From 4df042b54bae0159a5b8216b4bb2a59dfc561dec Mon Sep 17 00:00:00 2001 From: Juan Lang Date: Tue, 8 Dec 2009 10:18:27 -0800 Subject: [PATCH] crypt32: Compare CRL's authority key identifier against the certificate's subject key identifier property, which also decodes the certificate's extension if necessary. --- dlls/crypt32/crl.c | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/dlls/crypt32/crl.c b/dlls/crypt32/crl.c index a24e6adf887..72180c52473 100644 --- a/dlls/crypt32/crl.c +++ b/dlls/crypt32/crl.c @@ -167,14 +167,21 @@ static BOOL compare_crl_issued_by(PCCRL_CONTEXT pCrlContext, DWORD dwType, } else if (info->KeyId.cbData) { - if ((ext = CertFindExtension( - szOID_SUBJECT_KEY_IDENTIFIER, - issuer->pCertInfo->cExtension, - issuer->pCertInfo->rgExtension))) + DWORD size; + + ret = CertGetCertificateContextProperty(issuer, + CERT_KEY_IDENTIFIER_PROP_ID, NULL, &size); + if (ret && size == info->KeyId.cbData) { - if (info->KeyId.cbData == ext->Value.cbData) - ret = !memcmp(info->KeyId.pbData, - ext->Value.pbData, info->KeyId.cbData); + LPBYTE buf = CryptMemAlloc(size); + + if (buf) + { + CertGetCertificateContextProperty(issuer, + CERT_KEY_IDENTIFIER_PROP_ID, buf, &size); + ret = !memcmp(buf, info->KeyId.pbData, size); + CryptMemFree(buf); + } else ret = FALSE; }