crypt32: Implement CertVerifyCertificateChainPolicy for the basic constraints policy.
This commit is contained in:
parent
5f06293eb1
commit
039beff441
|
@ -1126,6 +1126,22 @@ static BOOL WINAPI verify_authenticode_policy(LPCSTR szPolicyOID,
|
|||
return ret;
|
||||
}
|
||||
|
||||
static BOOL WINAPI verify_basic_constraints_policy(LPCSTR szPolicyOID,
|
||||
PCCERT_CHAIN_CONTEXT pChainContext, PCERT_CHAIN_POLICY_PARA pPolicyPara,
|
||||
PCERT_CHAIN_POLICY_STATUS pPolicyStatus)
|
||||
{
|
||||
pPolicyStatus->lChainIndex = pPolicyStatus->lElementIndex = -1;
|
||||
if (pChainContext->TrustStatus.dwErrorStatus &
|
||||
CERT_TRUST_INVALID_BASIC_CONSTRAINTS)
|
||||
{
|
||||
pPolicyStatus->dwError = TRUST_E_BASIC_CONSTRAINTS;
|
||||
find_element_with_error(pChainContext,
|
||||
CERT_TRUST_INVALID_BASIC_CONSTRAINTS, &pPolicyStatus->lChainIndex,
|
||||
&pPolicyStatus->lElementIndex);
|
||||
}
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
typedef BOOL (WINAPI *CertVerifyCertificateChainPolicyFunc)(LPCSTR szPolicyOID,
|
||||
PCCERT_CHAIN_CONTEXT pChainContext, PCERT_CHAIN_POLICY_PARA pPolicyPara,
|
||||
PCERT_CHAIN_POLICY_STATUS pPolicyStatus);
|
||||
|
@ -1152,6 +1168,9 @@ BOOL WINAPI CertVerifyCertificateChainPolicy(LPCSTR szPolicyOID,
|
|||
case (int)CERT_CHAIN_POLICY_AUTHENTICODE:
|
||||
verifyPolicy = verify_authenticode_policy;
|
||||
break;
|
||||
case (int)CERT_CHAIN_POLICY_BASIC_CONSTRAINTS:
|
||||
verifyPolicy = verify_basic_constraints_policy;
|
||||
break;
|
||||
default:
|
||||
FIXME("unimplemented for %d\n", LOWORD(szPolicyOID));
|
||||
}
|
||||
|
|
|
@ -1783,50 +1783,37 @@ static ChainPolicyCheck authenticodePolicyCheck[] = {
|
|||
|
||||
static ChainPolicyCheck basicConstraintsPolicyCheck[] = {
|
||||
{ { sizeof(chain0) / sizeof(chain0[0]), chain0 },
|
||||
{ 0, 0, -1, -1, NULL },
|
||||
TODO_POLICY },
|
||||
{ 0, 0, -1, -1, NULL }, 0 },
|
||||
{ { sizeof(chain1) / sizeof(chain1[0]), chain1 },
|
||||
{ 0, 0, -1, -1, NULL },
|
||||
TODO_POLICY },
|
||||
{ 0, 0, -1, -1, NULL }, 0 },
|
||||
{ { sizeof(chain2) / sizeof(chain2[0]), chain2 },
|
||||
{ 0, 0, -1, -1, NULL },
|
||||
TODO_POLICY },
|
||||
{ 0, 0, -1, -1, NULL }, 0 },
|
||||
{ { sizeof(chain3) / sizeof(chain3[0]), chain3 },
|
||||
{ 0, TRUST_E_BASIC_CONSTRAINTS, 0, 1, NULL },
|
||||
TODO_POLICY },
|
||||
{ 0, TRUST_E_BASIC_CONSTRAINTS, 0, 1, NULL }, 0 },
|
||||
{ { sizeof(chain4) / sizeof(chain4[0]), chain4 },
|
||||
{ 0, TRUST_E_BASIC_CONSTRAINTS, 0, 1, NULL },
|
||||
TODO_POLICY },
|
||||
{ 0, TRUST_E_BASIC_CONSTRAINTS, 0, 1, NULL }, 0 },
|
||||
{ { sizeof(chain5) / sizeof(chain5[0]), chain5 },
|
||||
{ 0, 0, -1, -1, NULL },
|
||||
TODO_POLICY },
|
||||
{ 0, 0, -1, -1, NULL }, 0 },
|
||||
{ { sizeof(chain6) / sizeof(chain6[0]), chain6 },
|
||||
{ 0, 0, -1, -1, NULL },
|
||||
TODO_POLICY },
|
||||
{ 0, 0, -1, -1, NULL }, 0 },
|
||||
{ { sizeof(chain7) / sizeof(chain7[0]), chain7 },
|
||||
{ 0, 0, -1, -1, NULL },
|
||||
TODO_POLICY },
|
||||
{ 0, 0, -1, -1, NULL }, 0 },
|
||||
{ { sizeof(chain8) / sizeof(chain8[0]), chain8 },
|
||||
{ 0, TRUST_E_BASIC_CONSTRAINTS, 0, 1, NULL },
|
||||
TODO_POLICY },
|
||||
TODO_ERROR | TODO_CHAINS | TODO_ELEMENTS },
|
||||
{ { sizeof(chain9) / sizeof(chain9[0]), chain9 },
|
||||
{ 0, TRUST_E_BASIC_CONSTRAINTS, 0, 1, NULL },
|
||||
TODO_POLICY },
|
||||
TODO_ERROR | TODO_CHAINS | TODO_ELEMENTS },
|
||||
{ { sizeof(chain10) / sizeof(chain10[0]), chain10 },
|
||||
{ 0, 0, -1, -1, NULL },
|
||||
TODO_POLICY },
|
||||
{ 0, 0, -1, -1, NULL }, 0 },
|
||||
{ { sizeof(chain11) / sizeof(chain11[0]), chain11 },
|
||||
{ 0, 0, -1, -1, NULL },
|
||||
TODO_POLICY },
|
||||
{ 0, 0, -1, -1, NULL }, 0 },
|
||||
{ { sizeof(chain12) / sizeof(chain12[0]), chain12 },
|
||||
{ 0, 0, -1, -1, NULL },
|
||||
TODO_POLICY },
|
||||
{ 0, 0, -1, -1, NULL }, 0 },
|
||||
{ { sizeof(selfSignedChain) / sizeof(selfSignedChain[0]), selfSignedChain },
|
||||
{ 0, 0, -1, -1, NULL },
|
||||
TODO_POLICY },
|
||||
{ 0, 0, -1, -1, NULL }, 0 },
|
||||
{ { sizeof(iTunesChain) / sizeof(iTunesChain[0]), iTunesChain },
|
||||
{ 0, 0, -1, -1, NULL },
|
||||
TODO_POLICY },
|
||||
{ 0, 0, -1, -1, NULL }, 0 },
|
||||
};
|
||||
|
||||
static void checkChainPolicyStatus(LPCSTR policy, ChainPolicyCheck *check,
|
||||
|
|
Loading…
Reference in New Issue