crypt32: Implement CertVerifyCertificateChainPolicy for the basic constraints policy.

This commit is contained in:
Juan Lang 2007-09-10 16:12:39 -07:00 committed by Alexandre Julliard
parent 5f06293eb1
commit 039beff441
2 changed files with 34 additions and 28 deletions

View File

@ -1126,6 +1126,22 @@ static BOOL WINAPI verify_authenticode_policy(LPCSTR szPolicyOID,
return ret; return ret;
} }
static BOOL WINAPI verify_basic_constraints_policy(LPCSTR szPolicyOID,
PCCERT_CHAIN_CONTEXT pChainContext, PCERT_CHAIN_POLICY_PARA pPolicyPara,
PCERT_CHAIN_POLICY_STATUS pPolicyStatus)
{
pPolicyStatus->lChainIndex = pPolicyStatus->lElementIndex = -1;
if (pChainContext->TrustStatus.dwErrorStatus &
CERT_TRUST_INVALID_BASIC_CONSTRAINTS)
{
pPolicyStatus->dwError = TRUST_E_BASIC_CONSTRAINTS;
find_element_with_error(pChainContext,
CERT_TRUST_INVALID_BASIC_CONSTRAINTS, &pPolicyStatus->lChainIndex,
&pPolicyStatus->lElementIndex);
}
return TRUE;
}
typedef BOOL (WINAPI *CertVerifyCertificateChainPolicyFunc)(LPCSTR szPolicyOID, typedef BOOL (WINAPI *CertVerifyCertificateChainPolicyFunc)(LPCSTR szPolicyOID,
PCCERT_CHAIN_CONTEXT pChainContext, PCERT_CHAIN_POLICY_PARA pPolicyPara, PCCERT_CHAIN_CONTEXT pChainContext, PCERT_CHAIN_POLICY_PARA pPolicyPara,
PCERT_CHAIN_POLICY_STATUS pPolicyStatus); PCERT_CHAIN_POLICY_STATUS pPolicyStatus);
@ -1152,6 +1168,9 @@ BOOL WINAPI CertVerifyCertificateChainPolicy(LPCSTR szPolicyOID,
case (int)CERT_CHAIN_POLICY_AUTHENTICODE: case (int)CERT_CHAIN_POLICY_AUTHENTICODE:
verifyPolicy = verify_authenticode_policy; verifyPolicy = verify_authenticode_policy;
break; break;
case (int)CERT_CHAIN_POLICY_BASIC_CONSTRAINTS:
verifyPolicy = verify_basic_constraints_policy;
break;
default: default:
FIXME("unimplemented for %d\n", LOWORD(szPolicyOID)); FIXME("unimplemented for %d\n", LOWORD(szPolicyOID));
} }

View File

@ -1783,50 +1783,37 @@ static ChainPolicyCheck authenticodePolicyCheck[] = {
static ChainPolicyCheck basicConstraintsPolicyCheck[] = { static ChainPolicyCheck basicConstraintsPolicyCheck[] = {
{ { sizeof(chain0) / sizeof(chain0[0]), chain0 }, { { sizeof(chain0) / sizeof(chain0[0]), chain0 },
{ 0, 0, -1, -1, NULL }, { 0, 0, -1, -1, NULL }, 0 },
TODO_POLICY },
{ { sizeof(chain1) / sizeof(chain1[0]), chain1 }, { { sizeof(chain1) / sizeof(chain1[0]), chain1 },
{ 0, 0, -1, -1, NULL }, { 0, 0, -1, -1, NULL }, 0 },
TODO_POLICY },
{ { sizeof(chain2) / sizeof(chain2[0]), chain2 }, { { sizeof(chain2) / sizeof(chain2[0]), chain2 },
{ 0, 0, -1, -1, NULL }, { 0, 0, -1, -1, NULL }, 0 },
TODO_POLICY },
{ { sizeof(chain3) / sizeof(chain3[0]), chain3 }, { { sizeof(chain3) / sizeof(chain3[0]), chain3 },
{ 0, TRUST_E_BASIC_CONSTRAINTS, 0, 1, NULL }, { 0, TRUST_E_BASIC_CONSTRAINTS, 0, 1, NULL }, 0 },
TODO_POLICY },
{ { sizeof(chain4) / sizeof(chain4[0]), chain4 }, { { sizeof(chain4) / sizeof(chain4[0]), chain4 },
{ 0, TRUST_E_BASIC_CONSTRAINTS, 0, 1, NULL }, { 0, TRUST_E_BASIC_CONSTRAINTS, 0, 1, NULL }, 0 },
TODO_POLICY },
{ { sizeof(chain5) / sizeof(chain5[0]), chain5 }, { { sizeof(chain5) / sizeof(chain5[0]), chain5 },
{ 0, 0, -1, -1, NULL }, { 0, 0, -1, -1, NULL }, 0 },
TODO_POLICY },
{ { sizeof(chain6) / sizeof(chain6[0]), chain6 }, { { sizeof(chain6) / sizeof(chain6[0]), chain6 },
{ 0, 0, -1, -1, NULL }, { 0, 0, -1, -1, NULL }, 0 },
TODO_POLICY },
{ { sizeof(chain7) / sizeof(chain7[0]), chain7 }, { { sizeof(chain7) / sizeof(chain7[0]), chain7 },
{ 0, 0, -1, -1, NULL }, { 0, 0, -1, -1, NULL }, 0 },
TODO_POLICY },
{ { sizeof(chain8) / sizeof(chain8[0]), chain8 }, { { sizeof(chain8) / sizeof(chain8[0]), chain8 },
{ 0, TRUST_E_BASIC_CONSTRAINTS, 0, 1, NULL }, { 0, TRUST_E_BASIC_CONSTRAINTS, 0, 1, NULL },
TODO_POLICY }, TODO_ERROR | TODO_CHAINS | TODO_ELEMENTS },
{ { sizeof(chain9) / sizeof(chain9[0]), chain9 }, { { sizeof(chain9) / sizeof(chain9[0]), chain9 },
{ 0, TRUST_E_BASIC_CONSTRAINTS, 0, 1, NULL }, { 0, TRUST_E_BASIC_CONSTRAINTS, 0, 1, NULL },
TODO_POLICY }, TODO_ERROR | TODO_CHAINS | TODO_ELEMENTS },
{ { sizeof(chain10) / sizeof(chain10[0]), chain10 }, { { sizeof(chain10) / sizeof(chain10[0]), chain10 },
{ 0, 0, -1, -1, NULL }, { 0, 0, -1, -1, NULL }, 0 },
TODO_POLICY },
{ { sizeof(chain11) / sizeof(chain11[0]), chain11 }, { { sizeof(chain11) / sizeof(chain11[0]), chain11 },
{ 0, 0, -1, -1, NULL }, { 0, 0, -1, -1, NULL }, 0 },
TODO_POLICY },
{ { sizeof(chain12) / sizeof(chain12[0]), chain12 }, { { sizeof(chain12) / sizeof(chain12[0]), chain12 },
{ 0, 0, -1, -1, NULL }, { 0, 0, -1, -1, NULL }, 0 },
TODO_POLICY },
{ { sizeof(selfSignedChain) / sizeof(selfSignedChain[0]), selfSignedChain }, { { sizeof(selfSignedChain) / sizeof(selfSignedChain[0]), selfSignedChain },
{ 0, 0, -1, -1, NULL }, { 0, 0, -1, -1, NULL }, 0 },
TODO_POLICY },
{ { sizeof(iTunesChain) / sizeof(iTunesChain[0]), iTunesChain }, { { sizeof(iTunesChain) / sizeof(iTunesChain[0]), iTunesChain },
{ 0, 0, -1, -1, NULL }, { 0, 0, -1, -1, NULL }, 0 },
TODO_POLICY },
}; };
static void checkChainPolicyStatus(LPCSTR policy, ChainPolicyCheck *check, static void checkChainPolicyStatus(LPCSTR policy, ChainPolicyCheck *check,