0a866d0e45
crypt32: Avoid using HIWORD() on a string pointer.
...
The stray IS_INTRESOURCE() is applied to a true resource. The other
strings are OIDs and not resources.
2010-01-29 14:59:02 +01:00
d1e592ad20
crypt32/tests: Fix compilation on systems that don't support nameless unions.
2009-12-08 17:42:25 +01:00
9c56314e3d
crypt32: Further fix test failures.
2009-12-02 12:12:50 +01:00
6b8c053218
crypt32: Fix test failures.
2009-12-01 12:24:00 +01:00
90c160c3d8
crypt32: Revert 8ed5a777de.
...
Ordinarily removing tests seems like a bad idea, but in this case it
seems the only rational response to the test failures the tests
produce. The tests check the state of three bits with a variety of
certificate and CRL combinations. One of these bits is apparently not
set by any version of Windows for any of the tests. Testing its
absence doesn't seem correct, and I'll explain why in more detail in a
second. Every permutation of the remaining two bits appears on at
least one Windows version, and no Windows version is obviously more
correct than the rest, so testing them doesn't seem worthwhile.
The one bit that doesn't appear to be set is the bit saying that a
certificate is revoked. I created CRLs that do in fact revoke some of
the tested certificates, so it appears to me that the bit should be
set. It's possible that Windows doesn't bother checking the
revocation status of a certificate whose anchor isn't trusted, but
it's impossible to test this in an automated regression test suite,
because adding a trusted certificate requires clicking OK (or its
equivalent) in a dialog. The dialog is invoked by the system process,
so I can't use a dialog hook to suppress it. I can test this
hypothesis manually, but it isn't possible to do so in an automated
way.
2009-11-30 12:57:53 +01:00
1a392e1a30
crypt32: Support checking the requested usage for a chain.
2009-11-21 14:31:44 +01:00
e611a83962
crypt32: Test verifying the enhanced key usage of a chain.
2009-11-21 14:31:44 +01:00
a3c6bc68c8
crypt32: Assume revocation server is offline if revocation status isn't known.
2009-11-20 11:14:52 +01:00
8ed5a777de
crypt32: Test revocation checking with CertGetCertificateChain.
2009-11-20 11:14:41 +01:00
a299470622
crypt32/tests: Fix another test failure.
2009-11-17 15:14:53 +01:00
8adc75b3ec
crypt32: Fix more test failures.
2009-11-16 11:34:31 +01:00
c4b997bab3
crypt32: Set CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS when a certificate's name constraints are met.
2009-11-16 11:33:58 +01:00
9aee8fd556
crypt32: Fix test failures.
2009-11-13 11:52:25 +01:00
21ecc84620
crypt32: Accept any matching dNSName in a subject alternate name.
2009-11-13 11:52:25 +01:00
95a14deff9
crypt32: Add tests for cs.stanford.edu's chain.
2009-11-13 11:52:25 +01:00
d311cc9bdb
crypt32: Use broken() to mark an expected result from a broken version of crypt32.
2009-11-13 11:52:25 +01:00
b91d0c8bde
crypt32: Implement matching a certificate with a wildcard in its name.
2009-11-13 11:52:24 +01:00
e740672647
crypt32: Test matching a certificate with a wildcard in its name.
2009-11-13 11:52:24 +01:00
a29789e0bf
crypt32: Add openssl.org's cert to the tested chains.
2009-11-13 11:52:24 +01:00
574de15f51
crypt32: Fix more test failures on older crypt32 versions.
2009-11-12 13:11:38 +01:00
ba3433fa02
crypt32: Fix more test failures on older crypt32 versions.
2009-11-12 13:11:32 +01:00
d7c9bd13a2
crypt32: Fix test failures on multiple Windows versions.
2009-11-11 10:55:51 +01:00
300d5fe5c4
crypt32: Correct error when a matching name constraint is found.
2009-11-11 10:55:44 +01:00
ee02d43731
crypt32: Correct error when a constrained, permitted name type isn't found in the subject name.
2009-11-10 13:08:31 +01:00
ae6e884142
crypt32: Correct error when the subject alternate name can't be decoded.
2009-11-10 13:08:20 +01:00
ef6ce9a590
crypt32: Add more tests of name constraints.
2009-11-10 13:08:06 +01:00
a5361e45de
crypt32: Test more chains against different policies.
2009-11-10 13:07:35 +01:00
e1b2eb3485
crypt32: Fix a test failure on NT 4.
2009-11-05 11:57:13 +01:00
af3afcf81d
crypt32: Fix a memory leak in a test.
2009-11-03 21:29:29 +01:00
77472187c9
crypt32: Add key usage extension to chain4_0.
2009-10-30 11:26:15 +01:00
9a13e1c70b
crypt32: Add basic constraints to chain15_0.
2009-10-30 11:23:58 +01:00
118374c081
crypt32: Add basic constraints to chain14_0.
2009-10-30 11:23:53 +01:00
0bd67b4c6f
crypt32: Add basic constraints and key usage to chain12_0.
2009-10-30 11:23:47 +01:00
002439e2f0
crypt32: Add basic constraints and key usage to chain8_0.
2009-10-30 11:23:41 +01:00
4557a8705b
crypt32: Add basic constraints and key usage to chain5_0.
2009-10-30 11:23:35 +01:00
86d6177215
crypt32: Add basic constraints and key usage to chain2_0.
2009-10-30 11:23:27 +01:00
6bf0e52011
crypt32: Add basic constraints and key usage to chain0_0.
2009-10-30 11:23:22 +01:00
2fbb736e01
crypt32: Add some tests of the SSL policy.
2009-10-29 13:07:47 +01:00
facd2e975a
crypt32: Allow the caller of checkChainPolicyStatus to specify the date to test with and additional policy parameters.
2009-10-29 13:07:39 +01:00
3669be9550
crypt32: Add the Google website's cert to tests.
2009-10-29 13:07:33 +01:00
eea0d75ed5
crypt32: Fix test failures on older versions of crypt32.
2009-10-22 17:24:52 +02:00
7fa618aa8e
crypt32: Check key usage during chain validation.
2009-10-21 16:21:53 +02:00
f2057592bf
crypt32: Add tests for key usage in the base policy.
2009-10-21 16:21:49 +02:00
a700e0556f
crypt32: Add key usage extension to non-root CA certs.
2009-10-21 16:21:44 +02:00
c0872b218c
crypt32/tests: Get rid of a couple of certs unneeded by a test.
2009-10-20 14:00:35 +02:00
4a5ecb3236
crypt32/tests: Fix a test failure on Vista and higher.
2009-09-23 12:34:49 +02:00
2f112cf5ee
crypt32: CertGetCertificateChain does not validate the size of the CERT_CHAIN_PARA structure.
2009-09-22 16:20:58 +02:00
ca18de9512
crypt32/tests: Remove test that crashes on Win7.
2009-08-25 14:56:14 +02:00
efa555596b
crypt32/tests: Print a better error if no Verisign root certificates available.
2009-05-04 12:52:35 +02:00
df4d664582
crypt32/tests: Use win_skip() to skip over unimplemented functionality.
2009-02-24 16:57:27 +01:00
Michael Stefaniuc