Commit Graph

654 Commits

Author SHA1 Message Date
Juan Lang
05492ae907 crypt32: (Re)introduce helper function to get issuer certificate. 2007-09-12 11:33:11 +02:00
Rob Shearman
9ddc872a1a crypt32: Fix a compile failure on *BSD systems.
Include limits.h for the definition of PATH_MAX.
2007-09-12 11:33:10 +02:00
Francois Gouget
b7bf91f5e8 crypt32: Fix the I_Crypt*Asn1*() prototypes. Add the i_cryptasn1tls.h header and use it. 2007-09-12 11:33:10 +02:00
Juan Lang
039beff441 crypt32: Implement CertVerifyCertificateChainPolicy for the basic constraints policy. 2007-09-11 12:36:41 +02:00
Juan Lang
5f06293eb1 crypt32: Implement CertVerifyCertificateChainPolicy for the authenticode policy. 2007-09-11 12:36:34 +02:00
Juan Lang
b56f0c5b68 crypt32: Implement CertVerifyCertificateChainPolicy for the base policy. 2007-09-11 12:36:27 +02:00
Juan Lang
f23ec30534 crypt32: Add initial tests for CertVerifyCertificateChainPolicy. 2007-09-11 12:36:15 +02:00
Juan Lang
91c76955e7 crypt32: Add a stub for CertVerifyCertificateChainPolicy. 2007-09-11 12:36:10 +02:00
Juan Lang
d7115ce33c crypt32: Support CRYPT_DECODE_TO_BE_SIGNED_FLAG. 2007-09-11 12:35:57 +02:00
Juan Lang
9663f9427b crypt32: Add a root store implementation that reads trusted certificates from well-known locations on the local system. 2007-09-11 11:57:06 +02:00
Juan Lang
391f826d49 crypt32: Add a function to create a certificate chain engine potentially before the root store is created. 2007-09-11 11:50:23 +02:00
Juan Lang
5e674f3580 crypt32: Consider alternate issuers when building chains. 2007-09-10 15:50:01 +02:00
Juan Lang
1fc8c60788 crypt32: Flags weren't set, so don't bother passing them. 2007-09-10 15:49:55 +02:00
Juan Lang
a040dd22e7 crypt32: Defer checking signatures until chain is complete. 2007-09-10 15:49:50 +02:00
Juan Lang
56d4a3c392 crypt32: Don't ask CertGetIssuerCertificateFromStore to verify revocation status, it almost certainly doesn't do what we want. 2007-09-10 15:49:44 +02:00
Juan Lang
dfd2d3d9bc crypt32: Don't abort chain creation if the root signature isn't valid. 2007-09-10 15:49:38 +02:00
Juan Lang
5b02947937 crypt32: Add special case for certificates with no signature algorithm. 2007-09-10 15:49:31 +02:00
Juan Lang
d82f3f37a2 crypt32: Remove a misplaced todo_wine. 2007-09-10 15:49:24 +02:00
Juan Lang
69834b16ac crypt32: Set *ppChainContext even on error. 2007-09-10 15:49:13 +02:00
Juan Lang
31618f91dd crypt32: Test whether chain creation should fail when a root signature is invalid. 2007-09-10 15:49:07 +02:00
Juan Lang
c4e07a5bfc crypt32: Separate allocating a simple chain and checking it from building it. 2007-09-10 15:49:01 +02:00
Juan Lang
a82b36ac98 crypt32: Store world store in chain. 2007-09-10 15:48:55 +02:00
Juan Lang
818634d69a crypt32: Not finding an issuer shouldn't cause chain creation to fail. 2007-09-10 15:48:49 +02:00
Juan Lang
8698a598fc crypt32: Don't add end cert's store to world. 2007-09-10 15:48:43 +02:00
Juan Lang
e9ee8c8717 crypt32: Open world store when creating chain, not when building a simple chain. 2007-09-10 15:48:35 +02:00
Juan Lang
1a059879bf crypt32: Make a helper function to create initial candidate chain. 2007-09-10 15:48:27 +02:00
Juan Lang
192ed7353d crypt32: Test that the end cert in a chain's store isn't implicitly searched for issuers. 2007-09-10 15:48:15 +02:00
Juan Lang
6aa03fc4c3 crypt32: Add more tests for getting issuer cert from store.
Show that certificates are added to memory stores at the head rather
than the tail.
2007-09-10 15:48:10 +02:00
Juan Lang
6c9b788fb8 crypt32: Check path length constraint on a chain. 2007-08-31 19:12:38 +02:00
Juan Lang
14b0df1fef crypt32: Set error status on issued certificate, not on issuer. 2007-08-31 19:12:33 +02:00
Juan Lang
1ce46d5e4a crypt32: Check whether each signing certificate can be a CA. 2007-08-31 19:12:28 +02:00
Juan Lang
51948b0c98 crypt32: Check time of each element in chain against requested time. 2007-08-31 19:12:23 +02:00
Juan Lang
d06a24517f crypt32: Time validity nesting doesn't appear to be checked, so don't check it. 2007-08-31 19:12:18 +02:00
Juan Lang
03d76d97ec crypt32: Correct combining trust status of a chain's elements into the chain's trust status. 2007-08-31 19:12:12 +02:00
Juan Lang
c39696eb14 crypt32: Don't fail chain creation if signature doesn't match. 2007-08-31 19:12:04 +02:00
Juan Lang
1540f24e92 crypt32: Don't fail chain creation if root isn't self-signed. 2007-08-31 19:11:53 +02:00
Juan Lang
b8b787a810 crypt32: Halt chain creation when a cycle is detected. 2007-08-31 19:11:46 +02:00
Juan Lang
51a9d208ee crypt32: Implement CertDuplicateCertificateChain. 2007-08-31 19:11:41 +02:00
Juan Lang
3ef4c7e1cc crypt32: Remove unneeded WINAPI from internal function. 2007-08-31 19:11:35 +02:00
Juan Lang
0dc82780ca crypt32: Free lower quality chain contexts. 2007-08-31 19:11:30 +02:00
Juan Lang
a4e88cb644 crypt32: Check chain root's trusted status regardless of whether its signature is valid. 2007-08-31 19:11:25 +02:00
Juan Lang
8cd7abf1be crypt32: Properly reference count certificate contexts referenced by a chain. 2007-08-31 19:11:19 +02:00
Juan Lang
45eef63a35 crypt32: Add a default cycle detection modulus. 2007-08-31 19:11:11 +02:00
Juan Lang
cf2047fd72 crypt32: The preferred issuer flag appears to be a bug in XP, so don't set it. 2007-08-31 19:11:06 +02:00
Juan Lang
6a8a7362cc crypt32: Greatly expand certificate chain tests. 2007-08-31 18:01:56 +02:00
Juan Lang
eda48d8868 crypt32: Set trust status on root element in chain. 2007-08-29 11:59:34 +02:00
Juan Lang
ff26d428e3 crypt32: Partially implement CMSG_CTRL_VERIFY_SIGNATURE_EX. 2007-08-27 11:59:19 +02:00
Juan Lang
f5b4806159 crypt32: Implement CryptVerifyMessageSignature. 2007-08-23 12:38:05 +02:00
Juan Lang
3a9e1d6648 crypt32: Test and correct verifying the signature of a valid signed message. 2007-08-23 12:37:59 +02:00
Juan Lang
4fb26709cd crypt32: Test encoding a signed message with a valid public key. 2007-08-22 12:59:37 +02:00