crypt32: Make chain tests more strict.

This commit is contained in:
Juan Lang 2007-09-11 12:49:27 -07:00 committed by Alexandre Julliard
parent a5833ac9f4
commit f0add11007
1 changed files with 15 additions and 27 deletions

View File

@ -1537,51 +1537,44 @@ static ChainCheck chainCheck[] = {
{ { sizeof(chain0) / sizeof(chain0[0]), chain0 }, { { sizeof(chain0) / sizeof(chain0[0]), chain0 },
{ { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER },
{ CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_IS_NOT_TIME_VALID, 0 }, { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_IS_NOT_TIME_VALID, 0 },
1, simpleStatus0 }, 1, simpleStatus0 }, 0 },
TODO_INFO },
{ { sizeof(chain1) / sizeof(chain1[0]), chain1 }, { { sizeof(chain1) / sizeof(chain1[0]), chain1 },
{ { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER },
{ CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_IS_NOT_SIGNATURE_VALID | { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_IS_NOT_SIGNATURE_VALID |
CERT_TRUST_IS_NOT_TIME_VALID, 0 }, CERT_TRUST_IS_NOT_TIME_VALID, 0 },
1, simpleStatus1 }, 1, simpleStatus1 }, 0 },
TODO_INFO },
{ { sizeof(chain2) / sizeof(chain2[0]), chain2 }, { { sizeof(chain2) / sizeof(chain2[0]), chain2 },
{ { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER },
{ CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_IS_NOT_TIME_VALID, 0 }, { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_IS_NOT_TIME_VALID, 0 },
1, simpleStatus2 }, 1, simpleStatus2 }, 0 },
TODO_INFO },
{ { sizeof(chain3) / sizeof(chain3[0]), chain3 }, { { sizeof(chain3) / sizeof(chain3[0]), chain3 },
{ { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER },
{ CERT_TRUST_INVALID_BASIC_CONSTRAINTS | CERT_TRUST_IS_UNTRUSTED_ROOT | { CERT_TRUST_INVALID_BASIC_CONSTRAINTS | CERT_TRUST_IS_UNTRUSTED_ROOT |
CERT_TRUST_IS_NOT_TIME_VALID, 0 }, CERT_TRUST_IS_NOT_TIME_VALID, 0 },
1, simpleStatus3 }, 1, simpleStatus3 }, 0 },
TODO_INFO },
{ { sizeof(chain4) / sizeof(chain4[0]), chain4 }, { { sizeof(chain4) / sizeof(chain4[0]), chain4 },
{ { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER },
{ CERT_TRUST_INVALID_BASIC_CONSTRAINTS | CERT_TRUST_IS_UNTRUSTED_ROOT | { CERT_TRUST_INVALID_BASIC_CONSTRAINTS | CERT_TRUST_IS_UNTRUSTED_ROOT |
CERT_TRUST_IS_NOT_TIME_VALID, 0 }, CERT_TRUST_IS_NOT_TIME_VALID, 0 },
1, simpleStatus4 }, 1, simpleStatus4 }, 0 },
TODO_INFO },
{ { sizeof(chain5) / sizeof(chain5[0]), chain5 }, { { sizeof(chain5) / sizeof(chain5[0]), chain5 },
{ { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER },
{ CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT | { CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT |
CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT | CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT |
CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, 1, simpleStatus5 }, CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, 1, simpleStatus5 },
TODO_ERROR | TODO_INFO }, TODO_ERROR },
{ { sizeof(chain6) / sizeof(chain6[0]), chain6 }, { { sizeof(chain6) / sizeof(chain6[0]), chain6 },
{ { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER },
{ CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, 1, simpleStatus6 }, { CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, 1, simpleStatus6 }, 0 },
TODO_INFO },
{ { sizeof(chain7) / sizeof(chain7[0]), chain7 }, { { sizeof(chain7) / sizeof(chain7[0]), chain7 },
{ { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER },
{ CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, 1, simpleStatus7 }, { CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, 1, simpleStatus7 }, 0 },
TODO_INFO },
{ { sizeof(chain8) / sizeof(chain8[0]), chain8 }, { { sizeof(chain8) / sizeof(chain8[0]), chain8 },
{ { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER },
{ CERT_TRUST_INVALID_BASIC_CONSTRAINTS | CERT_TRUST_IS_UNTRUSTED_ROOT | { CERT_TRUST_INVALID_BASIC_CONSTRAINTS | CERT_TRUST_IS_UNTRUSTED_ROOT |
CERT_TRUST_IS_NOT_TIME_VALID, 0 }, CERT_TRUST_IS_NOT_TIME_VALID, 0 },
1, simpleStatus8 }, 1, simpleStatus8 },
TODO_ERROR | TODO_INFO }, TODO_ERROR },
{ { sizeof(chain9) / sizeof(chain9[0]), chain9 }, { { sizeof(chain9) / sizeof(chain9[0]), chain9 },
{ { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER },
{ CERT_TRUST_HAS_NOT_SUPPORTED_NAME_CONSTRAINT | { CERT_TRUST_HAS_NOT_SUPPORTED_NAME_CONSTRAINT |
@ -1590,29 +1583,24 @@ static ChainCheck chainCheck[] = {
TODO_ERROR | TODO_INFO }, TODO_ERROR | TODO_INFO },
{ { sizeof(chain10) / sizeof(chain10[0]), chain10 }, { { sizeof(chain10) / sizeof(chain10[0]), chain10 },
{ { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER },
{ CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, 1, simpleStatus10 }, { CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, 1, simpleStatus10 }, 0 },
TODO_INFO },
{ { sizeof(chain11) / sizeof(chain11[0]), chain11 }, { { sizeof(chain11) / sizeof(chain11[0]), chain11 },
{ { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER },
{ CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, 1, simpleStatus10 }, { CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, 1, simpleStatus10 }, 0 },
TODO_INFO },
{ { sizeof(chain12) / sizeof(chain12[0]), chain12 }, { { sizeof(chain12) / sizeof(chain12[0]), chain12 },
{ { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER },
{ CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, 1, simpleStatus12 }, { CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, 1, simpleStatus12 }, 0 },
TODO_INFO },
{ { sizeof(selfSignedChain) / sizeof(selfSignedChain[0]), selfSignedChain }, { { sizeof(selfSignedChain) / sizeof(selfSignedChain[0]), selfSignedChain },
{ { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER },
{ CERT_TRUST_IS_NOT_TIME_VALID | CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, { CERT_TRUST_IS_NOT_TIME_VALID | CERT_TRUST_IS_UNTRUSTED_ROOT, 0 },
1, selfSignedSimpleStatus }, 1, selfSignedSimpleStatus }, 0 },
TODO_INFO },
/* The iTunes chain may or may not have its root trusted, so ignore the /* The iTunes chain may or may not have its root trusted, so ignore the
* error * error
*/ */
{ { sizeof(iTunesChain) / sizeof(iTunesChain[0]), iTunesChain }, { { sizeof(iTunesChain) / sizeof(iTunesChain[0]), iTunesChain },
{ { CERT_TRUST_IS_UNTRUSTED_ROOT, CERT_TRUST_HAS_PREFERRED_ISSUER }, { { CERT_TRUST_IS_UNTRUSTED_ROOT, CERT_TRUST_HAS_PREFERRED_ISSUER },
{ 0, 0 }, { 0, 0 },
1, iTunesSimpleStatus }, 1, iTunesSimpleStatus }, 0 },
TODO_INFO },
}; };
static const CERT_TRUST_STATUS elementStatus8NoStore[] = { static const CERT_TRUST_STATUS elementStatus8NoStore[] = {
@ -1627,7 +1615,7 @@ static ChainCheck chainCheckNoStore[] = {
{ { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER },
{ CERT_TRUST_IS_NOT_TIME_VALID | CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, { CERT_TRUST_IS_NOT_TIME_VALID | CERT_TRUST_IS_UNTRUSTED_ROOT, 0 },
1, selfSignedSimpleStatus }, 1, selfSignedSimpleStatus },
TODO_ERROR | TODO_INFO }, TODO_ERROR },
{ { sizeof(chain8) / sizeof(chain8[0]), chain8 }, { { sizeof(chain8) / sizeof(chain8[0]), chain8 },
{ { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER },
{ CERT_TRUST_INVALID_BASIC_CONSTRAINTS | CERT_TRUST_IS_UNTRUSTED_ROOT | { CERT_TRUST_INVALID_BASIC_CONSTRAINTS | CERT_TRUST_IS_UNTRUSTED_ROOT |