641d74845d
crypt32/tests: Make sure to use a return value (LLVM/Clang).
2011-02-11 14:47:54 +01:00
29b5aab026
crypt32/tests: Make sure to use return values (LLVM/Clang).
2011-02-11 14:47:47 +01:00
c6301aec11
crypt32/tests: Don't check return values inside of if(0) (LLVM/Clang).
2011-02-11 14:47:38 +01:00
f6364bf970
crypt32/tests: Make sure to use a return value (LLVM/Clang).
2011-02-11 14:47:15 +01:00
4d5293bd81
crypt32/tests: Make sure to use return values (LLVM/Clang).
2011-02-11 14:47:09 +01:00
2910cf9660
crypt32: Allow updating data messages with no content.
2011-02-11 14:46:37 +01:00
07297ea9d0
crypt32/tests: In more recent Windows versions, updating a data message with no content succeeds.
2011-02-11 14:46:32 +01:00
14626a7804
crypt32/tests: Update a CryptMsgUpdate call to succeed on more Windows versions, and check its return value (Clang).
2011-02-11 14:46:24 +01:00
f900a8b035
crypt32/tests: Make sure to use return values (LLVM/Clang).
2011-02-10 09:57:12 -06:00
e48b34cdb3
crypt32/tests: Make sure to use return values (LLVM/Clang).
2011-02-09 09:28:47 -06:00
4d41bdd107
crypt32: Remove helper variable i (Clang).
2011-02-08 14:48:43 -06:00
179a01f2e2
crypt32/tests: Make sure to use return value (LLVM/Clang).
2011-02-07 10:06:19 -06:00
74cf35d2ab
crypt32: Fix string quoting in CertRDNValueToStrA/W and CertNameToStrA/W.
...
Based on an idea of Christian Inci's.
2011-02-02 12:23:28 +01:00
307e247f21
crypt32/tests: Test CertNameToStr's quoting behavior with CERT_SIMPLE_NAME_STR.
2011-02-02 12:23:11 +01:00
5bf4aec163
crypt32/tests: Add tests that show that CertRDNValueToStr doesn't quote (based on a patch by Christian Inci).
2011-02-02 12:23:03 +01:00
36bc1c7f8f
crypt32/tests: Don't assign a return value that's never checked (clang).
2011-01-31 17:58:19 +01:00
2984605602
crypt32/tests: Remove dead assignments (clang).
2011-01-31 17:58:14 +01:00
a4fe05a0f3
crypt32/tests: Test some return values (clang).
2011-01-31 17:58:07 +01:00
d0f1e19532
crypt32/tests: Test return value rather than output buffer before checking buffer contents (clang).
2011-01-31 17:57:59 +01:00
862eab2820
crypt32: Ensure temporary string is NULL-terminated to avoid uninitialized memory access (valgrind).
2011-01-20 12:20:02 +01:00
c3bc7f2cba
crypt32: Simplify a function.
2011-01-20 12:19:43 +01:00
98834637eb
crypt32: Ensure that chain validity time is initialized (valgrind).
2011-01-19 18:34:54 +01:00
a9efbf8926
crypt32: Remove no-ops.
2011-01-19 12:32:30 +01:00
687e29b912
crypt32: Fix memory leaks when encoding fails.
2011-01-19 12:32:19 +01:00
d51a7940bc
crypt32: Fix memory leaks when decoding fails (valgrind).
2011-01-19 12:22:48 +01:00
fdd0114407
crypt32: Fix memory leak (Valgrind).
2011-01-18 13:23:10 +01:00
7f0db79491
crypt32: Add stub for CertRegisterPhysicalStore.
2011-01-17 13:22:05 +01:00
c485b18201
crypt32: Convert translations to po files.
2011-01-06 13:56:08 +01:00
896be41143
crypt32: Handle NULL ptr leak in CryptDecodeObjectEx (Coverity).
2011-01-03 11:28:08 +01:00
aa16c89b29
crypt32: NULL ptr could leak into function (Coverity).
2010-12-31 16:27:36 +01:00
ef39e0ec1a
crypt32: Don't open code CONTAINING_RECORD().
2010-12-29 11:59:34 +01:00
e3a5ba5478
crypt32: Update Korean resource.
2010-12-21 00:20:27 +01:00
667aeb3ede
crypt32: Accept any matching CN when checking a certificate's name.
2010-12-17 13:26:01 +01:00
f44ae748c0
crypt32: Implement getting content and some parameters from a decoded enveloped message.
2010-12-16 11:23:03 +01:00
dd75ab38c6
crypt32: Implement decoding enveloped messages.
2010-12-16 11:22:54 +01:00
b012ffba58
crypt32: Use allocation function with the correct prototype in CMSG_CONTENT_ENCRYPT_INFO.
2010-12-09 17:43:34 +01:00
02ab124cd2
crypt32: Implement CryptEncryptMessage.
2010-12-08 16:50:58 +01:00
6ad5416f32
crypt32: Implement getting content of an enveloped message.
2010-12-02 15:01:09 +01:00
03e94320c2
crypt32: Implement updating enveloped messages.
2010-12-02 15:01:08 +01:00
c3a2f7a3d1
crypt32: Save some info needed for creating enveloped messages.
2010-12-02 15:00:56 +01:00
6fcca28b07
crypt32: Add a stub enveloped message implementation.
2010-12-01 17:16:22 +01:00
f48b0aa6a2
crypt32/tests: Fix test failures on some Win95 and some NT4.
2010-11-25 16:56:27 +01:00
b9c122f15e
crypt32/tests: Skip more tests.
2010-11-25 16:56:09 +01:00
d8cad3eb1b
crypt32/tests: Use pCryptAcquireContextA.
2010-11-24 12:06:31 +01:00
676d5db65a
crypt32/tests: Fix test failures on WinME and some NT4.
2010-11-24 12:06:11 +01:00
113c614525
crypt32/tests: Do not crash on some Win98.
2010-11-24 12:06:04 +01:00
107a95d86b
crypt32: Add CertFindChainInStore stub.
2010-11-17 11:16:58 +01:00
6462283fbe
crypt32/tests: Add tests for CMSG_RECIPIENT_COUNT_PARAM and CMSG_RECIPIENT_INFO_PARAM.
2010-11-03 14:48:10 +01:00
661a8f3787
crypt32/test: When using dynamic binding for functions, do it in all locations.
2010-11-03 11:08:55 +01:00
5e17fe9a51
crypt32/tests: CertAddCertificateLinkToStore is not present on W98.
2010-11-03 11:08:55 +01:00
5328687fb5
crypt32/tests: Add tests for decoding enveloped messages.
2010-11-02 15:29:01 +01:00
f45ac5a4a2
crypt32/tests: Add tests for enveloped messages.
2010-11-01 14:53:32 +01:00
dd7a45be7c
crypt32: Check revocation status of chain element-by-element.
...
Due to a quirk in CertVerifyRevocation (see its tests), checking an
entire chain doesn't appear to be supported, even though the API would
appear to support doing so. Checking element by element allows
revocation to be checked for the entire chain.
2010-10-25 13:52:50 +02:00
8714c11247
crypt32: Pass additional store to CertVerifyRevocation.
2010-10-25 13:52:50 +02:00
2b8cad3235
crypt32/tests: Fix test failures on Win98/NT4.
2010-10-21 16:16:14 +02:00
a1352035d1
crypt32: Implement CertRDNValueToStr for UTF8 strings.
2010-10-20 12:32:58 +02:00
8f2821ac77
crypt32: The newline character must also be quoted.
2010-10-20 12:31:53 +02:00
7833f30721
crypt32: Correct Unicode quoting of BMP strings.
2010-10-20 12:31:46 +02:00
bf70d35529
crypt32/tests: Show expected values in ok output.
2010-10-20 12:31:24 +02:00
e21cb8fb9d
crypt32/tests: Test more Unicode encoded string to string conversions.
2010-10-20 12:31:18 +02:00
4141625284
crypt32: Remove unneeded comments.
2010-10-20 12:31:10 +02:00
c4ae9e9c5a
crypt32/tests: Add more tests of the authenticode policy.
2010-10-19 10:19:21 +02:00
ca7512d296
crypt32: Trace certificate chain verification parameters.
2010-10-19 10:19:17 +02:00
c654606405
crypt32: Remove broken UTF-8 string decoding support.
2010-10-19 10:19:11 +02:00
dcafe721bf
crypt32: Implement quoting of BMP strings.
2010-10-19 10:18:59 +02:00
993068038e
crypt32: Implement quoting of simple string types.
2010-10-19 10:18:53 +02:00
462af2f91b
crypt32: Test more encoded string to string conversions.
2010-10-19 10:18:45 +02:00
8b3681e921
crypt32: Test encoding more quoted strings.
2010-10-19 10:18:39 +02:00
ce5a8aab83
crypt32: Update Swedish translation.
2010-10-18 11:51:30 +02:00
fe8a5ac44d
crypt32: Updated Norwegian translation.
2010-10-15 16:18:09 +02:00
4d5a851ca8
crypt32: Add Japanese translation.
2010-10-15 11:35:57 +02:00
63a05db41c
crypt32: Trace time value in addition to address of time value.
2010-10-15 11:33:21 +02:00
b6cd08f436
crypt32: Use A functions for debug string that's only used as an ASCII string.
2010-10-15 11:33:12 +02:00
6f2513d39a
crypt32: Avoid relying on PATH_MAX in import_certs_from_dir helper.
...
PATH_MAX is not guaranteed to be available on all platforms, and it is
inadequate as a hardcoded buffer size anyway.
2010-10-08 11:56:45 +02:00
6e89a61446
crypt32/tests: Test OpenSSL chain separately to address test failures on Win98.
2010-10-06 20:46:51 +02:00
251ccfc848
crypt32/tests: Fix another test failure on Win98.
2010-10-06 20:46:51 +02:00
8fbcad75ba
crypt32/tests: Add name to test to help identify test failures.
2010-10-06 20:46:50 +02:00
d8fcffc7e7
crypt32/tests: Fix more Win9x failures.
2010-10-06 20:46:50 +02:00
3e437ec537
crypt32/tests: Fix test failures on NT4/Win9x.
2010-10-06 20:46:50 +02:00
25a8d301c1
crypt32: Set correct error when encountering unsupported critical extensions in the base and SSL policy.
2010-10-06 20:46:50 +02:00
5b79eb977b
crypt32/tests: Add macros to declare tests.
2010-10-06 20:46:50 +02:00
6ff8184e15
crypt32/tests: Add name to test to help identify test failures.
2010-10-06 20:46:50 +02:00
b1899c2066
crypt32: Set CERT_TRUST_HAS_NOT_SUPPORTED_CRITICAL_EXT when appropriate.
2010-10-06 20:46:49 +02:00
d5bcf21c91
crypt32/tests: Test the base and SSL policies against a certificate with an invalid critical extension.
2010-10-06 20:46:49 +02:00
ab1a3ccede
crypt32/tests: Test invalid critical extension in intermediate cert.
2010-10-06 20:46:49 +02:00
966d722752
crypt32: Improve error checking for the base policy.
2010-10-06 14:41:04 +02:00
c4c70b608c
crypt32/tests: Add more tests of verifying the base policy, including flags to ignore certain errors.
2010-10-06 14:41:04 +02:00
a3fcddc559
crypt32: Fix German translation.
2010-10-04 15:00:05 +02:00
d7bd274eed
crypt32/tests: Make some variables static.
2010-10-01 13:36:03 +02:00
be3a5e368f
crypt32: Check revocation failures when verifying the SSL policy.
2010-09-30 11:16:44 +02:00
da11d66bff
crypt32: Check usage when verifying the SSL policy.
2010-09-30 11:16:40 +02:00
d74c4f7c15
crypt32: Honor more SECURITY_FLAG_IGNORE flags when verifying the SSL policy.
2010-09-30 11:16:36 +02:00
54429016eb
crypt32/tests: Test more SECURITY_FLAG_IGNORE flags for the SSL policy.
2010-09-30 11:16:28 +02:00
ef24756291
crypt32: Remove redundant NULL check before CryptMemFree (Smatch).
2010-09-29 10:06:01 +02:00
604e39dde5
crypt32: Add parameter checking to CryptSIPCreateIndirectData.
2010-09-24 18:20:27 +02:00
476552c5b5
crypt32/tests: Add a test for CryptEncryptMessage.
2010-09-22 19:57:17 +02:00
6100724cd7
crypt32: Update Italian translation.
2010-09-21 17:53:53 +02:00
81b8ee863e
makefiles: Add a standard header for all makefiles to replace the common variable initializations.
2010-09-19 12:36:48 +02:00
dfd3e2dcd5
crypt32: Add a stub for CryptEncryptMessage.
2010-09-18 13:07:28 +02:00
190c3518d6
crypt32: Initialize HashEncryptionAlgorithm.
2010-09-16 13:59:06 -05:00
8cdf146317
crypt32: Implement CryptSignMessage.
2010-09-16 13:59:01 -05:00
665ede7517
crypt32/tests: Add a test for CryptSignMessage.
2010-09-15 11:28:54 -05:00
3bea7f943e
crypt32: Add stub for CryptSignMessage.
2010-09-13 14:46:41 -05:00
5687a16407
crypt32: Update Italian translation.
2010-09-09 19:28:32 +02:00
78c9015861
crypt32: Correct CryptVerifyMessageSignature's use of pcbDecoded.
2010-08-23 11:52:03 +02:00
faa917b567
crypt32/tests: Test pcbDecoded parameter to CryptVerifyMessageSignature more thoroughly.
2010-08-23 11:51:53 +02:00
4bdeb7dcb3
crypt32: Constify some variables.
2010-08-20 13:21:30 +02:00
a4435e3adc
crypt32: Only clear *pcbDecoded on error in CryptVerifyMessageSignature.
2010-08-19 17:32:18 +02:00
aaf285c15d
crypt32: Constify some variables.
2010-08-18 09:47:42 +02:00
d6c9c7a08b
crypt32: Honor SECURITY_FLAG_IGNORE_CERT_CN_INVALID.
2010-08-16 17:28:55 +02:00
e922faec4a
crypt32/tests: Add a test of SSL_EXTRA_CERT_CHAIN_POLICY_PARA's fdwChecks field.
2010-08-16 17:28:55 +02:00
28e1ec4467
crypt32: Constify some variables.
2010-08-16 13:46:37 +02:00
761f5ca105
crypt32: Constify some variables.
2010-08-16 13:46:33 +02:00
304fdd3226
crypt32: Ukrainian translation update.
2010-07-28 16:28:20 +02:00
780ce8eb19
crypt32: Remove the ignored common resource attributes.
2010-07-22 11:41:35 +02:00
b86d515ed6
dlls: Remove explicit imports of kernel32 and ntdll.
2010-07-21 17:38:36 +02:00
adabcc6499
crypt32: Update Portuguese (Brazilian) translation.
2010-07-07 16:14:04 +02:00
7ef1e2d6b2
crypt32: Update Portuguese (Brazilian) translation.
2010-07-06 11:18:14 +02:00
da4b0070b8
crypt32: Add Hungarian translation.
2010-06-29 10:52:23 +02:00
e9c90a6fee
crypt32: Ukrainian translation update.
2010-06-28 11:44:07 +02:00
fea384cea4
crypt32/tests: Add a trailing '\n' to ok() calls.
2010-06-22 20:03:27 +02:00
10a6168173
crypt32: Add Italian translation.
2010-06-17 11:47:38 +02:00
88a016184d
crypt32: Add support for CERT_STORE_PROV_SERIALIZED to CertOpenStore.
2010-06-16 11:44:48 +02:00
06a3cea1cd
crypt32: Increment current pointer on successful reads from memory.
2010-06-16 11:44:34 +02:00
02b9e3198a
crypt32: Terminate reading a serialized store upon reading an empty property.
2010-06-16 11:44:33 +02:00
ecbb3c3f18
crypt32/tests: Test opening serialized stores.
2010-06-16 11:44:21 +02:00
1cff4f5229
crypt32: Add support for szCERT_STORE_PROV_PKCS7 to CertOpenStore.
2010-06-16 10:40:43 +02:00
208e4ea231
crypt32: Add the Polish translation.
2010-06-07 12:54:48 +02:00
1d94702431
crypt32/tests: Always compare serialized stores in memory.
2010-05-26 10:10:10 +02:00
6451b9621e
crypt32/tests: Test an otherwise unused return value.
2010-05-26 10:10:05 +02:00
d0b7cc5bb9
crypt32/tests: Improve granularity of testing a store's serialized form.
2010-05-26 10:10:01 +02:00
c79aad51cd
crypt32: Implement wildcard domain name matching in subject alternative names.
2010-05-21 14:37:52 +02:00
1d79e5de9a
crypt32/tests: Test wildcards in subject alternative name.
2010-05-20 13:47:53 +02:00
fbd3a1dd7b
crypt32/tests: Allow specifying a chain engine when verifying a chain policy.
2010-05-20 13:47:53 +02:00
742b4f37c8
crypt32/tests: Allow specifying a chain engine when creating a certificate chain.
2010-05-20 13:47:53 +02:00
d298e1e614
crypt32: Support hExclusiveRoot when creating a certificate chain engine.
2010-05-20 13:47:53 +02:00
d3db308853
crypt32: Update definition of CERT_CHAIN_ENGINE_CONFIG.
2010-05-20 13:47:53 +02:00
d728169d97
crypt32: Implement CertAddCertificateLinkToStore on top of CertAddCertificateContextToStore.
2010-05-17 12:42:31 +02:00
99b9e1ae36
crypt32: Prohibit adding links to collection stores.
2010-05-17 12:42:31 +02:00
76fc5c8bc5
crypt32: Validate add disposition before checking source certificate's properties.
2010-05-17 12:42:31 +02:00
0dfb0299f6
crypt32/tests: Test CertAddCertificateLinkToStore.
2010-05-17 12:42:31 +02:00
c232af490e
crypt32: Add stub for CERT_STORE_CTRL_AUTO_RESYNC of registry stores.
2010-05-17 12:42:31 +02:00
52ead99288
crypt32/tests: Remove variable entry which is not really used from test_decodeCRLToBeSigned.
2010-05-05 10:52:03 +02:00
abae415487
crypt32/tests: Tighten tests in testPortPublicKeyInfo.
2010-05-03 16:48:56 +02:00
87416f5a3b
crypt32: Fix computation of structure sizes in CRYPT_AsnDecodeSequence.
2010-04-07 23:07:43 +02:00
ca41486b8a
crypt32: Fix type of empty in encodeBase64W().
2010-03-26 10:32:23 +01:00
7eb61a6e5c
crypt32: Use an empty string as a separator when no separator is desired to avoid special cases for NULL.
2010-03-24 21:15:31 +01:00
67bf4dc62e
crypt32: Fix overestimating size required for base64-encoded strings.
2010-03-22 10:42:41 +01:00
bef5645eb1
makefiles: Remove the no longer needed explicit separators for dependencies.
2010-03-16 13:28:19 +01:00
51ab77a90a
crypt32: Add support for the anyPolicy certificate policy.
2010-03-16 11:30:12 +01:00
ffba84b161
crypt32: Switch to use the AES provider by default.
2010-03-16 11:29:53 +01:00
a729e10a18
crypt32: Add constants to support SHA-256, SHA-384, and SHA-512.
2010-03-16 11:29:48 +01:00
a15dbfac22
crypt32: Fix CryptFreeTls when calling with a freed index.
2010-03-03 11:50:04 +01:00
6164ce2d82
makefiles: Use the standard C_SRCS variable as the list of test files.
...
This enables it to be auto-updated by make_makefiles.
2010-02-22 10:47:11 +01:00
0a866d0e45
crypt32: Avoid using HIWORD() on a string pointer.
...
The stray IS_INTRESOURCE() is applied to a true resource. The other
strings are OIDs and not resources.
2010-01-29 14:59:02 +01:00
17f674c2e7
crypt32: Add Ukrainian translations.
2010-01-28 12:16:37 +01:00
b4448d9b77
crypt32/tests: Add a win_skip().
2010-01-20 15:29:50 +01:00
4e18ac601f
crypt32: Don't get confused matching URLs with a colon in the userinfo portion (e.g. user:password@domain).
2009-12-21 15:01:22 +01:00
048594854a
crypt32: Check authority key identifer extension to determine if a certificate is self-signed.
2009-12-18 11:39:58 +01:00
e402260db4
crypt32: Remove an unneeded assignment.
2009-12-17 12:42:39 +01:00
483d241559
crypt32: Remove unneeded assignments.
2009-12-16 12:21:12 +01:00
01a7cbf843
crypt32: Accept end certificates with no extended key usage extension if a particular key usage is requested.
2009-12-11 17:47:30 +01:00
7a610a9072
crypt32: Fix CertAddCTLContextToStore for CERT_STORE_ADD_USE_EXISTING add disposition.
2009-12-11 11:50:12 +01:00
c7609f3c55
crypt32: Fix CertAddCRLContextToStore for CERT_STORE_ADD_USE_EXISTING add disposition.
2009-12-11 11:50:09 +01:00
0444cd93c4
crypt32: Don't dereference an output pointer which may be NULL.
2009-12-11 11:50:03 +01:00
1740d9fe44
crypt32: Trace chain final error status.
2009-12-11 11:49:56 +01:00
4f83f9a120
crypt32/tests: Avoid size_t in traces.
2009-12-09 12:19:38 +01:00
4df042b54b
crypt32: Compare CRL's authority key identifier against the certificate's subject key identifier property, which also decodes the certificate's extension if necessary.
2009-12-09 12:02:43 +01:00
d1e592ad20
crypt32/tests: Fix compilation on systems that don't support nameless unions.
2009-12-08 17:42:25 +01:00
bab1c652ae
crypt32/tests: Fix memory leak in test.
2009-12-07 09:49:07 +01:00
cdbf6e8614
crypt32/tests: Don't pass as a parameter a variable that could be local.
2009-12-07 09:49:07 +01:00
6acd82fa79
crypt32: Correct AKI extension used in end certificate and CRL when checking revocation.
2009-12-04 12:01:16 +01:00
91fbdb561a
crypt32: The KeyId member of an authority key identifier is an octet string, not an integer.
2009-12-03 10:16:53 +01:00
865669eeb3
crypt32: Fix test failures on Win2k.
2009-12-03 10:11:54 +01:00
63383baed4
crypt32: Fix test failure on Win7.
2009-12-03 10:11:46 +01:00
596cd16fc4
crypt32: Only check revocation on a chain without other errors.
2009-12-03 10:11:33 +01:00
b402b78780
rsaenh: Fix padding bytes check for 0-byte payload.
2009-12-02 14:59:56 +01:00
9f5a554de0
crypt32: Correct AKI extension used in end certificate and CRL when checking revocation.
2009-12-02 12:18:02 +01:00
9c56314e3d
crypt32: Further fix test failures.
2009-12-02 12:12:50 +01:00
6b8c053218
crypt32: Fix test failures.
2009-12-01 12:24:00 +01:00
90c160c3d8
crypt32: Revert 8ed5a777de.
...
Ordinarily removing tests seems like a bad idea, but in this case it
seems the only rational response to the test failures the tests
produce. The tests check the state of three bits with a variety of
certificate and CRL combinations. One of these bits is apparently not
set by any version of Windows for any of the tests. Testing its
absence doesn't seem correct, and I'll explain why in more detail in a
second. Every permutation of the remaining two bits appears on at
least one Windows version, and no Windows version is obviously more
correct than the rest, so testing them doesn't seem worthwhile.
The one bit that doesn't appear to be set is the bit saying that a
certificate is revoked. I created CRLs that do in fact revoke some of
the tested certificates, so it appears to me that the bit should be
set. It's possible that Windows doesn't bother checking the
revocation status of a certificate whose anchor isn't trusted, but
it's impossible to test this in an automated regression test suite,
because adding a trusted certificate requires clicking OK (or its
equivalent) in a dialog. The dialog is invoked by the system process,
so I can't use a dialog hook to suppress it. I can test this
hypothesis manually, but it isn't possible to do so in an automated
way.
2009-11-30 12:57:53 +01:00
f2040b7725
crypt32: Don't copy past end of buffer when removing a string from a multi string.
2009-11-30 12:57:39 +01:00
b2ab45b78b
crypt32: Only match RDN attributes whose lengths are identical.
2009-11-21 14:31:46 +01:00
8e51a866b7
crypt32: When searching for a CRL by the AKI extension, the extension has to be decoded to match.
2009-11-21 14:31:46 +01:00
7dee971809
crypt32/tests: Fix a typo.
2009-11-21 14:31:46 +01:00
8646c39bdb
crypt32: Finding a CRL issued by a cert should compare the cert's subject, not its issuer.
2009-11-21 14:31:46 +01:00
6bc8237c63
crypt32/tests: Test one more certificate against the Verisign CRL.
2009-11-21 14:31:46 +01:00
22206b909a
crypt32/tests: Fix a typo.
2009-11-21 14:31:46 +01:00
3921454398
crypt32: Read trusted root certificates from system keychain on Mac OS X.
2009-11-21 14:31:45 +01:00
eee179206e
crypt32/tests: Fix tests on Win9x/ME.
2009-11-21 14:31:44 +01:00
1a392e1a30
crypt32: Support checking the requested usage for a chain.
2009-11-21 14:31:44 +01:00
30de103485
crypt32: Only trace a usage match if it's not empty.
2009-11-21 14:31:44 +01:00
e611a83962
crypt32: Test verifying the enhanced key usage of a chain.
2009-11-21 14:31:44 +01:00
9d9070ae3c
crypt32: CertFindCRLInStore with find type CRL_FIND_ISSUED_FOR shouldn't check whether the CRL is valid for the subject certificate.
2009-11-20 11:15:11 +01:00
f378394acd
crypt32: Correct CertIsValidCRLForCertificate for certificates that do not contain a CRL dist points extension.
2009-11-20 11:15:06 +01:00
bcbfddd82a
crypt32: Fix tests on older Windows versions.
2009-11-20 11:15:01 +01:00
a3c6bc68c8
crypt32: Assume revocation server is offline if revocation status isn't known.
2009-11-20 11:14:52 +01:00
9e1d31e5e5
crypt32: Fix a typo.
2009-11-20 11:14:47 +01:00
8ed5a777de
crypt32: Test revocation checking with CertGetCertificateChain.
2009-11-20 11:14:41 +01:00
27128bb2f8
crypt32: Add more tests for CertVerifyRevocation.
2009-11-20 11:14:00 +01:00
8fcaa52d5d
crypt32: Add support for CRL_FIND_ISSUED_BY_AKI_FLAG to CertFindCRLInStore.
2009-11-19 11:49:59 +01:00
b278155616
crypt32: Add more tests for CertFindCRLInStore.
2009-11-19 11:49:53 +01:00
4727212e01
crypt32: Add support for CRL_FIND_ISSUED_BY_SIGNATURE_FLAG to CertFindCRLInStore.
2009-11-19 11:49:46 +01:00
8beed85a2c
crypt32: Add basic flags tests flags for CertFindCRLInStore with find type CRL_FIND_ISSUED_BY.
2009-11-19 11:49:40 +01:00
c84c53b1a6
crypt32: More fully implement CertIsValidCRLForCertificate.
2009-11-19 11:49:33 +01:00
e5c56b1798
crypt32: Correct tests for CertIsValidCRLForCertificate.
2009-11-19 11:49:21 +01:00
b16a78baa7
crypt32: Remove a redundant test.
2009-11-19 11:49:14 +01:00
4fa4f67c79
crypt32: Implement CertFindCRLInStore for find type CRL_FIND_ISSUED_FOR.
2009-11-19 11:49:09 +01:00
a3b462e3ea
crypt32: Add tests for CertFindCRLInStore with find type CRL_FIND_ISSUED_FOR.
2009-11-19 11:49:05 +01:00
7f5b24ed91
crypt32/tests: Fix a test failure on older crypt32.
2009-11-18 15:34:14 +01:00
96073d5129
crypt32: Remove an unnecessary test for the extended key usage extension in CA certificates.
2009-11-18 11:09:20 +01:00
d6958d7660
crypt32: Trace reasons for name constraint failure.
2009-11-18 11:09:08 +01:00
1db8a6abda
crypt32: Only fail directory name comparison if a directory name constraint is present and doesn't match.
2009-11-18 11:09:02 +01:00
a63affe5e0
crypt32: Don't apply directory name constraints to an empty subject name.
2009-11-18 11:08:55 +01:00
c464875a6d
crypt32: Accept a certificate if its name matches any permitted subtree of a name constraint.
2009-11-18 11:08:49 +01:00
d6f7d06cad
crypt32: Check email address in subject name against rfc822 name constraints.
2009-11-18 11:08:44 +01:00
e4c03521ac
crypt32: Apply name constraints to subject name.
2009-11-18 11:08:37 +01:00
6f35ae25b8
crypt32: Use helper function to compare a subject alternate name with name constraints.
2009-11-18 11:08:32 +01:00
a98dad4f93
crypt32: Only apply a name constraint if the name form is present.
2009-11-18 11:08:25 +01:00
f6d3348b7c
crypt32: Partially implement checking name constraints with directory names.
2009-11-18 11:08:20 +01:00
7c44544a6d
crypt32: Use helper functions to match excluded and permitted subtrees of name constraints.
2009-11-18 11:08:14 +01:00
9a40de08de
crypt32: Let caller set error codes when name constraints aren't met.
2009-11-18 11:08:08 +01:00
f8044948ba
crypt32: Remove an unnecessary if.
2009-11-18 11:08:01 +01:00
8585203103
crypt32: Prohibit name constraints that contain neither an excluded nor a permitted subtree.
2009-11-18 11:07:53 +01:00
a299470622
crypt32/tests: Fix another test failure.
2009-11-17 15:14:53 +01:00
440c702ce4
crypt32: Implement CertIsRDNAttrsInCertificateName.
2009-11-17 15:14:53 +01:00
ed74536f0c
crypt32: Add tests for CertIsRDNAttrsInCertificateName.
2009-11-17 15:14:53 +01:00
7d12294f08
crypt32: Add stub for CertIsRDNAttrsInCertificateName.
2009-11-17 15:14:53 +01:00
4a948fa929
crypt32: Add more tests for CertCompareCertificateName.
2009-11-17 15:14:53 +01:00
1974e61b59
crypt32: Correctly match subdomains with dns name constraints.
2009-11-17 12:05:11 +01:00
b74ef17efc
crypt32: If a hostname in a URI or rfc822 name constraint doesn't begin with '.', a match must be exact.
2009-11-17 12:05:04 +01:00
e82005fe2d
crypt32: Only compare the hostname portion of a URL when checking against a name constraint.
2009-11-17 12:04:58 +01:00
3c8a04f12f
crypt32: Include name constraints errors in the chain's error status.
2009-11-17 12:04:52 +01:00
f9ad32f0ad
crypt32: Trace method used to find an issuer.
2009-11-17 12:04:46 +01:00
8adc75b3ec
crypt32: Fix more test failures.
2009-11-16 11:34:31 +01:00
f6c4824675
crypt32: Update a comment.
2009-11-16 11:34:04 +01:00
c4b997bab3
crypt32: Set CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS when a certificate's name constraints are met.
2009-11-16 11:33:58 +01:00
9aee8fd556
crypt32: Fix test failures.
2009-11-13 11:52:25 +01:00
21ecc84620
crypt32: Accept any matching dNSName in a subject alternate name.
2009-11-13 11:52:25 +01:00
95a14deff9
crypt32: Add tests for cs.stanford.edu's chain.
2009-11-13 11:52:25 +01:00
d311cc9bdb
crypt32: Use broken() to mark an expected result from a broken version of crypt32.
2009-11-13 11:52:25 +01:00
b91d0c8bde
crypt32: Implement matching a certificate with a wildcard in its name.
2009-11-13 11:52:24 +01:00
e740672647
crypt32: Test matching a certificate with a wildcard in its name.
2009-11-13 11:52:24 +01:00
a29789e0bf
crypt32: Add openssl.org's cert to the tested chains.
2009-11-13 11:52:24 +01:00
574de15f51
crypt32: Fix more test failures on older crypt32 versions.
2009-11-12 13:11:38 +01:00
ba3433fa02
crypt32: Fix more test failures on older crypt32 versions.
2009-11-12 13:11:32 +01:00
4d2c9c3e87
crypt32/tests: Fix test failures.
2009-11-12 13:11:25 +01:00
d7c9bd13a2
crypt32: Fix test failures on multiple Windows versions.
2009-11-11 10:55:51 +01:00
300d5fe5c4
crypt32: Correct error when a matching name constraint is found.
2009-11-11 10:55:44 +01:00
0cf2e6fae6
crypt32: Stop reading a serialized store if a non-context prop ID appears before a context prop ID.
2009-11-11 10:55:36 +01:00
Austin English