT_BASIC_CONSTRAINTS2_INFO
);
if
(
CryptDecodeObjectEx
(
X509_ASN_ENCODING
,
szOID_BASIC_CONSTRAINTS2
,
ext
->
Value
.
pbData
,
ext
->
Value
.
cbData
,
0
,
NULL
,
&
constraints
,
&
size
))
{
TRACE_
(
chain
)(
"basic constraints:
\n
"
);
TRACE_
(
chain
)(
"can%s be a CA
\n
"
,
constraints
.
fCA
?
""
:
"not"
);
TRACE_
(
chain
)(
"%s path length constraint
\n
"
,
constraints
.
fPathLenConstraint
?
"has"
:
"doesn't have"
);
TRACE_
(
chain
)(
"path length=%d
\n
"
,
constraints
.
dwPathLenConstraint
);
}
}
static
void
dump_extension
(
PCERT_EXTENSION
ext
)
{
TRACE_
(
chain
)(
"%s (%scritical)
\n
"
,
debugstr_a
(
ext
->
pszObjId
),
ext
->
fCritical
?
""
:
"not "
);
if
(
!
strcmp
(
ext
->
pszObjId
,
szOID_BASIC_CONSTRAINTS
))
dump_basic_constraints
(
ext
);
else
if
(
!
strcmp
(
ext
->
pszObjId
,
szOID_BASIC_CONSTRAINTS2
))
dump_basic_constraints2
(
ext
);
}
static
LPCWSTR
filetime_to_str
(
const
FILETIME
*
time
)
{
static
WCHAR
date
[
80
];
WCHAR
dateFmt
[
80
];
/* sufficient for all versions of LOCALE_SSHORTDATE */
SYSTEMTIME
sysTime
;
if
(
!
time
)
return
NULL
;
GetLocaleInfoW
(
LOCALE_SYSTEM_DEFAULT
,
LOCALE_SSHORTDATE
,
dateFmt
,
sizeof
(
dateFmt
)
/
sizeof
(
dateFmt
[
0
]));
FileTimeToSystemTime
(
time
,
&
sysTime
);
GetDateFormatW
(
LOCALE_SYSTEM_DEFAULT
,
0
,
&
sysTime
,
dateFmt
,
date
,
sizeof
(
date
)
/
sizeof
(
date
[
0
]));
return
date
;
}
static
void
dump_element
(
PCCERT_CONTEXT
cert
)
{
LPWSTR
name
=
NULL
;
DWORD
len
,
i
;
TRACE_
(
chain
)(
"%p
\n
"
,
cert
);
len
=
CertGetNameStringW
(
cert
,
CERT_NAME_SIMPLE_DISPLAY_TYPE
,
CERT_NAME_ISSUER_FLAG
,
NULL
,
NULL
,
0
);
name
=
CryptMemAlloc
(
len
*
sizeof
(
WCHAR
));
if
(
name
)
{
CertGetNameStringW
(
cert
,
CERT_NAME_SIMPLE_DISPLAY_TYPE
,
CERT_NAME_ISSUER_FLAG
,
NULL
,
name
,
len
);
TRACE_
(
chain
)(
"issued by %s
\n
"
,
debugstr_w
(
name
));
CryptMemFree
(
name
);
}
len
=
CertGetNameStringW
(
cert
,
CERT_NAME_SIMPLE_DISPLAY_TYPE
,
0
,
NULL
,
NULL
,
0
);
name
=
CryptMemAlloc
(
len
*
sizeof
(
WCHAR
));
if
(
name
)
{
CertGetNameStringW
(
cert
,
CERT_NAME_SIMPLE_DISPLAY_TYPE
,
0
,
NULL
,
name
,
len
);
TRACE_
(
chain
)(
"issued to %s
\n
"
,
debugstr_w
(
name
));
CryptMemFree
(
name
);
}
TRACE_
(
chain
)(
"valid from %s"
,
debugstr_w
(
filetime_to_str
(
&
cert
->
pCertInfo
->
NotBefore
)));
TRACE_
(
chain
)(
"to %s
\n
"
,
debugstr_w
(
filetime_to_str
(
&
cert
->
pCertInfo
->
NotAfter
)));
TRACE_
(
chain
)(
"%d extensions
\n
"
,
cert
->
pCertInfo
->
cExtension
);
for
(
i
=
0
;
i
<
cert
->
pCertInfo
->
cExtension
;
i
++
)
dump_extension
(
&
cert
->
pCertInfo
->
rgExtension
[
i
]);
}
static
void
CRYPT_CheckSimpleChain
(
PCertificateChainEngine
engine
,
static
void
CRYPT_CheckSimpleChain
(
PCertificateChainEngine
engine
,
PCERT_SIMPLE_CHAIN
chain
,
LPFILETIME
time
)
PCERT_SIMPLE_CHAIN
chain
,
LPFILETIME
time
)
{
{
...
@@ -717,8 +813,12 @@ static void CRYPT_CheckSimpleChain(PCertificateChainEngine engine,
...
@@ -717,8 +813,12 @@ static void CRYPT_CheckSimpleChain(PCertificateChainEngine engine,
BOOL
pathLengthConstraintViolated
=
FALSE
;
BOOL
pathLengthConstraintViolated
=
FALSE
;
CERT_BASIC_CONSTRAINTS2_INFO
constraints
=
{
TRUE
,
FALSE
,
0
};
CERT_BASIC_CONSTRAINTS2_INFO
constraints
=
{
TRUE
,
FALSE
,
0
};
TRACE_
(
chain
)(
"checking chain with %d elements for time %s
\n
"
,
chain
->
cElement
,
debugstr_w
(
filetime_to_str
(
time
)));
for
(
i
=
chain
->
cElement
-
1
;
i
>=
0
;
i
--
)
for
(
i
=
chain
->
cElement
-
1
;
i
>=
0
;
i
--
)
{
{
if
(
TRACE_ON
(
chain
))
dump_element
(
chain
->
rgpElement
[
i
]
->
pCertContext
);
if
(
CertVerifyTimeValidity
(
time
,
if
(
CertVerifyTimeValidity
(
time
,
chain
->
rgpElement
[
i
]
->
pCertContext
->
pCertInfo
)
!=
0
)
chain
->
rgpElement
[
i
]
->
pCertContext
->
pCertInfo
)
!=
0
)
chain
->
rgpElement
[
i
]
->
TrustStatus
.
dwErrorStatus
|=
chain
->
rgpElement
[
i
]
->
TrustStatus
.
dwErrorStatus
|=
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment