crypt32: Correct tests for CertIsValidCRLForCertificate.
This commit is contained in:
parent
b16a78baa7
commit
e5c56b1798
|
@ -229,13 +229,15 @@ static const BYTE v1CRLWithIssuerAndEntry[] = { 0x30, 0x44, 0x30, 0x02, 0x06,
|
|||
0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30,
|
||||
0x30, 0x5a, 0x30, 0x16, 0x30, 0x14, 0x02, 0x01, 0x01, 0x18, 0x0f, 0x31, 0x36,
|
||||
0x30, 0x31, 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a };
|
||||
static const BYTE v2CRLWithIssuingDistPoint[] = { 0x30,0x5c,0x02,0x01,0x01,
|
||||
0x30,0x02,0x06,0x00,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,
|
||||
0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x18,0x0f,0x31,
|
||||
0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,
|
||||
0x16,0x30,0x14,0x02,0x01,0x01,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,
|
||||
0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0xa0,0x13,0x30,0x11,0x30,0x0f,0x06,
|
||||
0x03,0x55,0x1d,0x13,0x04,0x08,0x30,0x06,0x01,0x01,0xff,0x02,0x01,0x01 };
|
||||
static const BYTE v2CRLWithIssuingDistPoint[] = {
|
||||
0x30,0x70,0x02,0x01,0x01,0x30,0x02,0x06,0x00,0x30,0x15,0x31,0x13,0x30,0x11,
|
||||
0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,
|
||||
0x67,0x00,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,
|
||||
0x30,0x30,0x30,0x5a,0x30,0x16,0x30,0x14,0x02,0x01,0x01,0x18,0x0f,0x31,0x36,
|
||||
0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0xa0,0x27,
|
||||
0x30,0x25,0x30,0x23,0x06,0x03,0x55,0x1d,0x1c,0x01,0x01,0xff,0x04,0x19,0x30,
|
||||
0x17,0xa0,0x15,0xa0,0x13,0x86,0x11,0x68,0x74,0x74,0x70,0x3a,0x2f,0x2f,0x77,
|
||||
0x69,0x6e,0x65,0x68,0x71,0x2e,0x6f,0x72,0x67 };
|
||||
static const BYTE verisignCRL[] = { 0x30, 0x82, 0x01, 0xb1, 0x30, 0x82, 0x01,
|
||||
0x1a, 0x02, 0x01, 0x01, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
|
||||
0x0d, 0x01, 0x01, 0x02, 0x05, 0x00, 0x30, 0x61, 0x31, 0x11, 0x30, 0x0f, 0x06,
|
||||
|
@ -684,10 +686,24 @@ static void testCRLProperties(void)
|
|||
}
|
||||
}
|
||||
|
||||
static const BYTE bigCertWithCRLDistPoints[] = {
|
||||
0x30,0x81,0xa5,0x02,0x01,0x01,0x30,0x02,0x06,0x00,0x30,0x15,0x31,0x13,0x30,
|
||||
0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,
|
||||
0x6e,0x67,0x00,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,
|
||||
0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,
|
||||
0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x15,0x31,0x13,0x30,0x11,
|
||||
0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,
|
||||
0x67,0x00,0x30,0x22,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,
|
||||
0x01,0x01,0x05,0x00,0x03,0x11,0x00,0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
|
||||
0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,0xa3,0x26,0x30,0x24,0x30,0x22,0x06,
|
||||
0x03,0x55,0x1d,0x1f,0x04,0x1b,0x30,0x19,0x30,0x17,0xa0,0x15,0xa0,0x13,0x86,
|
||||
0x11,0x68,0x74,0x74,0x70,0x3a,0x2f,0x2f,0x77,0x69,0x6e,0x65,0x68,0x71,0x2e,
|
||||
0x6f,0x72,0x67 };
|
||||
|
||||
static void testIsValidCRLForCert(void)
|
||||
{
|
||||
BOOL ret;
|
||||
PCCERT_CONTEXT cert1, cert2;
|
||||
PCCERT_CONTEXT cert1, cert2, cert3;
|
||||
PCCRL_CONTEXT crl;
|
||||
HCERTSTORE store;
|
||||
|
||||
|
@ -728,16 +744,30 @@ static void testIsValidCRLForCert(void)
|
|||
|
||||
CertFreeCRLContext(crl);
|
||||
|
||||
/* Yet with a CRL_ISSUING_DIST_POINT in the CRL, I still can't get this
|
||||
* to say the CRL is not valid for either cert.
|
||||
/* With a CRL_ISSUING_DIST_POINT in the CRL, it returns FALSE, since the
|
||||
* cert doesn't have the same extension in it.
|
||||
*/
|
||||
crl = CertCreateCRLContext(X509_ASN_ENCODING, v2CRLWithIssuingDistPoint,
|
||||
sizeof(v2CRLWithIssuingDistPoint));
|
||||
ok(crl != NULL, "CertCreateCRLContext failed: %08x\n", GetLastError());
|
||||
|
||||
todo_wine {
|
||||
ret = pCertIsValidCRLForCertificate(cert1, crl, 0, NULL);
|
||||
ok(ret, "CertIsValidCRLForCertificate failed: %08x\n", GetLastError());
|
||||
ok(!ret && GetLastError() == CRYPT_E_NO_MATCH,
|
||||
"expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
|
||||
ret = pCertIsValidCRLForCertificate(cert2, crl, 0, NULL);
|
||||
ok(!ret && GetLastError() == CRYPT_E_NO_MATCH,
|
||||
"expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
|
||||
}
|
||||
|
||||
/* With a CRL_ISSUING_DIST_POINT in the CRL, it matches the cert containing
|
||||
* a CRL_DIST_POINTS_INFO extension.
|
||||
*/
|
||||
cert3 = CertCreateCertificateContext(X509_ASN_ENCODING,
|
||||
bigCertWithCRLDistPoints, sizeof(bigCertWithCRLDistPoints));
|
||||
ok(cert3 != NULL, "CertCreateCertificateContext failed: %08x\n",
|
||||
GetLastError());
|
||||
ret = pCertIsValidCRLForCertificate(cert3, crl, 0, NULL);
|
||||
ok(ret, "CertIsValidCRLForCertificate failed: %08x\n", GetLastError());
|
||||
|
||||
CertFreeCRLContext(crl);
|
||||
|
@ -755,7 +785,7 @@ static void testIsValidCRLForCert(void)
|
|||
CertFreeCRLContext(crl);
|
||||
|
||||
/* One last test: a CRL in a different store than the cert is also valid
|
||||
* for the cert, so CertIsValidCRLForCertificate must always return TRUE?
|
||||
* for the cert.
|
||||
*/
|
||||
store = CertOpenStore(CERT_STORE_PROV_MEMORY, X509_ASN_ENCODING, 0,
|
||||
CERT_STORE_CREATE_NEW_FLAG, NULL);
|
||||
|
@ -774,6 +804,7 @@ static void testIsValidCRLForCert(void)
|
|||
|
||||
CertCloseStore(store, 0);
|
||||
|
||||
CertFreeCertificateContext(cert3);
|
||||
CertFreeCertificateContext(cert2);
|
||||
CertFreeCertificateContext(cert1);
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue