Commit Graph

750 Commits

Author SHA1 Message Date
Juan Lang 5f06293eb1 crypt32: Implement CertVerifyCertificateChainPolicy for the authenticode policy. 2007-09-11 12:36:34 +02:00
Juan Lang b56f0c5b68 crypt32: Implement CertVerifyCertificateChainPolicy for the base policy. 2007-09-11 12:36:27 +02:00
Juan Lang f23ec30534 crypt32: Add initial tests for CertVerifyCertificateChainPolicy. 2007-09-11 12:36:15 +02:00
Juan Lang 91c76955e7 crypt32: Add a stub for CertVerifyCertificateChainPolicy. 2007-09-11 12:36:10 +02:00
Juan Lang d7115ce33c crypt32: Support CRYPT_DECODE_TO_BE_SIGNED_FLAG. 2007-09-11 12:35:57 +02:00
Juan Lang 9663f9427b crypt32: Add a root store implementation that reads trusted certificates from well-known locations on the local system. 2007-09-11 11:57:06 +02:00
Juan Lang 391f826d49 crypt32: Add a function to create a certificate chain engine potentially before the root store is created. 2007-09-11 11:50:23 +02:00
Juan Lang 5e674f3580 crypt32: Consider alternate issuers when building chains. 2007-09-10 15:50:01 +02:00
Juan Lang 1fc8c60788 crypt32: Flags weren't set, so don't bother passing them. 2007-09-10 15:49:55 +02:00
Juan Lang a040dd22e7 crypt32: Defer checking signatures until chain is complete. 2007-09-10 15:49:50 +02:00
Juan Lang 56d4a3c392 crypt32: Don't ask CertGetIssuerCertificateFromStore to verify revocation status, it almost certainly doesn't do what we want. 2007-09-10 15:49:44 +02:00
Juan Lang dfd2d3d9bc crypt32: Don't abort chain creation if the root signature isn't valid. 2007-09-10 15:49:38 +02:00
Juan Lang 5b02947937 crypt32: Add special case for certificates with no signature algorithm. 2007-09-10 15:49:31 +02:00
Juan Lang d82f3f37a2 crypt32: Remove a misplaced todo_wine. 2007-09-10 15:49:24 +02:00
Juan Lang 69834b16ac crypt32: Set *ppChainContext even on error. 2007-09-10 15:49:13 +02:00
Juan Lang 31618f91dd crypt32: Test whether chain creation should fail when a root signature is invalid. 2007-09-10 15:49:07 +02:00
Juan Lang c4e07a5bfc crypt32: Separate allocating a simple chain and checking it from building it. 2007-09-10 15:49:01 +02:00
Juan Lang a82b36ac98 crypt32: Store world store in chain. 2007-09-10 15:48:55 +02:00
Juan Lang 818634d69a crypt32: Not finding an issuer shouldn't cause chain creation to fail. 2007-09-10 15:48:49 +02:00
Juan Lang 8698a598fc crypt32: Don't add end cert's store to world. 2007-09-10 15:48:43 +02:00
Juan Lang e9ee8c8717 crypt32: Open world store when creating chain, not when building a simple chain. 2007-09-10 15:48:35 +02:00
Juan Lang 1a059879bf crypt32: Make a helper function to create initial candidate chain. 2007-09-10 15:48:27 +02:00
Juan Lang 192ed7353d crypt32: Test that the end cert in a chain's store isn't implicitly searched for issuers. 2007-09-10 15:48:15 +02:00
Juan Lang 6aa03fc4c3 crypt32: Add more tests for getting issuer cert from store.
Show that certificates are added to memory stores at the head rather
than the tail.
2007-09-10 15:48:10 +02:00
Juan Lang 6c9b788fb8 crypt32: Check path length constraint on a chain. 2007-08-31 19:12:38 +02:00
Juan Lang 14b0df1fef crypt32: Set error status on issued certificate, not on issuer. 2007-08-31 19:12:33 +02:00
Juan Lang 1ce46d5e4a crypt32: Check whether each signing certificate can be a CA. 2007-08-31 19:12:28 +02:00
Juan Lang 51948b0c98 crypt32: Check time of each element in chain against requested time. 2007-08-31 19:12:23 +02:00
Juan Lang d06a24517f crypt32: Time validity nesting doesn't appear to be checked, so don't check it. 2007-08-31 19:12:18 +02:00
Juan Lang 03d76d97ec crypt32: Correct combining trust status of a chain's elements into the chain's trust status. 2007-08-31 19:12:12 +02:00
Juan Lang c39696eb14 crypt32: Don't fail chain creation if signature doesn't match. 2007-08-31 19:12:04 +02:00
Juan Lang 1540f24e92 crypt32: Don't fail chain creation if root isn't self-signed. 2007-08-31 19:11:53 +02:00
Juan Lang b8b787a810 crypt32: Halt chain creation when a cycle is detected. 2007-08-31 19:11:46 +02:00
Juan Lang 51a9d208ee crypt32: Implement CertDuplicateCertificateChain. 2007-08-31 19:11:41 +02:00
Juan Lang 3ef4c7e1cc crypt32: Remove unneeded WINAPI from internal function. 2007-08-31 19:11:35 +02:00
Juan Lang 0dc82780ca crypt32: Free lower quality chain contexts. 2007-08-31 19:11:30 +02:00
Juan Lang a4e88cb644 crypt32: Check chain root's trusted status regardless of whether its signature is valid. 2007-08-31 19:11:25 +02:00
Juan Lang 8cd7abf1be crypt32: Properly reference count certificate contexts referenced by a chain. 2007-08-31 19:11:19 +02:00
Juan Lang 45eef63a35 crypt32: Add a default cycle detection modulus. 2007-08-31 19:11:11 +02:00
Juan Lang cf2047fd72 crypt32: The preferred issuer flag appears to be a bug in XP, so don't set it. 2007-08-31 19:11:06 +02:00
Juan Lang 6a8a7362cc crypt32: Greatly expand certificate chain tests. 2007-08-31 18:01:56 +02:00
Juan Lang eda48d8868 crypt32: Set trust status on root element in chain. 2007-08-29 11:59:34 +02:00
Juan Lang ff26d428e3 crypt32: Partially implement CMSG_CTRL_VERIFY_SIGNATURE_EX. 2007-08-27 11:59:19 +02:00
Juan Lang f5b4806159 crypt32: Implement CryptVerifyMessageSignature. 2007-08-23 12:38:05 +02:00
Juan Lang 3a9e1d6648 crypt32: Test and correct verifying the signature of a valid signed message. 2007-08-23 12:37:59 +02:00
Juan Lang 4fb26709cd crypt32: Test encoding a signed message with a valid public key. 2007-08-22 12:59:37 +02:00
Juan Lang 6acd761646 crypt32: Explicitly terminate loop when a matching signer cert is found. 2007-08-22 12:59:32 +02:00
Juan Lang d4c318f295 crypt32: Only free allocated handles. 2007-08-22 12:34:04 +02:00
Juan Lang e52c80e53b crypt32: Test and implement CryptGetMessageSignerCount. 2007-08-22 12:33:59 +02:00
Juan Lang b9038be1ff crypt32: Implement CryptGetMessageCertificates. 2007-08-22 12:33:55 +02:00
Juan Lang b6032a41b3 crypt32: Trace encoding and decoding public keys on crypt channel. 2007-08-22 12:33:50 +02:00
Juan Lang b7e420429d crypt32: Implement verifying a decoded signed message's signature. 2007-08-21 22:09:35 +02:00
Juan Lang d3431271fa crypt32: Test and implement getting the computed hash from a decoded signed message. 2007-08-21 22:09:31 +02:00
Juan Lang ed6fbb2712 crypt32: Update a hash message's hash handles when decoding it. 2007-08-21 22:09:27 +02:00
Juan Lang d2dc7d78a9 crypt32: Move signed message data functions together. 2007-08-21 22:09:19 +02:00
Juan Lang f1f8e87b33 crypt32: Make constructing handles a member of signed msg data. 2007-08-21 22:09:15 +02:00
Juan Lang 07ba16c291 crypt32: Use a helper function to allocate signer handles. 2007-08-21 22:09:12 +02:00
Juan Lang 1f9d9be762 crypt32: Don't keep an unneeded copy of the crypto provider for each signer. 2007-08-21 22:09:08 +02:00
Juan Lang bfbc159d1e crypt32: Separate construction of signer handles from signer info. 2007-08-21 22:09:03 +02:00
Juan Lang c4dd74d84c crypt32: Add a helper function to construct a signer handles structure. 2007-08-21 22:08:59 +02:00
Juan Lang de88fedcce crypt32: Add helper function to update signed message data. 2007-08-21 22:08:54 +02:00
Juan Lang 1522282673 crypt32: Make more functions members of signed message data, rather than message. 2007-08-21 22:08:49 +02:00
Juan Lang bfde05d8b6 crypt32: Make updating a hash a member of signed message data, not signed message. 2007-08-21 22:08:45 +02:00
Juan Lang 0080d3d691 crypt32: Make a helper function to a free a signed message's handles. 2007-08-21 22:08:41 +02:00
Juan Lang 5e9299d980 crypt32: Use signed message data type for decoded signed messages. 2007-08-21 22:08:37 +02:00
Juan Lang 7748905743 crypt32: Make a signed message data type. 2007-08-21 22:08:24 +02:00
Juan Lang 3e88838b60 crypt32: Implement verifying the hash of a decoded hash message. 2007-08-21 22:08:20 +02:00
Juan Lang e7ce5ae2bc crypt32: Add a couple tests that show you can't get the hash from an encoded hash message, and fix encoded hash messages to match. 2007-08-21 22:08:15 +02:00
Juan Lang 163e8d6256 crypt32: Add a mostly stub control function for decode messages. 2007-08-21 22:08:11 +02:00
Juan Lang 31c414f4b4 crypt32: Add a default message control function pointer. 2007-08-21 22:08:06 +02:00
Juan Lang cc8948fefa crypt32: Add tests for CryptMsgControl. 2007-08-21 22:08:01 +02:00
Juan Lang 8c4330e732 crypt32: Test an encoded signed message with a cert with a public key. 2007-08-21 22:07:56 +02:00
Juan Lang 1d53424470 crypt32: Don't store the crypto provider when it isn't needed. 2007-08-20 11:52:21 +02:00
Juan Lang 9be5007669 crypt32: Don't store redundant copy of crypto provider in file store. 2007-08-20 11:52:12 +02:00
Juan Lang 065ed54f69 crypt32: Don't store redundant copy of crypto provider in reg store. 2007-08-20 11:52:05 +02:00
Juan Lang 4e1108533b crypt32: Pass crypto provider and appropriate flags when opening PKCS messages, and don't store a redundant copy of the crypto provider in message stores. 2007-08-20 11:51:57 +02:00
Juan Lang 71dffcee84 crypt32: Move file store to a separate file. 2007-08-17 12:01:38 +02:00
Juan Lang 0070d8226f crypt32: Move registry stores to a separate file. 2007-08-17 12:01:38 +02:00
Juan Lang 131f1d20e7 crypt32: Move provider stores to a separate file. 2007-08-17 12:01:38 +02:00
Juan Lang 9f85156e23 crypt32: Move collection stores to a separate file. 2007-08-17 12:01:38 +02:00
Juan Lang adaaab923d crypt32: Move cert store definitions to header. 2007-08-17 12:01:38 +02:00
Juan Lang f3128c9244 crypt32: Where possible, pass a pointer rather than an offset, it's less confusing. 2007-08-17 12:01:38 +02:00
Juan Lang 2a8aa87878 crypt32: Use externed vars for context variables. 2007-08-17 12:01:38 +02:00
Juan Lang 6aa10439a9 crypt32: Use public APIs to empty a store. 2007-08-17 12:01:37 +02:00
Juan Lang bc37988dff crypt32: Use public type and APIs for memory stores wherever possible. 2007-08-17 12:01:37 +02:00
Juan Lang afc50ce3fe crypt32: Remove some unnecessary casts. 2007-08-17 12:01:37 +02:00
Juan Lang f68036cebd crypt32: Rename a confusing type. 2007-08-17 12:01:37 +02:00
Juan Lang 1626da2bba crypt32: Free default chain engine. 2007-08-16 11:46:40 +02:00
Paul Vriens 16d9123377 crypt32/tests: Use GetModuleHandle and skip. 2007-08-15 10:48:55 +02:00
Juan Lang 714a3731eb crypt32: Set return value on exception.
Spotted by Paul Vriens.
2007-08-15 10:48:51 +02:00
Juan Lang 9a58b30819 crypt32: Initial implementation of CertGetCertificateChain and CertFreeCertificateChain. 2007-08-15 10:43:32 +02:00
Juan Lang 51651c7c5c crypt32: Add a chain test with real certificates. 2007-08-15 10:43:09 +02:00
Juan Lang abd6feaf93 crypt32: Add initial tests for certificate chains. 2007-08-15 10:43:01 +02:00
Juan Lang 0b2b1f8881 crypt32: Set output chain to NULL. 2007-08-15 10:42:53 +02:00
Juan Lang 466d8a01a5 crypt32: Add stub for CertFreeCertificateChain. 2007-08-15 10:42:48 +02:00
Juan Lang 1547f39800 crypt32: Move CertGetCertificateChain to chain.c. 2007-08-15 10:42:42 +02:00
Juan Lang 7316156d35 crypt32: Fix typo. 2007-08-15 10:42:35 +02:00
Juan Lang f1cb8057e7 crypt32: Fix typo. 2007-08-15 10:42:29 +02:00
Paul Vriens c0b88f880f crypt32/tests: Make tests run again on win95. 2007-08-14 12:46:38 +02:00
Juan Lang aa0f823429 crypt32: Test finding the issuer of a certificate. 2007-08-14 12:30:18 +02:00
Juan Lang f7bcc26cc5 crypt32: Avoid a memory allocation when decoding the subject key identifier extension. 2007-08-14 12:30:05 +02:00
Juan Lang d49c9d59d1 crypt32: Add missing break. 2007-08-14 12:29:56 +02:00
Juan Lang b82bfa3455 crypt32: Test authority key identifier with a multi-byte id to show that its byte-order is swapped and fix encoding and decoding it. 2007-08-14 12:29:51 +02:00
Juan Lang 3a50b1fea6 crypt32: Improve tracing when builtin function isn't available. 2007-08-13 11:32:51 +02:00
Juan Lang f848055151 crypt32: Use helper functions to simplify CryptEncodeObject and CryptEncodeObjectEx. 2007-08-13 11:32:42 +02:00
Juan Lang 5d8d9e7d08 crypt32: Validate parameters better in CryptDecodeObject. 2007-08-13 11:32:33 +02:00
Juan Lang 4c58c4bc2f crypt32: Use helper functions to simplify CryptDecodeObject and CryptDecodeObjectEx. 2007-08-13 11:32:23 +02:00
Juan Lang 038b53c301 crypt32: Ex encode/decode functions should call non-Ex versions if no Ex version is available. 2007-08-13 11:32:13 +02:00
Juan Lang 0c4c1985b0 crypt32: Add stub for I_CryptGetAsn1Decoder. 2007-08-10 12:58:17 +02:00
Juan Lang 84a54b5a1f crypt32: Trace more return values. 2007-08-10 12:58:17 +02:00
Juan Lang 9da1baa130 crypt32: Use real certificates to test finding subject certificates, and correct finding them. 2007-08-10 12:58:17 +02:00
Juan Lang 8778b9f506 crypt32: Correct loading OID functions from the registry. 2007-08-10 12:58:17 +02:00
Francois Gouget f045243542 crypt32/tests: Fix compilation on systems that don't support nameless unions. 2007-08-08 15:32:03 +02:00
Juan Lang c9a5410288 crypt32: According to MSDN, inner content is only decoded when the content type is data. 2007-08-08 15:32:01 +02:00
Juan Lang c5a213a816 crypt32: Add a couple traces. 2007-08-08 15:32:01 +02:00
Juan Lang bcbf5dcee3 crypt32: Test and correct finding a subject certificate. 2007-08-08 15:32:01 +02:00
Juan Lang d89528b016 crypt32: Use the authority key identifier to search for a certificate's issuer. 2007-08-08 15:32:00 +02:00
Juan Lang c91e591a95 crypt32: Fix typo. 2007-08-08 15:32:00 +02:00
Juan Lang 53087dbe12 crypt32: Introduce cryptasn debug channel to quiet down crypt traces. 2007-08-08 15:32:00 +02:00
Juan Lang 05d2ab176a crypt32: Implement CertRDNValueToStr for UTF-8 strings. 2007-08-08 15:32:00 +02:00
Francois Gouget f67fd2cfa4 crypt32: Better match the PSDK types and fix the winapi_check warnings. 2007-08-06 12:30:48 +02:00
Francois Gouget 74bf9f1f4e crypt32: Add and use HCRYPTPROV_LEGACY and HCRYPTPROV_OR_NCRYPT_KEY_HANDLE. 2007-08-03 12:44:41 +02:00
Juan Lang 0cc08cccb9 crypt32: Support finding certificates by cert id. 2007-08-03 12:36:49 +02:00
Juan Lang ac28066b48 crypt32: Test and fix getting a certificate context's key identifier property. 2007-08-03 12:36:43 +02:00
Juan Lang c98f605b0e crypt32: Test encoding a cert with a subject key identifier extension. 2007-08-03 12:36:36 +02:00
Juan Lang 0c5772dc0a crypt32: Test encoding a cert with a public key. 2007-08-03 12:36:16 +02:00
Juan Lang 5885eb3cc3 crypt32: Fix typo in key context property test, and the problems it hid. 2007-08-03 12:36:04 +02:00
Juan Lang 90824039ac crypt32: Add and use a helper function for getting cert properties. 2007-08-03 12:35:56 +02:00
Juan Lang 44948c3b38 crypt32: Implement decoding OID and directory name alt name entries. 2007-08-03 12:29:47 +02:00
Juan Lang 005b50e913 crypt32: Introduce a OID decoding function that ignores the tag and use it where the caller already checks the tag. 2007-08-03 12:29:39 +02:00
Juan Lang 676c6e5a36 crypt32: Implement encoding OID and directory name alt name entries. 2007-08-03 12:29:03 +02:00
Juan Lang 9194d60061 crypt32: Test encoding/decoding a couple more alt name entry types. 2007-08-03 12:28:40 +02:00
Juan Lang 0cb6148422 crypt32: Get rid of bogus check and improve traces for unexpected alt name entry types. 2007-08-03 12:28:32 +02:00
Juan Lang db513c0cb5 crypt32: Remove bad special case, it isn't necessary since the outer content specifies the hash algorithm. 2007-08-01 11:29:31 +02:00
Juan Lang e25b81fd9c crypt32: Use the outer content's signature algorithm rather than the public key's embedded algorithm. 2007-08-01 11:29:18 +02:00
Juan Lang 4e0f33dada crypt32: Support getting the inner content OID from a decoded signed message. 2007-07-31 11:16:04 +02:00
Juan Lang 014467031e crypt32: Get rid of attribute certs from signed info, they're not supported anyway. 2007-07-31 11:15:57 +02:00
Juan Lang a50d8dc1dd crypt32: Add a few traces. 2007-07-31 11:15:50 +02:00
Juan Lang f0509c49d1 crypt32: Simplify alignment calculation. 2007-07-31 11:15:41 +02:00
Juan Lang 04ef3c05f1 crypt32: Add CryptMsgControl stub. 2007-07-31 11:15:16 +02:00
Juan Lang 7e10d48c60 crypt32: Implement getting the signer cert info from a decoded signed message. 2007-07-31 11:15:08 +02:00
Juan Lang 555e85a2b2 crypt32: Implement getting signer info from a decoded signed message. 2007-07-31 11:14:46 +02:00
Juan Lang 5900ab1437 crypt32: Separate decoding PKCS signer info into internal and external versions. 2007-07-31 11:14:35 +02:00
Juan Lang d6150a7974 crypt32: Implement getting inner content of a decoded signed message. 2007-07-31 11:14:26 +02:00
Juan Lang 2acb8a2dd2 crypt32: Test getting more parameters from a decoded signed message. 2007-07-31 11:14:18 +02:00
Juan Lang c7f44c8ec7 crypt32: Implement message stores. 2007-07-30 12:53:42 +02:00
Juan Lang 6f2ae25441 crypt32: Only destroy a decoded message's hash if it's been created. 2007-07-30 12:53:34 +02:00
Juan Lang d76e1899ad crypt32: Add tests for message stores. 2007-07-30 12:53:27 +02:00
Juan Lang 115edc67e6 crypt32: Implement getting some parameters from a decoded signed message. 2007-07-30 12:53:20 +02:00
Juan Lang 9c7c9e545e crypt32: Change type to avoid unnecessary casting. 2007-07-30 12:53:09 +02:00