ReceiveTempSMS/Sweden-Number
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

crypt32: Set trust status on root element in chain.

Browse Source
This commit is contained in:
Juan Lang 2007-08-28 15:52:37 -07:00 committed by Alexandre Julliard
parent fbf3cef553
commit eda48d8868
1 changed files with 14 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
dlls/crypt32/chain.c
View File

@ -340,20 +340,25 @@ static BOOL CRYPT_BuildSimpleChain(HCERTCHAINENGINE hChainEngine,
} }
if (ret) if (ret)
{ {
PCCERT_CONTEXT root = chain->rgpElement[chain->cElement - 1]-> PCERT_CHAIN_ELEMENT rootElement =
pCertContext; chain->rgpElement[chain->cElement - 1];
PCCERT_CONTEXT root = rootElement->pCertContext;
if (!(ret = CRYPT_IsCertificateSelfSigned(root))) if (!(ret = CRYPT_IsCertificateSelfSigned(root)))
TRACE("Last certificate is not self-signed\n"); TRACE("Last certificate is not self-signed\n");
else else
{ {
chain->rgpElement[chain->cElement - 1]->TrustStatus.dwInfoStatus rootElement->TrustStatus.dwInfoStatus |=
|= CERT_TRUST_IS_SELF_SIGNED; CERT_TRUST_IS_SELF_SIGNED;
if (!(ret = CryptVerifyCertificateSignatureEx(0, if (!(ret = CryptVerifyCertificateSignatureEx(0,
root->dwCertEncodingType, CRYPT_VERIFY_CERT_SIGN_SUBJECT_CERT, root->dwCertEncodingType, CRYPT_VERIFY_CERT_SIGN_SUBJECT_CERT,
(void *)root, CRYPT_VERIFY_CERT_SIGN_ISSUER_CERT, (void *)root, (void *)root, CRYPT_VERIFY_CERT_SIGN_ISSUER_CERT, (void *)root,
0, NULL))) 0, NULL)))
{
TRACE("Last certificate's signature is invalid\n"); TRACE("Last certificate's signature is invalid\n");
rootElement->TrustStatus.dwErrorStatus |=
CERT_TRUST_IS_NOT_SIGNATURE_VALID;
}
} }
if (ret) if (ret)
{ {
@ -367,11 +372,15 @@ static BOOL CRYPT_BuildSimpleChain(HCERTCHAINENGINE hChainEngine,
trustedRoot = CertFindCertificateInStore(engine->hRoot, trustedRoot = CertFindCertificateInStore(engine->hRoot,
root->dwCertEncodingType, 0, CERT_FIND_SHA1_HASH, &blob, NULL); root->dwCertEncodingType, 0, CERT_FIND_SHA1_HASH, &blob, NULL);
if (!trustedRoot) if (!trustedRoot)
chain->TrustStatus.dwErrorStatus |= rootElement->TrustStatus.dwErrorStatus |=
CERT_TRUST_IS_UNTRUSTED_ROOT; CERT_TRUST_IS_UNTRUSTED_ROOT;
else else
CertFreeCertificateContext(trustedRoot); CertFreeCertificateContext(trustedRoot);
} }
chain->TrustStatus.dwErrorStatus |=
rootElement->TrustStatus.dwErrorStatus;
chain->TrustStatus.dwInfoStatus |=
rootElement->TrustStatus.dwInfoStatus & ~CERT_TRUST_IS_SELF_SIGNED;
} }
if (!ret) if (!ret)
{ {