Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
W
wine-winehq
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
wine
wine-winehq
Commits
1540f24e
Commit
1540f24e
authored
Aug 30, 2007
by
Juan Lang
Committed by
Alexandre Julliard
Aug 31, 2007
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
crypt32: Don't fail chain creation if root isn't self-signed.
parent
b8b787a8
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
23 additions
and
22 deletions
+23
-22
chain.c
dlls/crypt32/chain.c
+22
-20
chain.c
dlls/crypt32/tests/chain.c
+1
-2
No files found.
dlls/crypt32/chain.c
View file @
1540f24e
...
...
@@ -339,6 +339,26 @@ static void CRYPT_FreeSimpleChain(PCERT_SIMPLE_CHAIN chain)
CryptMemFree
(
chain
);
}
static
void
CRYPT_CheckTrustedStatus
(
HCERTSTORE
hRoot
,
PCERT_CHAIN_ELEMENT
rootElement
)
{
BYTE
hash
[
20
];
DWORD
size
=
sizeof
(
hash
);
CRYPT_HASH_BLOB
blob
=
{
sizeof
(
hash
),
hash
};
PCCERT_CONTEXT
trustedRoot
;
CertGetCertificateContextProperty
(
rootElement
->
pCertContext
,
CERT_HASH_PROP_ID
,
hash
,
&
size
);
trustedRoot
=
CertFindCertificateInStore
(
hRoot
,
rootElement
->
pCertContext
->
dwCertEncodingType
,
0
,
CERT_FIND_SHA1_HASH
,
&
blob
,
NULL
);
if
(
!
trustedRoot
)
rootElement
->
TrustStatus
.
dwErrorStatus
|=
CERT_TRUST_IS_UNTRUSTED_ROOT
;
else
CertFreeCertificateContext
(
trustedRoot
);
}
static
BOOL
CRYPT_BuildSimpleChain
(
HCERTCHAINENGINE
hChainEngine
,
PCCERT_CONTEXT
cert
,
LPFILETIME
pTime
,
HCERTSTORE
hAdditionalStore
,
PCERT_SIMPLE_CHAIN
*
ppChain
)
...
...
@@ -387,9 +407,7 @@ static BOOL CRYPT_BuildSimpleChain(HCERTCHAINENGINE hChainEngine,
chain
->
rgpElement
[
chain
->
cElement
-
1
];
PCCERT_CONTEXT
root
=
rootElement
->
pCertContext
;
if
(
!
(
ret
=
CRYPT_IsCertificateSelfSigned
(
root
)))
TRACE
(
"Last certificate is not self-signed
\n
"
);
else
if
(
CRYPT_IsCertificateSelfSigned
(
root
))
{
rootElement
->
TrustStatus
.
dwInfoStatus
|=
CERT_TRUST_IS_SELF_SIGNED
;
...
...
@@ -402,23 +420,7 @@ static BOOL CRYPT_BuildSimpleChain(HCERTCHAINENGINE hChainEngine,
rootElement
->
TrustStatus
.
dwErrorStatus
|=
CERT_TRUST_IS_NOT_SIGNATURE_VALID
;
}
}
if
(
CRYPT_IsCertificateSelfSigned
(
root
))
{
BYTE
hash
[
20
];
DWORD
size
=
sizeof
(
hash
);
CRYPT_HASH_BLOB
blob
=
{
sizeof
(
hash
),
hash
};
PCCERT_CONTEXT
trustedRoot
;
CertGetCertificateContextProperty
(
root
,
CERT_HASH_PROP_ID
,
hash
,
&
size
);
trustedRoot
=
CertFindCertificateInStore
(
engine
->
hRoot
,
root
->
dwCertEncodingType
,
0
,
CERT_FIND_SHA1_HASH
,
&
blob
,
NULL
);
if
(
!
trustedRoot
)
rootElement
->
TrustStatus
.
dwErrorStatus
|=
CERT_TRUST_IS_UNTRUSTED_ROOT
;
else
CertFreeCertificateContext
(
trustedRoot
);
CRYPT_CheckTrustedStatus
(
engine
->
hRoot
,
rootElement
);
}
chain
->
TrustStatus
.
dwErrorStatus
|=
rootElement
->
TrustStatus
.
dwErrorStatus
;
...
...
dlls/crypt32/tests/chain.c
View file @
1540f24e
...
...
@@ -1529,13 +1529,12 @@ static ChainCheck chainCheck[] = {
CERT_TRUST_IS_NOT_TIME_VALID
,
0
},
1
,
simpleStatus8
},
TODO_ERROR
|
TODO_INFO
},
/* This (cyclic) chain fails in Wine */
{
{
sizeof
(
chain9
)
/
sizeof
(
chain9
[
0
]),
chain9
},
{
{
0
,
CERT_TRUST_HAS_PREFERRED_ISSUER
},
{
CERT_TRUST_HAS_NOT_SUPPORTED_NAME_CONSTRAINT
|
CERT_TRUST_INVALID_BASIC_CONSTRAINTS
|
CERT_TRUST_IS_CYCLIC
,
0
},
1
,
simpleStatus9
},
TODO_
CHAIN
|
TODO_
ERROR
|
TODO_INFO
},
TODO_ERROR
|
TODO_INFO
},
{
{
sizeof
(
chain10
)
/
sizeof
(
chain10
[
0
]),
chain10
},
{
{
0
,
CERT_TRUST_HAS_PREFERRED_ISSUER
},
{
CERT_TRUST_IS_UNTRUSTED_ROOT
,
0
},
1
,
simpleStatus10
},
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment