ReceiveTempSMS
/
Sweden-Number
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

cryptnet: If the caller specifies the location of a CRL, check a cert's revocation status against it.

This commit is contained in:
Juan Lang 2009-11-30 11:02:50 -08:00 committed by Alexandre Julliard
parent 44e4ac2128
commit 60ddb1365d
1 changed files with 28 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
dlls/cryptnet/cryptnet_main.c
View File

@ -1581,10 +1581,36 @@ static DWORD verify_cert_revocation(PCCERT_CONTEXT cert, DWORD index,
ret = CryptGetObjectUrl(URL_OID_CERTIFICATE_CRL_DIST_POINT, (void *)cert, ret = CryptGetObjectUrl(URL_OID_CERTIFICATE_CRL_DIST_POINT, (void *)cert,
0, NULL, &cbUrlArray, NULL, NULL, NULL); 0, NULL, &cbUrlArray, NULL, NULL, NULL);
if (!ret && GetLastError() == CRYPT_E_NOT_FOUND) if (!ret && GetLastError() == CRYPT_E_NOT_FOUND)
{
if (pRevPara && pRevPara->hCrlStore && pRevPara->pIssuerCert)
{
PCCRL_CONTEXT crl;
/* If the caller was helpful enough to tell us where to find a CRL
* for the cert, look for one and check it.
*/
crl = CertFindCRLInStore(pRevPara->hCrlStore,
cert->dwCertEncodingType,
CRL_FIND_ISSUED_BY_SIGNATURE_FLAG | CRL_FIND_ISSUED_BY_AKI_FLAG,
CRL_FIND_ISSUED_BY, pRevPara->pIssuerCert, NULL);
if (crl)
{
error = verify_cert_revocation_with_crl(cert, crl, index,
pTime, pRevStatus);
CertFreeCRLContext(crl);
}
else
{ {
error = CRYPT_E_NO_REVOCATION_CHECK; error = CRYPT_E_NO_REVOCATION_CHECK;
pRevStatus->dwIndex = index; pRevStatus->dwIndex = index;
} }
}
else
{
error = CRYPT_E_NO_REVOCATION_CHECK;
pRevStatus->dwIndex = index;
}
}
else if (ret) else if (ret)
{ {
CRYPT_URL_ARRAY *urlArray = CryptMemAlloc(cbUrlArray); CRYPT_URL_ARRAY *urlArray = CryptMemAlloc(cbUrlArray);