Author: cwittich
Date: Sun Jan 3 12:59:38 2010
New Revision: 44909
URL: http://svn.reactos.org/svn/reactos?rev=44909&view=rev
Log:
[crypt32]
sync crypt32 to wine 1.1.35
Modified:
trunk/reactos/dll/win32/crypt32/cert.c
trunk/reactos/dll/win32/crypt32/chain.c
trunk/reactos/dll/win32/crypt32/crl.c
trunk/reactos/dll/win32/crypt32/ctl.c
trunk/reactos/dll/win32/crypt32/store.c
Modified: trunk/reactos/dll/win32/crypt32/cert.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/crypt32/cert.c?rev=44909&r1=44908&r2=44909&view=diff
==============================================================================
--- trunk/reactos/dll/win32/crypt32/cert.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/crypt32/cert.c [iso-8859-1] Sun Jan 3 12:59:38 2010
@@ -2854,7 +2854,7 @@
{
info.pwszContainerName = CryptMemAlloc(len *
sizeof(WCHAR));
- len = MultiByteToWideChar(CP_ACP, 0, szContainer, -1,
+ MultiByteToWideChar(CP_ACP, 0, szContainer, -1,
info.pwszContainerName, len);
}
}
@@ -2878,7 +2878,7 @@
{
info.pwszProvName = CryptMemAlloc(len *
sizeof(WCHAR));
- len = MultiByteToWideChar(CP_ACP, 0, szProvider, -1,
+ MultiByteToWideChar(CP_ACP, 0, szProvider, -1,
info.pwszProvName, len);
}
}
@@ -2898,7 +2898,7 @@
pInfo = &info;
}
- ret = CertSetCertificateContextProperty(context,
CERT_KEY_PROV_INFO_PROP_ID,
+ CertSetCertificateContextProperty(context, CERT_KEY_PROV_INFO_PROP_ID,
0, pInfo);
if (pInfo == &info)
Modified: trunk/reactos/dll/win32/crypt32/chain.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/crypt32/chain.c?rev=44909&r1=44908&r2=44909&view=diff
==============================================================================
--- trunk/reactos/dll/win32/crypt32/chain.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/crypt32/chain.c [iso-8859-1] Sun Jan 3 12:59:38
2010
@@ -230,10 +230,118 @@
LONG ref;
} CertificateChain, *PCertificateChain;
-static inline BOOL CRYPT_IsCertificateSelfSigned(PCCERT_CONTEXT cert)
-{
- return CertCompareCertificateName(cert->dwCertEncodingType,
- &cert->pCertInfo->Subject, &cert->pCertInfo->Issuer);
+static BOOL CRYPT_IsCertificateSelfSigned(PCCERT_CONTEXT cert)
+{
+ PCERT_EXTENSION ext;
+ DWORD size;
+ BOOL ret;
+
+ if ((ext = CertFindExtension(szOID_AUTHORITY_KEY_IDENTIFIER2,
+ cert->pCertInfo->cExtension, cert->pCertInfo->rgExtension)))
+ {
+ CERT_AUTHORITY_KEY_ID2_INFO *info;
+
+ ret = CryptDecodeObjectEx(cert->dwCertEncodingType,
+ X509_AUTHORITY_KEY_ID2, ext->Value.pbData, ext->Value.cbData,
+ CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_NOCOPY_FLAG, NULL,
+ &info, &size);
+ if (ret)
+ {
+ if (info->AuthorityCertIssuer.cAltEntry &&
+ info->AuthorityCertSerialNumber.cbData)
+ {
+ PCERT_ALT_NAME_ENTRY directoryName = NULL;
+ DWORD i;
+
+ for (i = 0; !directoryName &&
+ i < info->AuthorityCertIssuer.cAltEntry; i++)
+ if (info->AuthorityCertIssuer.rgAltEntry[i].dwAltNameChoice
+ == CERT_ALT_NAME_DIRECTORY_NAME)
+ directoryName =
+ &info->AuthorityCertIssuer.rgAltEntry[i];
+ if (directoryName)
+ {
+ ret = CertCompareCertificateName(cert->dwCertEncodingType,
+ &directoryName->u.DirectoryName, &cert->pCertInfo->Issuer)
+ &&
CertCompareIntegerBlob(&info->AuthorityCertSerialNumber,
+ &cert->pCertInfo->SerialNumber);
+ }
+ else
+ {
+ FIXME("no supported name type in authority key id2\n");
+ ret = FALSE;
+ }
+ }
+ else if (info->KeyId.cbData)
+ {
+ ret = CertGetCertificateContextProperty(cert,
+ CERT_KEY_IDENTIFIER_PROP_ID, NULL, &size);
+ if (ret && size == info->KeyId.cbData)
+ {
+ LPBYTE buf = CryptMemAlloc(size);
+
+ if (buf)
+ {
+ CertGetCertificateContextProperty(cert,
+ CERT_KEY_IDENTIFIER_PROP_ID, buf, &size);
+ ret = !memcmp(buf, info->KeyId.pbData, size);
+ CryptMemFree(buf);
+ }
+ }
+ else
+ ret = FALSE;
+ }
+ LocalFree(info);
+ }
+ }
+ else if ((ext = CertFindExtension(szOID_AUTHORITY_KEY_IDENTIFIER,
+ cert->pCertInfo->cExtension, cert->pCertInfo->rgExtension)))
+ {
+ CERT_AUTHORITY_KEY_ID_INFO *info;
+
+ ret = CryptDecodeObjectEx(cert->dwCertEncodingType,
+ X509_AUTHORITY_KEY_ID, ext->Value.pbData, ext->Value.cbData,
+ CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_NOCOPY_FLAG, NULL,
+ &info, &size);
+ if (ret)
+ {
+ if (info->CertIssuer.cbData && info->CertSerialNumber.cbData)
+ {
+ ret = CertCompareCertificateName(cert->dwCertEncodingType,
+ &info->CertIssuer, &cert->pCertInfo->Issuer) &&
+ CertCompareIntegerBlob(&info->CertSerialNumber,
+ &cert->pCertInfo->SerialNumber);
+ }
+ else if (info->KeyId.cbData)
+ {
+ ret = CertGetCertificateContextProperty(cert,
+ CERT_KEY_IDENTIFIER_PROP_ID, NULL, &size);
+ if (ret && size == info->KeyId.cbData)
+ {
+ LPBYTE buf = CryptMemAlloc(size);
+
+ if (buf)
+ {
+ CertGetCertificateContextProperty(cert,
+ CERT_KEY_IDENTIFIER_PROP_ID, buf, &size);
+ ret = !memcmp(buf, info->KeyId.pbData, size);
+ CryptMemFree(buf);
+ }
+ else
+ ret = FALSE;
+ }
+ else
+ ret = FALSE;
+ }
+ else
+ ret = FALSE;
+ LocalFree(info);
+ }
+ }
+ else
+ ret = CertCompareCertificateName(cert->dwCertEncodingType,
+ &cert->pCertInfo->Subject, &cert->pCertInfo->Issuer);
+ return ret;
}
static void CRYPT_FreeChainElement(PCERT_CHAIN_ELEMENT element)
@@ -619,7 +727,7 @@
*trustErrorStatus |= CERT_TRUST_INVALID_NAME_CONSTRAINTS;
else if (!name)
; /* no match */
- else if ((at = strchrW(constraint, '@')))
+ else if (strchrW(constraint, '@'))
match = !lstrcmpiW(constraint, name);
else
{
@@ -2541,10 +2649,11 @@
* key usage extension be present and that a particular purpose
* be indicated in order for the certificate to be acceptable to
* that application."
- * For now I'm being more conservative and disallowing it.
+ * Not all web sites include the extended key usage extension, so
+ * accept chains without it.
*/
- WARN_(chain)("requested usage from a certificate with no
usages\n");
- validForUsage = FALSE;
+ TRACE_(chain)("requested usage from certificate with no usages\n");
+ validForUsage = TRUE;
}
if (!validForUsage)
{
@@ -2641,6 +2750,8 @@
if (!pChain->TrustStatus.dwErrorStatus)
CRYPT_VerifyChainRevocation(pChain, pTime, pChainPara, dwFlags);
CRYPT_CheckUsages(pChain, pChainPara);
+ TRACE_(chain)("error status: %08x\n",
+ pChain->TrustStatus.dwErrorStatus);
if (ppChainContext)
*ppChainContext = pChain;
else
Modified: trunk/reactos/dll/win32/crypt32/crl.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/crypt32/crl.c?rev=44909&r1=44908&r2=44909&view=diff
==============================================================================
--- trunk/reactos/dll/win32/crypt32/crl.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/crypt32/crl.c [iso-8859-1] Sun Jan 3 12:59:38 2010
@@ -167,14 +167,21 @@
}
else if (info->KeyId.cbData)
{
- if ((ext = CertFindExtension(
- szOID_SUBJECT_KEY_IDENTIFIER,
- issuer->pCertInfo->cExtension,
- issuer->pCertInfo->rgExtension)))
+ DWORD size;
+
+ ret = CertGetCertificateContextProperty(issuer,
+ CERT_KEY_IDENTIFIER_PROP_ID, NULL, &size);
+ if (ret && size == info->KeyId.cbData)
{
- if (info->KeyId.cbData == ext->Value.cbData)
- ret = !memcmp(info->KeyId.pbData,
- ext->Value.pbData, info->KeyId.cbData);
+ LPBYTE buf = CryptMemAlloc(size);
+
+ if (buf)
+ {
+ CertGetCertificateContextProperty(issuer,
+ CERT_KEY_IDENTIFIER_PROP_ID, buf, &size);
+ ret = !memcmp(buf, info->KeyId.pbData, size);
+ CryptMemFree(buf);
+ }
else
ret = FALSE;
}
Modified: trunk/reactos/dll/win32/crypt32/ctl.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/crypt32/ctl.c?rev=44909&r1=44908&r2=44909&view=diff
==============================================================================
--- trunk/reactos/dll/win32/crypt32/ctl.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/crypt32/ctl.c [iso-8859-1] Sun Jan 3 12:59:38 2010
@@ -113,7 +113,13 @@
break;
case CERT_STORE_ADD_USE_EXISTING:
if (existing)
+ {
CtlContext_CopyProperties(existing, pCtlContext);
+ if (ppStoreContext)
+ *ppStoreContext = CertDuplicateCTLContext(existing);
+ }
+ else
+ toAdd = CertDuplicateCTLContext(pCtlContext);
break;
default:
FIXME("Unimplemented add disposition %d\n", dwAddDisposition);
Modified: trunk/reactos/dll/win32/crypt32/store.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/crypt32/store.c?rev=44909&r1=44908&r2=44909&view=diff
==============================================================================
--- trunk/reactos/dll/win32/crypt32/store.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/crypt32/store.c [iso-8859-1] Sun Jan 3 12:59:38
2010
@@ -899,7 +899,8 @@
if (existing)
{
CertContext_CopyProperties(existing, pCertContext);
- *ppStoreContext = CertDuplicateCertificateContext(existing);
+ if (ppStoreContext)
+ *ppStoreContext = CertDuplicateCertificateContext(existing);
}
else
toAdd = CertDuplicateCertificateContext(pCertContext);
@@ -1090,7 +1091,13 @@
break;
case CERT_STORE_ADD_USE_EXISTING:
if (existing)
+ {
CrlContext_CopyProperties(existing, pCrlContext);
+ if (ppStoreContext)
+ *ppStoreContext = CertDuplicateCRLContext(existing);
+ }
+ else
+ toAdd = CertDuplicateCRLContext(pCrlContext);
break;
default:
FIXME("Unimplemented add disposition %d\n", dwAddDisposition);
