Skip to content

W
wine-winehq
Commit eda48d88 authored by Juan Lang's avatar Juan Lang Committed by Alexandre Julliard
Browse files
Options

crypt32: Set trust status on root element in chain.

parent fbf3cef5
Hide whitespace changes
Inline Side-by-side
Showing with 14 additions and 5 deletions
dlls/crypt32/chain.c
View file @ eda48d88
......@@ -340,20 +340,25 @@ static BOOL CRYPT_BuildSimpleChain(HCERTCHAINENGINE hChainEngine,
}
if (ret)
{
PCCERT_CONTEXT root = chain->rgpElement[chain->cElement - 1]->
pCertContext;
PCERT_CHAIN_ELEMENT rootElement =
chain->rgpElement[chain->cElement - 1];
PCCERT_CONTEXT root = rootElement->pCertContext;
if (!(ret = CRYPT_IsCertificateSelfSigned(root)))
TRACE("Last certificate is not self-signed\n");
else
{
chain->rgpElement[chain->cElement - 1]->TrustStatus.dwInfoStatus
|= CERT_TRUST_IS_SELF_SIGNED;
rootElement->TrustStatus.dwInfoStatus |=
CERT_TRUST_IS_SELF_SIGNED;
if (!(ret = CryptVerifyCertificateSignatureEx(0,
root->dwCertEncodingType, CRYPT_VERIFY_CERT_SIGN_SUBJECT_CERT,
(void *)root, CRYPT_VERIFY_CERT_SIGN_ISSUER_CERT, (void *)root,
0, NULL)))
{
TRACE("Last certificate's signature is invalid\n");
rootElement->TrustStatus.dwErrorStatus |=
CERT_TRUST_IS_NOT_SIGNATURE_VALID;
}
}
if (ret)
{
......@@ -367,11 +372,15 @@ static BOOL CRYPT_BuildSimpleChain(HCERTCHAINENGINE hChainEngine,
trustedRoot = CertFindCertificateInStore(engine->hRoot,
root->dwCertEncodingType, 0, CERT_FIND_SHA1_HASH, &blob, NULL);
if (!trustedRoot)
chain->TrustStatus.dwErrorStatus |=
rootElement->TrustStatus.dwErrorStatus |=
CERT_TRUST_IS_UNTRUSTED_ROOT;
else
CertFreeCertificateContext(trustedRoot);
}
chain->TrustStatus.dwErrorStatus |=
rootElement->TrustStatus.dwErrorStatus;
chain->TrustStatus.dwInfoStatus |=
rootElement->TrustStatus.dwInfoStatus & ~CERT_TRUST_IS_SELF_SIGNED;
}
if (!ret)
{
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment