From 1a88c8bccbc70f8c28a42b2acf3786f4d1af339b Mon Sep 17 00:00:00 2001 From: Juan Lang Date: Mon, 8 Oct 2007 15:34:54 -0700 Subject: [PATCH] wintrust: Add a helper function to initialize chain creation parameters. --- dlls/wintrust/softpub.c | 45 ++++++++++++++++++++++++++--------------- 1 file changed, 29 insertions(+), 16 deletions(-) diff --git a/dlls/wintrust/softpub.c b/dlls/wintrust/softpub.c index 87e52099764..bd55d84c44c 100644 --- a/dlls/wintrust/softpub.c +++ b/dlls/wintrust/softpub.c @@ -23,6 +23,7 @@ #include "winbase.h" #include "wintrust.h" #include "mssip.h" +#include "softpub.h" #include "wine/debug.h" WINE_DEFAULT_DEBUG_CHANNEL(wintrust); @@ -574,6 +575,28 @@ static BOOL WINTRUST_CopyChain(CRYPT_PROVIDER_DATA *data, DWORD signerIdx) return ret; } +static void WINTRUST_CreateChainPolicyCreateInfo( + const CRYPT_PROVIDER_DATA *data, PWTD_GENERIC_CHAIN_POLICY_CREATE_INFO info, + PCERT_CHAIN_PARA chainPara) +{ + chainPara->cbSize = sizeof(CERT_CHAIN_PARA); + if (data->pRequestUsage) + memcpy(&chainPara->RequestedUsage, data->pRequestUsage, + sizeof(CERT_USAGE_MATCH)); + info->u.cbSize = sizeof(WTD_GENERIC_CHAIN_POLICY_CREATE_INFO); + info->hChainEngine = NULL; + info->pChainPara = chainPara; + if (data->dwProvFlags & CPD_REVOCATION_CHECK_END_CERT) + info->dwFlags = CERT_CHAIN_REVOCATION_CHECK_END_CERT; + else if (data->dwProvFlags & CPD_REVOCATION_CHECK_CHAIN) + info->dwFlags = CERT_CHAIN_REVOCATION_CHECK_CHAIN; + else if (data->dwProvFlags & CPD_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT) + info->dwFlags = CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT; + else + info->dwFlags = 0; + info->pvReserved = NULL; +} + HRESULT WINAPI WintrustCertificateTrust(CRYPT_PROVIDER_DATA *data) { BOOL ret; @@ -586,35 +609,25 @@ HRESULT WINAPI WintrustCertificateTrust(CRYPT_PROVIDER_DATA *data) else { DWORD i; + WTD_GENERIC_CHAIN_POLICY_CREATE_INFO createInfo; + CERT_CHAIN_PARA chainPara; + WINTRUST_CreateChainPolicyCreateInfo(data, &createInfo, &chainPara); ret = TRUE; for (i = 0; i < data->csSigners; i++) { - CERT_CHAIN_PARA chainPara = { sizeof(chainPara), { 0 } }; - DWORD flags; - - if (data->pRequestUsage) - memcpy(&chainPara.RequestedUsage, data->pRequestUsage, - sizeof(CERT_USAGE_MATCH)); - if (data->dwProvFlags & CPD_REVOCATION_CHECK_END_CERT) - flags = CERT_CHAIN_REVOCATION_CHECK_END_CERT; - else if (data->dwProvFlags & CPD_REVOCATION_CHECK_CHAIN) - flags = CERT_CHAIN_REVOCATION_CHECK_CHAIN; - else if (data->dwProvFlags & CPD_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT) - flags = CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT; - else - flags = 0; /* Expect the end certificate for each signer to be the only * cert in the chain: */ if (data->pasSigners[i].csCertChain) { /* Create a certificate chain for each signer */ - ret = CertGetCertificateChain(NULL, + ret = CertGetCertificateChain(createInfo.hChainEngine, data->pasSigners[i].pasCertChain[0].pCert, &data->pasSigners[i].sftVerifyAsOf, data->chStores ? data->pahStores[0] : NULL, - &chainPara, flags, NULL, &data->pasSigners[i].pChainContext); + &chainPara, createInfo.dwFlags, createInfo.pvReserved, + &data->pasSigners[i].pChainContext); if (ret) { if (data->pasSigners[i].pChainContext->cChain != 1)