ReceiveTempSMS
/
Sweden-Number
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
68,904 Commits 3 Branches 0 Tags 575 MiB
Commit Graph

1539 Commits

Author SHA1 Message Date
Juan Lang b2ab45b78b crypt32: Only match RDN attributes whose lengths are identical. 2009-11-21 14:31:46 +01:00
Juan Lang 8e51a866b7 crypt32: When searching for a CRL by the AKI extension, the extension has to be decoded to match. 2009-11-21 14:31:46 +01:00
Juan Lang 7dee971809 crypt32/tests: Fix a typo. 2009-11-21 14:31:46 +01:00
Juan Lang 8646c39bdb crypt32: Finding a CRL issued by a cert should compare the cert's subject, not its issuer. 2009-11-21 14:31:46 +01:00
Juan Lang 6bc8237c63 crypt32/tests: Test one more certificate against the Verisign CRL. 2009-11-21 14:31:46 +01:00
Juan Lang 22206b909a crypt32/tests: Fix a typo. 2009-11-21 14:31:46 +01:00
Ken Thomases 3921454398 crypt32: Read trusted root certificates from system keychain on Mac OS X. 2009-11-21 14:31:45 +01:00
Juan Lang eee179206e crypt32/tests: Fix tests on Win9x/ME. 2009-11-21 14:31:44 +01:00
Juan Lang 1a392e1a30 crypt32: Support checking the requested usage for a chain. 2009-11-21 14:31:44 +01:00
Juan Lang 30de103485 crypt32: Only trace a usage match if it's not empty. 2009-11-21 14:31:44 +01:00
Juan Lang e611a83962 crypt32: Test verifying the enhanced key usage of a chain. 2009-11-21 14:31:44 +01:00
Juan Lang 9d9070ae3c crypt32: CertFindCRLInStore with find type CRL_FIND_ISSUED_FOR shouldn't check whether the CRL is valid for the subject certificate. 2009-11-20 11:15:11 +01:00
Juan Lang f378394acd crypt32: Correct CertIsValidCRLForCertificate for certificates that do not contain a CRL dist points extension. 2009-11-20 11:15:06 +01:00
Juan Lang bcbfddd82a crypt32: Fix tests on older Windows versions. 2009-11-20 11:15:01 +01:00
Juan Lang a3c6bc68c8 crypt32: Assume revocation server is offline if revocation status isn't known. 2009-11-20 11:14:52 +01:00
Juan Lang 9e1d31e5e5 crypt32: Fix a typo. 2009-11-20 11:14:47 +01:00
Juan Lang 8ed5a777de crypt32: Test revocation checking with CertGetCertificateChain. 2009-11-20 11:14:41 +01:00
Juan Lang 27128bb2f8 crypt32: Add more tests for CertVerifyRevocation. 2009-11-20 11:14:00 +01:00
Juan Lang 8fcaa52d5d crypt32: Add support for CRL_FIND_ISSUED_BY_AKI_FLAG to CertFindCRLInStore. 2009-11-19 11:49:59 +01:00
Juan Lang b278155616 crypt32: Add more tests for CertFindCRLInStore. 2009-11-19 11:49:53 +01:00
Juan Lang 4727212e01 crypt32: Add support for CRL_FIND_ISSUED_BY_SIGNATURE_FLAG to CertFindCRLInStore. 2009-11-19 11:49:46 +01:00
Juan Lang 8beed85a2c crypt32: Add basic flags tests flags for CertFindCRLInStore with find type CRL_FIND_ISSUED_BY. 2009-11-19 11:49:40 +01:00
Juan Lang c84c53b1a6 crypt32: More fully implement CertIsValidCRLForCertificate. 2009-11-19 11:49:33 +01:00
Juan Lang e5c56b1798 crypt32: Correct tests for CertIsValidCRLForCertificate. 2009-11-19 11:49:21 +01:00
Juan Lang b16a78baa7 crypt32: Remove a redundant test. 2009-11-19 11:49:14 +01:00
Juan Lang 4fa4f67c79 crypt32: Implement CertFindCRLInStore for find type CRL_FIND_ISSUED_FOR. 2009-11-19 11:49:09 +01:00
Juan Lang a3b462e3ea crypt32: Add tests for CertFindCRLInStore with find type CRL_FIND_ISSUED_FOR. 2009-11-19 11:49:05 +01:00
Paul Vriens 7f5b24ed91 crypt32/tests: Fix a test failure on older crypt32. 2009-11-18 15:34:14 +01:00
Juan Lang 96073d5129 crypt32: Remove an unnecessary test for the extended key usage extension in CA certificates. 2009-11-18 11:09:20 +01:00
Juan Lang d6958d7660 crypt32: Trace reasons for name constraint failure. 2009-11-18 11:09:08 +01:00
Juan Lang 1db8a6abda crypt32: Only fail directory name comparison if a directory name constraint is present and doesn't match. 2009-11-18 11:09:02 +01:00
Juan Lang a63affe5e0 crypt32: Don't apply directory name constraints to an empty subject name. 2009-11-18 11:08:55 +01:00
Juan Lang c464875a6d crypt32: Accept a certificate if its name matches any permitted subtree of a name constraint. 2009-11-18 11:08:49 +01:00
Juan Lang d6f7d06cad crypt32: Check email address in subject name against rfc822 name constraints. 2009-11-18 11:08:44 +01:00
Juan Lang e4c03521ac crypt32: Apply name constraints to subject name. 2009-11-18 11:08:37 +01:00
Juan Lang 6f35ae25b8 crypt32: Use helper function to compare a subject alternate name with name constraints. 2009-11-18 11:08:32 +01:00
Juan Lang a98dad4f93 crypt32: Only apply a name constraint if the name form is present. 2009-11-18 11:08:25 +01:00
Juan Lang f6d3348b7c crypt32: Partially implement checking name constraints with directory names. 2009-11-18 11:08:20 +01:00
Juan Lang 7c44544a6d crypt32: Use helper functions to match excluded and permitted subtrees of name constraints. 2009-11-18 11:08:14 +01:00
Juan Lang 9a40de08de crypt32: Let caller set error codes when name constraints aren't met. 2009-11-18 11:08:08 +01:00
Juan Lang f8044948ba crypt32: Remove an unnecessary if. 2009-11-18 11:08:01 +01:00
Juan Lang 8585203103 crypt32: Prohibit name constraints that contain neither an excluded nor a permitted subtree. 2009-11-18 11:07:53 +01:00
Juan Lang a299470622 crypt32/tests: Fix another test failure. 2009-11-17 15:14:53 +01:00
Juan Lang 440c702ce4 crypt32: Implement CertIsRDNAttrsInCertificateName. 2009-11-17 15:14:53 +01:00
Juan Lang ed74536f0c crypt32: Add tests for CertIsRDNAttrsInCertificateName. 2009-11-17 15:14:53 +01:00
Juan Lang 7d12294f08 crypt32: Add stub for CertIsRDNAttrsInCertificateName. 2009-11-17 15:14:53 +01:00
Juan Lang 4a948fa929 crypt32: Add more tests for CertCompareCertificateName. 2009-11-17 15:14:53 +01:00
Juan Lang 1974e61b59 crypt32: Correctly match subdomains with dns name constraints. 2009-11-17 12:05:11 +01:00
Juan Lang b74ef17efc crypt32: If a hostname in a URI or rfc822 name constraint doesn't begin with '.', a match must be exact. 2009-11-17 12:05:04 +01:00
Juan Lang e82005fe2d crypt32: Only compare the hostname portion of a URL when checking against a name constraint. 2009-11-17 12:04:58 +01:00
Juan Lang 3c8a04f12f crypt32: Include name constraints errors in the chain's error status. 2009-11-17 12:04:52 +01:00
Juan Lang f9ad32f0ad crypt32: Trace method used to find an issuer. 2009-11-17 12:04:46 +01:00
Juan Lang 8adc75b3ec crypt32: Fix more test failures. 2009-11-16 11:34:31 +01:00
Juan Lang f6c4824675 crypt32: Update a comment. 2009-11-16 11:34:04 +01:00
Juan Lang c4b997bab3 crypt32: Set CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS when a certificate's name constraints are met. 2009-11-16 11:33:58 +01:00
Juan Lang 9aee8fd556 crypt32: Fix test failures. 2009-11-13 11:52:25 +01:00
Juan Lang 21ecc84620 crypt32: Accept any matching dNSName in a subject alternate name. 2009-11-13 11:52:25 +01:00
Juan Lang 95a14deff9 crypt32: Add tests for cs.stanford.edu's chain. 2009-11-13 11:52:25 +01:00
Juan Lang d311cc9bdb crypt32: Use broken() to mark an expected result from a broken version of crypt32. 2009-11-13 11:52:25 +01:00
Juan Lang b91d0c8bde crypt32: Implement matching a certificate with a wildcard in its name. 2009-11-13 11:52:24 +01:00
Juan Lang e740672647 crypt32: Test matching a certificate with a wildcard in its name. 2009-11-13 11:52:24 +01:00
Juan Lang a29789e0bf crypt32: Add openssl.org's cert to the tested chains. 2009-11-13 11:52:24 +01:00
Juan Lang 574de15f51 crypt32: Fix more test failures on older crypt32 versions. 2009-11-12 13:11:38 +01:00
Juan Lang ba3433fa02 crypt32: Fix more test failures on older crypt32 versions. 2009-11-12 13:11:32 +01:00
Juan Lang 4d2c9c3e87 crypt32/tests: Fix test failures. 2009-11-12 13:11:25 +01:00
Juan Lang d7c9bd13a2 crypt32: Fix test failures on multiple Windows versions. 2009-11-11 10:55:51 +01:00
Juan Lang 300d5fe5c4 crypt32: Correct error when a matching name constraint is found. 2009-11-11 10:55:44 +01:00
Juan Lang 0cf2e6fae6 crypt32: Stop reading a serialized store if a non-context prop ID appears before a context prop ID. 2009-11-11 10:55:36 +01:00
Juan Lang bdbee82c42 crypt32: Trace cert version. 2009-11-11 10:54:38 +01:00
Juan Lang 0695b0dc73 crypt32: Fix test failures across Windows versions. 2009-11-11 10:54:24 +01:00
Juan Lang 49c1a34721 crypt32: Fix some test failures on older crypt32 versions. 2009-11-11 10:54:12 +01:00
Juan Lang 7eb33b18da crypt32: Update a comment to reflect a fixed vulnerability. 2009-11-11 10:53:56 +01:00
Juan Lang ee02d43731 crypt32: Correct error when a constrained, permitted name type isn't found in the subject name. 2009-11-10 13:08:31 +01:00
Juan Lang 2503e9ec73 crypt32: Use helper function to find the subject alternate name extension wherever it's needed. 2009-11-10 13:08:26 +01:00
Juan Lang ae6e884142 crypt32: Correct error when the subject alternate name can't be decoded. 2009-11-10 13:08:20 +01:00
Juan Lang 865f3df35b crypt32: Check the issued certificate for name constraint violations, not the issuing certificate. 2009-11-10 13:08:14 +01:00
Juan Lang ef6ce9a590 crypt32: Add more tests of name constraints. 2009-11-10 13:08:06 +01:00
Juan Lang a5361e45de crypt32: Test more chains against different policies. 2009-11-10 13:07:35 +01:00
Juan Lang 25e8f27817 crypt32: Disallow embedded NULLs in alternate names. 2009-11-10 13:07:28 +01:00
Juan Lang ddf78bdb38 crypt32: Test decoding alternate names with embedded NULLs. 2009-11-10 13:07:21 +01:00
Juan Lang 6a3901f04b crypt32: Test encoding and decoding name values with embedded NULLs. 2009-11-10 13:07:15 +01:00
Juan Lang 216df7a714 crypt32: Reject certificates whose fields don't match their versions. 2009-11-10 13:07:07 +01:00
Juan Lang 9fe6be454f crypt32: Forbid minimum or maximum fields in name constraints. 2009-11-10 13:07:00 +01:00
Juan Lang e7404ba24f crypt32: Fix decoding names when CRYPT_DECODE_ALLOC_FLAG is not specified. 2009-11-10 13:05:40 +01:00
Juan Lang 6cefdef501 crypt32: Fix decoding unicode names when CRYPT_DECODE_ALLOC_FLAG is not specified. 2009-11-10 13:05:35 +01:00
Marcus Meissner c25753ece2 crypt32: Pass the correct pointer into CertificateFindStore. 2009-11-09 20:21:23 +01:00
Juan Lang 267e890220 crypt32: Fix test failures on Win9x/NT4. 2009-11-09 19:58:40 +01:00
Juan Lang fbcce9f308 crypt32: Implement decoding cert policy constraints. 2009-11-09 19:58:34 +01:00
Juan Lang 32ad424972 crypt32: Implement encoding cert policy constraints. 2009-11-09 19:58:28 +01:00
Juan Lang ae32f7bffc crypt32: Add tests for encoding/decoding cert policy constraints. 2009-11-09 19:58:20 +01:00
Juan Lang 7e7e73d0da crypt32: Implement decoding cert policy mappings. 2009-11-09 19:58:13 +01:00
Juan Lang bf5e4d9bb7 crypt32: Implement encoding cert policy mappings. 2009-11-09 19:58:07 +01:00
Juan Lang fba863ddf0 crypt32: Add tests for encoding/decoding cert policy mappings. 2009-11-09 19:57:59 +01:00
Juan Lang ed9a4ffa0b crypt32: Fix decoding cert issuer/subject unique ids. 2009-11-09 19:57:51 +01:00
Juan Lang 4ccafdcb6f crypt32: Fix encoding cert issuer/subject unique ids. 2009-11-09 19:57:45 +01:00
Juan Lang acfa433f15 crypt32: Add more tests of cert encoding/decoding. 2009-11-09 19:57:37 +01:00
Paul Chitescu 7223d8b6d2 crypt32: Check the result of CryptAcquireContextW() when initializing default provider. 2009-11-09 19:37:00 +01:00
Juan Lang 5274777b1c crypt32: Permit lack of basic constraints extension on root certificates. 2009-11-09 19:34:36 +01:00
Juan Lang d94e4d315a crypt32: Permit lack of key usage extension on root certificates. 
This reverts 60770fb011, although it
updates the comments to give a reason.  Thanks to Matt Van Gundy for
pointing it out to me.
 2009-11-09 19:34:32 +01:00
Juan Lang c52d110de1 crypt32: Don't free a file store's mem store, it's already freed by the provider store. 2009-11-05 11:57:58 +01:00