ReceiveTempSMS/Sweden-Number
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

cryptnet: Check CRL with verify time in CertDllVerifyRevocation.

Browse Source
This commit is contained in:
Juan Lang 2009-11-20 12:09:21 -08:00 committed by Alexandre Julliard
parent eee179206e
commit ff57ba9d7c
1 changed files with 37 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
dlls/cryptnet/cryptnet_main.c
View File

@ -1441,6 +1441,15 @@ BOOL WINAPI CryptRetrieveObjectByUrlW(LPCWSTR pszURL, LPCSTR pszObjectOid,
return ret; return ret;
} }
typedef struct _CERT_REVOCATION_PARA_NO_EXTRA_FIELDS {
DWORD cbSize;
PCCERT_CONTEXT pIssuerCert;
DWORD cCertStore;
HCERTSTORE *rgCertStore;
HCERTSTORE hCrlStore;
LPFILETIME pftTimeToUse;
} CERT_REVOCATION_PARA_NO_EXTRA_FIELDS, *PCERT_REVOCATION_PARA_NO_EXTRA_FIELDS;
typedef struct _OLD_CERT_REVOCATION_STATUS { typedef struct _OLD_CERT_REVOCATION_STATUS {
DWORD cbSize; DWORD cbSize;
DWORD dwIndex; DWORD dwIndex;
@ -1457,6 +1466,8 @@ BOOL WINAPI CertDllVerifyRevocation(DWORD dwEncodingType, DWORD dwRevType,
{ {
DWORD error = 0, i; DWORD error = 0, i;
BOOL ret; BOOL ret;
FILETIME now;
LPFILETIME pTime = NULL;
TRACE("(%08x, %d, %d, %p, %08x, %p, %p)\n", dwEncodingType, dwRevType, TRACE("(%08x, %d, %d, %p, %08x, %p, %p)\n", dwEncodingType, dwRevType,
cContext, rgpvContext, dwFlags, pRevPara, pRevStatus); cContext, rgpvContext, dwFlags, pRevPara, pRevStatus);
@ -1472,6 +1483,14 @@ BOOL WINAPI CertDllVerifyRevocation(DWORD dwEncodingType, DWORD dwRevType,
SetLastError(E_INVALIDARG); SetLastError(E_INVALIDARG);
return FALSE; return FALSE;
} }
if (pRevPara && pRevPara->cbSize >=
sizeof(CERT_REVOCATION_PARA_NO_EXTRA_FIELDS))
pTime = pRevPara->pftTimeToUse;
if (!pTime)
{
GetSystemTimeAsFileTime(&now);
pTime = &now;
}
memset(&pRevStatus->dwIndex, 0, pRevStatus->cbSize - sizeof(DWORD)); memset(&pRevStatus->dwIndex, 0, pRevStatus->cbSize - sizeof(DWORD));
if (dwRevType != CERT_CONTEXT_REVOCATION_TYPE) if (dwRevType != CERT_CONTEXT_REVOCATION_TYPE)
{ {
@ -1524,18 +1543,27 @@ BOOL WINAPI CertDllVerifyRevocation(DWORD dwEncodingType, DWORD dwRevType,
(void **)&crl, NULL, NULL, NULL, NULL); (void **)&crl, NULL, NULL, NULL, NULL);
if (ret) if (ret)
{ {
PCRL_ENTRY entry = NULL; if (CertVerifyCRLTimeValidity(pTime, crl->pCrlInfo))
CertFindCertificateInCRL(
rgpvContext[i], crl, 0, NULL,
&entry);
if (entry)
{ {
error = CRYPT_E_REVOKED; /* The CRL isn't time valid */
pRevStatus->dwIndex = i; error = CRYPT_E_NO_REVOCATION_CHECK;
ret = FALSE; ret = FALSE;
} }
else if (timeout) else
{
PCRL_ENTRY entry = NULL;
CertFindCertificateInCRL(
rgpvContext[i], crl, 0, NULL,
&entry);
if (entry)
{
error = CRYPT_E_REVOKED;
pRevStatus->dwIndex = i;
ret = FALSE;
}
}
if (ret && timeout)
{ {
DWORD time = GetTickCount(); DWORD time = GetTickCount();