Alexandre Julliard
b012ffba58
crypt32: Use allocation function with the correct prototype in CMSG_CONTENT_ENCRYPT_INFO.
2010-12-09 17:43:34 +01:00
Alexander Morozov
02ab124cd2
crypt32: Implement CryptEncryptMessage.
2010-12-08 16:50:58 +01:00
Alexander Morozov
6ad5416f32
crypt32: Implement getting content of an enveloped message.
2010-12-02 15:01:09 +01:00
Alexander Morozov
03e94320c2
crypt32: Implement updating enveloped messages.
2010-12-02 15:01:08 +01:00
Alexander Morozov
c3a2f7a3d1
crypt32: Save some info needed for creating enveloped messages.
2010-12-02 15:00:56 +01:00
Alexander Morozov
6fcca28b07
crypt32: Add a stub enveloped message implementation.
2010-12-01 17:16:22 +01:00
Alexander Morozov
f48b0aa6a2
crypt32/tests: Fix test failures on some Win95 and some NT4.
2010-11-25 16:56:27 +01:00
Alexander Morozov
b9c122f15e
crypt32/tests: Skip more tests.
2010-11-25 16:56:09 +01:00
Alexander Morozov
d8cad3eb1b
crypt32/tests: Use pCryptAcquireContextA.
2010-11-24 12:06:31 +01:00
Alexander Morozov
676d5db65a
crypt32/tests: Fix test failures on WinME and some NT4.
2010-11-24 12:06:11 +01:00
Alexander Morozov
113c614525
crypt32/tests: Do not crash on some Win98.
2010-11-24 12:06:04 +01:00
Juan Lang
107a95d86b
crypt32: Add CertFindChainInStore stub.
2010-11-17 11:16:58 +01:00
Alexander Morozov
6462283fbe
crypt32/tests: Add tests for CMSG_RECIPIENT_COUNT_PARAM and CMSG_RECIPIENT_INFO_PARAM.
2010-11-03 14:48:10 +01:00
Detlef Riekenberg
661a8f3787
crypt32/test: When using dynamic binding for functions, do it in all locations.
2010-11-03 11:08:55 +01:00
Detlef Riekenberg
5e17fe9a51
crypt32/tests: CertAddCertificateLinkToStore is not present on W98.
2010-11-03 11:08:55 +01:00
Alexander Morozov
5328687fb5
crypt32/tests: Add tests for decoding enveloped messages.
2010-11-02 15:29:01 +01:00
Alexander Morozov
f45ac5a4a2
crypt32/tests: Add tests for enveloped messages.
2010-11-01 14:53:32 +01:00
Juan Lang
dd7a45be7c
crypt32: Check revocation status of chain element-by-element.
...
Due to a quirk in CertVerifyRevocation (see its tests), checking an
entire chain doesn't appear to be supported, even though the API would
appear to support doing so. Checking element by element allows
revocation to be checked for the entire chain.
2010-10-25 13:52:50 +02:00
Juan Lang
8714c11247
crypt32: Pass additional store to CertVerifyRevocation.
2010-10-25 13:52:50 +02:00
Juan Lang
2b8cad3235
crypt32/tests: Fix test failures on Win98/NT4.
2010-10-21 16:16:14 +02:00
Juan Lang
a1352035d1
crypt32: Implement CertRDNValueToStr for UTF8 strings.
2010-10-20 12:32:58 +02:00
Juan Lang
8f2821ac77
crypt32: The newline character must also be quoted.
2010-10-20 12:31:53 +02:00
Juan Lang
7833f30721
crypt32: Correct Unicode quoting of BMP strings.
2010-10-20 12:31:46 +02:00
Juan Lang
bf70d35529
crypt32/tests: Show expected values in ok output.
2010-10-20 12:31:24 +02:00
Juan Lang
e21cb8fb9d
crypt32/tests: Test more Unicode encoded string to string conversions.
2010-10-20 12:31:18 +02:00
Juan Lang
4141625284
crypt32: Remove unneeded comments.
2010-10-20 12:31:10 +02:00
Juan Lang
c4ae9e9c5a
crypt32/tests: Add more tests of the authenticode policy.
2010-10-19 10:19:21 +02:00
Juan Lang
ca7512d296
crypt32: Trace certificate chain verification parameters.
2010-10-19 10:19:17 +02:00
Juan Lang
c654606405
crypt32: Remove broken UTF-8 string decoding support.
2010-10-19 10:19:11 +02:00
Juan Lang
dcafe721bf
crypt32: Implement quoting of BMP strings.
2010-10-19 10:18:59 +02:00
Juan Lang
993068038e
crypt32: Implement quoting of simple string types.
2010-10-19 10:18:53 +02:00
Juan Lang
462af2f91b
crypt32: Test more encoded string to string conversions.
2010-10-19 10:18:45 +02:00
Juan Lang
8b3681e921
crypt32: Test encoding more quoted strings.
2010-10-19 10:18:39 +02:00
Anders Jonsson
ce5a8aab83
crypt32: Update Swedish translation.
2010-10-18 11:51:30 +02:00
Trygve Vea
fe8a5ac44d
crypt32: Updated Norwegian translation.
2010-10-15 16:18:09 +02:00
Akihiro Sagawa
4d5a851ca8
crypt32: Add Japanese translation.
2010-10-15 11:35:57 +02:00
Juan Lang
63a05db41c
crypt32: Trace time value in addition to address of time value.
2010-10-15 11:33:21 +02:00
Juan Lang
b6cd08f436
crypt32: Use A functions for debug string that's only used as an ASCII string.
2010-10-15 11:33:12 +02:00
Andrew Nguyen
6f2513d39a
crypt32: Avoid relying on PATH_MAX in import_certs_from_dir helper.
...
PATH_MAX is not guaranteed to be available on all platforms, and it is
inadequate as a hardcoded buffer size anyway.
2010-10-08 11:56:45 +02:00
Juan Lang
6e89a61446
crypt32/tests: Test OpenSSL chain separately to address test failures on Win98.
2010-10-06 20:46:51 +02:00
Juan Lang
251ccfc848
crypt32/tests: Fix another test failure on Win98.
2010-10-06 20:46:51 +02:00
Juan Lang
8fbcad75ba
crypt32/tests: Add name to test to help identify test failures.
2010-10-06 20:46:50 +02:00
Juan Lang
d8fcffc7e7
crypt32/tests: Fix more Win9x failures.
2010-10-06 20:46:50 +02:00
Juan Lang
3e437ec537
crypt32/tests: Fix test failures on NT4/Win9x.
2010-10-06 20:46:50 +02:00
Juan Lang
25a8d301c1
crypt32: Set correct error when encountering unsupported critical extensions in the base and SSL policy.
2010-10-06 20:46:50 +02:00
Juan Lang
5b79eb977b
crypt32/tests: Add macros to declare tests.
2010-10-06 20:46:50 +02:00
Juan Lang
6ff8184e15
crypt32/tests: Add name to test to help identify test failures.
2010-10-06 20:46:50 +02:00
Juan Lang
b1899c2066
crypt32: Set CERT_TRUST_HAS_NOT_SUPPORTED_CRITICAL_EXT when appropriate.
2010-10-06 20:46:49 +02:00
Juan Lang
d5bcf21c91
crypt32/tests: Test the base and SSL policies against a certificate with an invalid critical extension.
2010-10-06 20:46:49 +02:00
Juan Lang
ab1a3ccede
crypt32/tests: Test invalid critical extension in intermediate cert.
2010-10-06 20:46:49 +02:00
Juan Lang
966d722752
crypt32: Improve error checking for the base policy.
2010-10-06 14:41:04 +02:00
Juan Lang
c4c70b608c
crypt32/tests: Add more tests of verifying the base policy, including flags to ignore certain errors.
2010-10-06 14:41:04 +02:00
André Hentschel
a3fcddc559
crypt32: Fix German translation.
2010-10-04 15:00:05 +02:00
Alexandre Julliard
d7bd274eed
crypt32/tests: Make some variables static.
2010-10-01 13:36:03 +02:00
Juan Lang
be3a5e368f
crypt32: Check revocation failures when verifying the SSL policy.
2010-09-30 11:16:44 +02:00
Juan Lang
da11d66bff
crypt32: Check usage when verifying the SSL policy.
2010-09-30 11:16:40 +02:00
Juan Lang
d74c4f7c15
crypt32: Honor more SECURITY_FLAG_IGNORE flags when verifying the SSL policy.
2010-09-30 11:16:36 +02:00
Juan Lang
54429016eb
crypt32/tests: Test more SECURITY_FLAG_IGNORE flags for the SSL policy.
2010-09-30 11:16:28 +02:00
Michael Stefaniuc
ef24756291
crypt32: Remove redundant NULL check before CryptMemFree (Smatch).
2010-09-29 10:06:01 +02:00
Juan Lang
604e39dde5
crypt32: Add parameter checking to CryptSIPCreateIndirectData.
2010-09-24 18:20:27 +02:00
Alexander Morozov
476552c5b5
crypt32/tests: Add a test for CryptEncryptMessage.
2010-09-22 19:57:17 +02:00
Luca Bennati
6100724cd7
crypt32: Update Italian translation.
2010-09-21 17:53:53 +02:00
Alexandre Julliard
81b8ee863e
makefiles: Add a standard header for all makefiles to replace the common variable initializations.
2010-09-19 12:36:48 +02:00
Alexander Morozov
dfd3e2dcd5
crypt32: Add a stub for CryptEncryptMessage.
2010-09-18 13:07:28 +02:00
Alexander Morozov
190c3518d6
crypt32: Initialize HashEncryptionAlgorithm.
2010-09-16 13:59:06 -05:00
Alexander Morozov
8cdf146317
crypt32: Implement CryptSignMessage.
2010-09-16 13:59:01 -05:00
Alexander Morozov
665ede7517
crypt32/tests: Add a test for CryptSignMessage.
2010-09-15 11:28:54 -05:00
Alexander Morozov
3bea7f943e
crypt32: Add stub for CryptSignMessage.
2010-09-13 14:46:41 -05:00
Luca Bennati
5687a16407
crypt32: Update Italian translation.
2010-09-09 19:28:32 +02:00
Juan Lang
78c9015861
crypt32: Correct CryptVerifyMessageSignature's use of pcbDecoded.
2010-08-23 11:52:03 +02:00
Juan Lang
faa917b567
crypt32/tests: Test pcbDecoded parameter to CryptVerifyMessageSignature more thoroughly.
2010-08-23 11:51:53 +02:00
Andrew Talbot
4bdeb7dcb3
crypt32: Constify some variables.
2010-08-20 13:21:30 +02:00
Mikko Rasa
a4435e3adc
crypt32: Only clear *pcbDecoded on error in CryptVerifyMessageSignature.
2010-08-19 17:32:18 +02:00
Andrew Talbot
aaf285c15d
crypt32: Constify some variables.
2010-08-18 09:47:42 +02:00
Juan Lang
d6c9c7a08b
crypt32: Honor SECURITY_FLAG_IGNORE_CERT_CN_INVALID.
2010-08-16 17:28:55 +02:00
Juan Lang
e922faec4a
crypt32/tests: Add a test of SSL_EXTRA_CERT_CHAIN_POLICY_PARA's fdwChecks field.
2010-08-16 17:28:55 +02:00
Andrew Talbot
28e1ec4467
crypt32: Constify some variables.
2010-08-16 13:46:37 +02:00
Andrew Talbot
761f5ca105
crypt32: Constify some variables.
2010-08-16 13:46:33 +02:00
Igor Paliychuk
304fdd3226
crypt32: Ukrainian translation update.
2010-07-28 16:28:20 +02:00
Michael Stefaniuc
780ce8eb19
crypt32: Remove the ignored common resource attributes.
2010-07-22 11:41:35 +02:00
Alexandre Julliard
b86d515ed6
dlls: Remove explicit imports of kernel32 and ntdll.
2010-07-21 17:38:36 +02:00
Gustavo Henrique Milaré
adabcc6499
crypt32: Update Portuguese (Brazilian) translation.
2010-07-07 16:14:04 +02:00
Gustavo Henrique Milaré
7ef1e2d6b2
crypt32: Update Portuguese (Brazilian) translation.
2010-07-06 11:18:14 +02:00
Kovács András
da4b0070b8
crypt32: Add Hungarian translation.
2010-06-29 10:52:23 +02:00
Igor Paliychuk
e9c90a6fee
crypt32: Ukrainian translation update.
2010-06-28 11:44:07 +02:00
Francois Gouget
fea384cea4
crypt32/tests: Add a trailing '\n' to ok() calls.
2010-06-22 20:03:27 +02:00
Luca Bennati
10a6168173
crypt32: Add Italian translation.
2010-06-17 11:47:38 +02:00
Juan Lang
88a016184d
crypt32: Add support for CERT_STORE_PROV_SERIALIZED to CertOpenStore.
2010-06-16 11:44:48 +02:00
Juan Lang
06a3cea1cd
crypt32: Increment current pointer on successful reads from memory.
2010-06-16 11:44:34 +02:00
Juan Lang
02b9e3198a
crypt32: Terminate reading a serialized store upon reading an empty property.
2010-06-16 11:44:33 +02:00
Juan Lang
ecbb3c3f18
crypt32/tests: Test opening serialized stores.
2010-06-16 11:44:21 +02:00
Juan Lang
1cff4f5229
crypt32: Add support for szCERT_STORE_PROV_PKCS7 to CertOpenStore.
2010-06-16 10:40:43 +02:00
Łukasz Wojniłowicz
208e4ea231
crypt32: Add the Polish translation.
2010-06-07 12:54:48 +02:00
Juan Lang
1d94702431
crypt32/tests: Always compare serialized stores in memory.
2010-05-26 10:10:10 +02:00
Juan Lang
6451b9621e
crypt32/tests: Test an otherwise unused return value.
2010-05-26 10:10:05 +02:00
Juan Lang
d0b7cc5bb9
crypt32/tests: Improve granularity of testing a store's serialized form.
2010-05-26 10:10:01 +02:00
Juan Lang
c79aad51cd
crypt32: Implement wildcard domain name matching in subject alternative names.
2010-05-21 14:37:52 +02:00
Juan Lang
1d79e5de9a
crypt32/tests: Test wildcards in subject alternative name.
2010-05-20 13:47:53 +02:00
Juan Lang
fbd3a1dd7b
crypt32/tests: Allow specifying a chain engine when verifying a chain policy.
2010-05-20 13:47:53 +02:00
Juan Lang
742b4f37c8
crypt32/tests: Allow specifying a chain engine when creating a certificate chain.
2010-05-20 13:47:53 +02:00
Juan Lang
d298e1e614
crypt32: Support hExclusiveRoot when creating a certificate chain engine.
2010-05-20 13:47:53 +02:00
Juan Lang
d3db308853
crypt32: Update definition of CERT_CHAIN_ENGINE_CONFIG.
2010-05-20 13:47:53 +02:00
Juan Lang
d728169d97
crypt32: Implement CertAddCertificateLinkToStore on top of CertAddCertificateContextToStore.
2010-05-17 12:42:31 +02:00
Juan Lang
99b9e1ae36
crypt32: Prohibit adding links to collection stores.
2010-05-17 12:42:31 +02:00
Juan Lang
76fc5c8bc5
crypt32: Validate add disposition before checking source certificate's properties.
2010-05-17 12:42:31 +02:00
Juan Lang
0dfb0299f6
crypt32/tests: Test CertAddCertificateLinkToStore.
2010-05-17 12:42:31 +02:00
Juan Lang
c232af490e
crypt32: Add stub for CERT_STORE_CTRL_AUTO_RESYNC of registry stores.
2010-05-17 12:42:31 +02:00
Gerald Pfeifer
52ead99288
crypt32/tests: Remove variable entry which is not really used from test_decodeCRLToBeSigned.
2010-05-05 10:52:03 +02:00
Gerald Pfeifer
abae415487
crypt32/tests: Tighten tests in testPortPublicKeyInfo.
2010-05-03 16:48:56 +02:00
Alexandre Julliard
87416f5a3b
crypt32: Fix computation of structure sizes in CRYPT_AsnDecodeSequence.
2010-04-07 23:07:43 +02:00
Gerald Pfeifer
ca41486b8a
crypt32: Fix type of empty in encodeBase64W().
2010-03-26 10:32:23 +01:00
Juan Lang
7eb61a6e5c
crypt32: Use an empty string as a separator when no separator is desired to avoid special cases for NULL.
2010-03-24 21:15:31 +01:00
Juan Lang
67bf4dc62e
crypt32: Fix overestimating size required for base64-encoded strings.
2010-03-22 10:42:41 +01:00
Alexandre Julliard
bef5645eb1
makefiles: Remove the no longer needed explicit separators for dependencies.
2010-03-16 13:28:19 +01:00
Juan Lang
51ab77a90a
crypt32: Add support for the anyPolicy certificate policy.
2010-03-16 11:30:12 +01:00
Juan Lang
ffba84b161
crypt32: Switch to use the AES provider by default.
2010-03-16 11:29:53 +01:00
Juan Lang
a729e10a18
crypt32: Add constants to support SHA-256, SHA-384, and SHA-512.
2010-03-16 11:29:48 +01:00
Reece Dunn
a15dbfac22
crypt32: Fix CryptFreeTls when calling with a freed index.
2010-03-03 11:50:04 +01:00
Alexandre Julliard
6164ce2d82
makefiles: Use the standard C_SRCS variable as the list of test files.
...
This enables it to be auto-updated by make_makefiles.
2010-02-22 10:47:11 +01:00
Michael Stefaniuc
0a866d0e45
crypt32: Avoid using HIWORD() on a string pointer.
...
The stray IS_INTRESOURCE() is applied to a true resource. The other
strings are OIDs and not resources.
2010-01-29 14:59:02 +01:00
Igor Paliychuk
17f674c2e7
crypt32: Add Ukrainian translations.
2010-01-28 12:16:37 +01:00
Michael Stefaniuc
b4448d9b77
crypt32/tests: Add a win_skip().
2010-01-20 15:29:50 +01:00
Juan Lang
4e18ac601f
crypt32: Don't get confused matching URLs with a colon in the userinfo portion (e.g. user:password@domain).
2009-12-21 15:01:22 +01:00
Juan Lang
048594854a
crypt32: Check authority key identifer extension to determine if a certificate is self-signed.
2009-12-18 11:39:58 +01:00
Amine Khaldi
e402260db4
crypt32: Remove an unneeded assignment.
2009-12-17 12:42:39 +01:00
Amine Khaldi
483d241559
crypt32: Remove unneeded assignments.
2009-12-16 12:21:12 +01:00
Juan Lang
01a7cbf843
crypt32: Accept end certificates with no extended key usage extension if a particular key usage is requested.
2009-12-11 17:47:30 +01:00
Juan Lang
7a610a9072
crypt32: Fix CertAddCTLContextToStore for CERT_STORE_ADD_USE_EXISTING add disposition.
2009-12-11 11:50:12 +01:00
Juan Lang
c7609f3c55
crypt32: Fix CertAddCRLContextToStore for CERT_STORE_ADD_USE_EXISTING add disposition.
2009-12-11 11:50:09 +01:00
Juan Lang
0444cd93c4
crypt32: Don't dereference an output pointer which may be NULL.
2009-12-11 11:50:03 +01:00
Juan Lang
1740d9fe44
crypt32: Trace chain final error status.
2009-12-11 11:49:56 +01:00
Alexandre Julliard
4f83f9a120
crypt32/tests: Avoid size_t in traces.
2009-12-09 12:19:38 +01:00
Juan Lang
4df042b54b
crypt32: Compare CRL's authority key identifier against the certificate's subject key identifier property, which also decodes the certificate's extension if necessary.
2009-12-09 12:02:43 +01:00
Francois Gouget
d1e592ad20
crypt32/tests: Fix compilation on systems that don't support nameless unions.
2009-12-08 17:42:25 +01:00
Juan Lang
bab1c652ae
crypt32/tests: Fix memory leak in test.
2009-12-07 09:49:07 +01:00
Juan Lang
cdbf6e8614
crypt32/tests: Don't pass as a parameter a variable that could be local.
2009-12-07 09:49:07 +01:00
Juan Lang
6acd82fa79
crypt32: Correct AKI extension used in end certificate and CRL when checking revocation.
2009-12-04 12:01:16 +01:00
Juan Lang
91fbdb561a
crypt32: The KeyId member of an authority key identifier is an octet string, not an integer.
2009-12-03 10:16:53 +01:00
Juan Lang
865669eeb3
crypt32: Fix test failures on Win2k.
2009-12-03 10:11:54 +01:00
Juan Lang
63383baed4
crypt32: Fix test failure on Win7.
2009-12-03 10:11:46 +01:00
Juan Lang
596cd16fc4
crypt32: Only check revocation on a chain without other errors.
2009-12-03 10:11:33 +01:00
Alexandre Julliard
b402b78780
rsaenh: Fix padding bytes check for 0-byte payload.
2009-12-02 14:59:56 +01:00
Juan Lang
9f5a554de0
crypt32: Correct AKI extension used in end certificate and CRL when checking revocation.
2009-12-02 12:18:02 +01:00
Juan Lang
9c56314e3d
crypt32: Further fix test failures.
2009-12-02 12:12:50 +01:00
Juan Lang
6b8c053218
crypt32: Fix test failures.
2009-12-01 12:24:00 +01:00
Juan Lang
90c160c3d8
crypt32: Revert 8ed5a777de
.
...
Ordinarily removing tests seems like a bad idea, but in this case it
seems the only rational response to the test failures the tests
produce. The tests check the state of three bits with a variety of
certificate and CRL combinations. One of these bits is apparently not
set by any version of Windows for any of the tests. Testing its
absence doesn't seem correct, and I'll explain why in more detail in a
second. Every permutation of the remaining two bits appears on at
least one Windows version, and no Windows version is obviously more
correct than the rest, so testing them doesn't seem worthwhile.
The one bit that doesn't appear to be set is the bit saying that a
certificate is revoked. I created CRLs that do in fact revoke some of
the tested certificates, so it appears to me that the bit should be
set. It's possible that Windows doesn't bother checking the
revocation status of a certificate whose anchor isn't trusted, but
it's impossible to test this in an automated regression test suite,
because adding a trusted certificate requires clicking OK (or its
equivalent) in a dialog. The dialog is invoked by the system process,
so I can't use a dialog hook to suppress it. I can test this
hypothesis manually, but it isn't possible to do so in an automated
way.
2009-11-30 12:57:53 +01:00
Juan Lang
f2040b7725
crypt32: Don't copy past end of buffer when removing a string from a multi string.
2009-11-30 12:57:39 +01:00
Juan Lang
b2ab45b78b
crypt32: Only match RDN attributes whose lengths are identical.
2009-11-21 14:31:46 +01:00
Juan Lang
8e51a866b7
crypt32: When searching for a CRL by the AKI extension, the extension has to be decoded to match.
2009-11-21 14:31:46 +01:00
Juan Lang
7dee971809
crypt32/tests: Fix a typo.
2009-11-21 14:31:46 +01:00
Juan Lang
8646c39bdb
crypt32: Finding a CRL issued by a cert should compare the cert's subject, not its issuer.
2009-11-21 14:31:46 +01:00
Juan Lang
6bc8237c63
crypt32/tests: Test one more certificate against the Verisign CRL.
2009-11-21 14:31:46 +01:00
Juan Lang
22206b909a
crypt32/tests: Fix a typo.
2009-11-21 14:31:46 +01:00
Ken Thomases
3921454398
crypt32: Read trusted root certificates from system keychain on Mac OS X.
2009-11-21 14:31:45 +01:00
Juan Lang
eee179206e
crypt32/tests: Fix tests on Win9x/ME.
2009-11-21 14:31:44 +01:00
Juan Lang
1a392e1a30
crypt32: Support checking the requested usage for a chain.
2009-11-21 14:31:44 +01:00
Juan Lang
30de103485
crypt32: Only trace a usage match if it's not empty.
2009-11-21 14:31:44 +01:00
Juan Lang
e611a83962
crypt32: Test verifying the enhanced key usage of a chain.
2009-11-21 14:31:44 +01:00
Juan Lang
9d9070ae3c
crypt32: CertFindCRLInStore with find type CRL_FIND_ISSUED_FOR shouldn't check whether the CRL is valid for the subject certificate.
2009-11-20 11:15:11 +01:00
Juan Lang
f378394acd
crypt32: Correct CertIsValidCRLForCertificate for certificates that do not contain a CRL dist points extension.
2009-11-20 11:15:06 +01:00
Juan Lang
bcbfddd82a
crypt32: Fix tests on older Windows versions.
2009-11-20 11:15:01 +01:00
Juan Lang
a3c6bc68c8
crypt32: Assume revocation server is offline if revocation status isn't known.
2009-11-20 11:14:52 +01:00
Juan Lang
9e1d31e5e5
crypt32: Fix a typo.
2009-11-20 11:14:47 +01:00
Juan Lang
8ed5a777de
crypt32: Test revocation checking with CertGetCertificateChain.
2009-11-20 11:14:41 +01:00
Juan Lang
27128bb2f8
crypt32: Add more tests for CertVerifyRevocation.
2009-11-20 11:14:00 +01:00
Juan Lang
8fcaa52d5d
crypt32: Add support for CRL_FIND_ISSUED_BY_AKI_FLAG to CertFindCRLInStore.
2009-11-19 11:49:59 +01:00
Juan Lang
b278155616
crypt32: Add more tests for CertFindCRLInStore.
2009-11-19 11:49:53 +01:00
Juan Lang
4727212e01
crypt32: Add support for CRL_FIND_ISSUED_BY_SIGNATURE_FLAG to CertFindCRLInStore.
2009-11-19 11:49:46 +01:00
Juan Lang
8beed85a2c
crypt32: Add basic flags tests flags for CertFindCRLInStore with find type CRL_FIND_ISSUED_BY.
2009-11-19 11:49:40 +01:00
Juan Lang
c84c53b1a6
crypt32: More fully implement CertIsValidCRLForCertificate.
2009-11-19 11:49:33 +01:00
Juan Lang
e5c56b1798
crypt32: Correct tests for CertIsValidCRLForCertificate.
2009-11-19 11:49:21 +01:00
Juan Lang
b16a78baa7
crypt32: Remove a redundant test.
2009-11-19 11:49:14 +01:00
Juan Lang
4fa4f67c79
crypt32: Implement CertFindCRLInStore for find type CRL_FIND_ISSUED_FOR.
2009-11-19 11:49:09 +01:00
Juan Lang
a3b462e3ea
crypt32: Add tests for CertFindCRLInStore with find type CRL_FIND_ISSUED_FOR.
2009-11-19 11:49:05 +01:00
Paul Vriens
7f5b24ed91
crypt32/tests: Fix a test failure on older crypt32.
2009-11-18 15:34:14 +01:00
Juan Lang
96073d5129
crypt32: Remove an unnecessary test for the extended key usage extension in CA certificates.
2009-11-18 11:09:20 +01:00
Juan Lang
d6958d7660
crypt32: Trace reasons for name constraint failure.
2009-11-18 11:09:08 +01:00
Juan Lang
1db8a6abda
crypt32: Only fail directory name comparison if a directory name constraint is present and doesn't match.
2009-11-18 11:09:02 +01:00
Juan Lang
a63affe5e0
crypt32: Don't apply directory name constraints to an empty subject name.
2009-11-18 11:08:55 +01:00
Juan Lang
c464875a6d
crypt32: Accept a certificate if its name matches any permitted subtree of a name constraint.
2009-11-18 11:08:49 +01:00
Juan Lang
d6f7d06cad
crypt32: Check email address in subject name against rfc822 name constraints.
2009-11-18 11:08:44 +01:00
Juan Lang
e4c03521ac
crypt32: Apply name constraints to subject name.
2009-11-18 11:08:37 +01:00
Juan Lang
6f35ae25b8
crypt32: Use helper function to compare a subject alternate name with name constraints.
2009-11-18 11:08:32 +01:00
Juan Lang
a98dad4f93
crypt32: Only apply a name constraint if the name form is present.
2009-11-18 11:08:25 +01:00
Juan Lang
f6d3348b7c
crypt32: Partially implement checking name constraints with directory names.
2009-11-18 11:08:20 +01:00
Juan Lang
7c44544a6d
crypt32: Use helper functions to match excluded and permitted subtrees of name constraints.
2009-11-18 11:08:14 +01:00
Juan Lang
9a40de08de
crypt32: Let caller set error codes when name constraints aren't met.
2009-11-18 11:08:08 +01:00
Juan Lang
f8044948ba
crypt32: Remove an unnecessary if.
2009-11-18 11:08:01 +01:00
Juan Lang
8585203103
crypt32: Prohibit name constraints that contain neither an excluded nor a permitted subtree.
2009-11-18 11:07:53 +01:00
Juan Lang
a299470622
crypt32/tests: Fix another test failure.
2009-11-17 15:14:53 +01:00
Juan Lang
440c702ce4
crypt32: Implement CertIsRDNAttrsInCertificateName.
2009-11-17 15:14:53 +01:00
Juan Lang
ed74536f0c
crypt32: Add tests for CertIsRDNAttrsInCertificateName.
2009-11-17 15:14:53 +01:00
Juan Lang
7d12294f08
crypt32: Add stub for CertIsRDNAttrsInCertificateName.
2009-11-17 15:14:53 +01:00
Juan Lang
4a948fa929
crypt32: Add more tests for CertCompareCertificateName.
2009-11-17 15:14:53 +01:00
Juan Lang
1974e61b59
crypt32: Correctly match subdomains with dns name constraints.
2009-11-17 12:05:11 +01:00
Juan Lang
b74ef17efc
crypt32: If a hostname in a URI or rfc822 name constraint doesn't begin with '.', a match must be exact.
2009-11-17 12:05:04 +01:00
Juan Lang
e82005fe2d
crypt32: Only compare the hostname portion of a URL when checking against a name constraint.
2009-11-17 12:04:58 +01:00
Juan Lang
3c8a04f12f
crypt32: Include name constraints errors in the chain's error status.
2009-11-17 12:04:52 +01:00
Juan Lang
f9ad32f0ad
crypt32: Trace method used to find an issuer.
2009-11-17 12:04:46 +01:00
Juan Lang
8adc75b3ec
crypt32: Fix more test failures.
2009-11-16 11:34:31 +01:00
Juan Lang
f6c4824675
crypt32: Update a comment.
2009-11-16 11:34:04 +01:00
Juan Lang
c4b997bab3
crypt32: Set CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS when a certificate's name constraints are met.
2009-11-16 11:33:58 +01:00
Juan Lang
9aee8fd556
crypt32: Fix test failures.
2009-11-13 11:52:25 +01:00
Juan Lang
21ecc84620
crypt32: Accept any matching dNSName in a subject alternate name.
2009-11-13 11:52:25 +01:00
Juan Lang
95a14deff9
crypt32: Add tests for cs.stanford.edu's chain.
2009-11-13 11:52:25 +01:00
Juan Lang
d311cc9bdb
crypt32: Use broken() to mark an expected result from a broken version of crypt32.
2009-11-13 11:52:25 +01:00
Juan Lang
b91d0c8bde
crypt32: Implement matching a certificate with a wildcard in its name.
2009-11-13 11:52:24 +01:00
Juan Lang
e740672647
crypt32: Test matching a certificate with a wildcard in its name.
2009-11-13 11:52:24 +01:00
Juan Lang
a29789e0bf
crypt32: Add openssl.org's cert to the tested chains.
2009-11-13 11:52:24 +01:00
Juan Lang
574de15f51
crypt32: Fix more test failures on older crypt32 versions.
2009-11-12 13:11:38 +01:00
Juan Lang
ba3433fa02
crypt32: Fix more test failures on older crypt32 versions.
2009-11-12 13:11:32 +01:00
Juan Lang
4d2c9c3e87
crypt32/tests: Fix test failures.
2009-11-12 13:11:25 +01:00
Juan Lang
d7c9bd13a2
crypt32: Fix test failures on multiple Windows versions.
2009-11-11 10:55:51 +01:00
Juan Lang
300d5fe5c4
crypt32: Correct error when a matching name constraint is found.
2009-11-11 10:55:44 +01:00
Juan Lang
0cf2e6fae6
crypt32: Stop reading a serialized store if a non-context prop ID appears before a context prop ID.
2009-11-11 10:55:36 +01:00
Juan Lang
bdbee82c42
crypt32: Trace cert version.
2009-11-11 10:54:38 +01:00
Juan Lang
0695b0dc73
crypt32: Fix test failures across Windows versions.
2009-11-11 10:54:24 +01:00
Juan Lang
49c1a34721
crypt32: Fix some test failures on older crypt32 versions.
2009-11-11 10:54:12 +01:00
Juan Lang
7eb33b18da
crypt32: Update a comment to reflect a fixed vulnerability.
2009-11-11 10:53:56 +01:00
Juan Lang
ee02d43731
crypt32: Correct error when a constrained, permitted name type isn't found in the subject name.
2009-11-10 13:08:31 +01:00
Juan Lang
2503e9ec73
crypt32: Use helper function to find the subject alternate name extension wherever it's needed.
2009-11-10 13:08:26 +01:00
Juan Lang
ae6e884142
crypt32: Correct error when the subject alternate name can't be decoded.
2009-11-10 13:08:20 +01:00
Juan Lang
865f3df35b
crypt32: Check the issued certificate for name constraint violations, not the issuing certificate.
2009-11-10 13:08:14 +01:00
Juan Lang
ef6ce9a590
crypt32: Add more tests of name constraints.
2009-11-10 13:08:06 +01:00
Juan Lang
a5361e45de
crypt32: Test more chains against different policies.
2009-11-10 13:07:35 +01:00
Juan Lang
25e8f27817
crypt32: Disallow embedded NULLs in alternate names.
2009-11-10 13:07:28 +01:00
Juan Lang
ddf78bdb38
crypt32: Test decoding alternate names with embedded NULLs.
2009-11-10 13:07:21 +01:00
Juan Lang
6a3901f04b
crypt32: Test encoding and decoding name values with embedded NULLs.
2009-11-10 13:07:15 +01:00
Juan Lang
216df7a714
crypt32: Reject certificates whose fields don't match their versions.
2009-11-10 13:07:07 +01:00
Juan Lang
9fe6be454f
crypt32: Forbid minimum or maximum fields in name constraints.
2009-11-10 13:07:00 +01:00
Juan Lang
e7404ba24f
crypt32: Fix decoding names when CRYPT_DECODE_ALLOC_FLAG is not specified.
2009-11-10 13:05:40 +01:00
Juan Lang
6cefdef501
crypt32: Fix decoding unicode names when CRYPT_DECODE_ALLOC_FLAG is not specified.
2009-11-10 13:05:35 +01:00
Marcus Meissner
c25753ece2
crypt32: Pass the correct pointer into CertificateFindStore.
2009-11-09 20:21:23 +01:00
Juan Lang
267e890220
crypt32: Fix test failures on Win9x/NT4.
2009-11-09 19:58:40 +01:00
Juan Lang
fbcce9f308
crypt32: Implement decoding cert policy constraints.
2009-11-09 19:58:34 +01:00
Juan Lang
32ad424972
crypt32: Implement encoding cert policy constraints.
2009-11-09 19:58:28 +01:00
Juan Lang
ae32f7bffc
crypt32: Add tests for encoding/decoding cert policy constraints.
2009-11-09 19:58:20 +01:00
Juan Lang
7e7e73d0da
crypt32: Implement decoding cert policy mappings.
2009-11-09 19:58:13 +01:00
Juan Lang
bf5e4d9bb7
crypt32: Implement encoding cert policy mappings.
2009-11-09 19:58:07 +01:00
Juan Lang
fba863ddf0
crypt32: Add tests for encoding/decoding cert policy mappings.
2009-11-09 19:57:59 +01:00
Juan Lang
ed9a4ffa0b
crypt32: Fix decoding cert issuer/subject unique ids.
2009-11-09 19:57:51 +01:00
Juan Lang
4ccafdcb6f
crypt32: Fix encoding cert issuer/subject unique ids.
2009-11-09 19:57:45 +01:00
Juan Lang
acfa433f15
crypt32: Add more tests of cert encoding/decoding.
2009-11-09 19:57:37 +01:00
Paul Chitescu
7223d8b6d2
crypt32: Check the result of CryptAcquireContextW() when initializing default provider.
2009-11-09 19:37:00 +01:00
Juan Lang
5274777b1c
crypt32: Permit lack of basic constraints extension on root certificates.
2009-11-09 19:34:36 +01:00
Juan Lang
d94e4d315a
crypt32: Permit lack of key usage extension on root certificates.
...
This reverts 60770fb011
, although it
updates the comments to give a reason. Thanks to Matt Van Gundy for
pointing it out to me.
2009-11-09 19:34:32 +01:00
Juan Lang
c52d110de1
crypt32: Don't free a file store's mem store, it's already freed by the provider store.
2009-11-05 11:57:58 +01:00
Juan Lang
a16ca1d039
crypt32: Add a warning if a store's ref count is invalid.
2009-11-05 11:57:47 +01:00
Juan Lang
88e599c4cf
crypt32: Don't copy past end of buffer when removing the last string in a multistring.
2009-11-05 11:57:41 +01:00
Juan Lang
e1b2eb3485
crypt32: Fix a test failure on NT 4.
2009-11-05 11:57:13 +01:00
Juan Lang
416cd484b2
crypt32: Implement CertStoreControl for collection stores.
2009-11-04 17:15:07 +01:00
Juan Lang
33c70d35dd
crypt32: Add an implementation of CertControlStore for memory stores.
2009-11-04 17:15:02 +01:00
Juan Lang
e6047ae52d
crypt32: Add tests of committing a collection store.
2009-11-04 17:14:53 +01:00
Juan Lang
f8376b91da
crypt32: Eliminate a double free in the tests.
2009-11-04 16:45:18 +01:00
Juan Lang
108f30bb7d
crypt32: Rename a function to reflect its behavior better, and return whether it succeeds.
2009-11-04 16:45:18 +01:00
Juan Lang
7e1cff1c18
crypt32: Release contexts when removing them from the mem store.
2009-11-04 16:45:18 +01:00
Juan Lang
df39bbba4f
crypt32: Don't delete a context when removing it from a list.
2009-11-04 16:45:18 +01:00
Juan Lang
787d0ab564
crypt32: Add an error if the ref count is invalid when releasing a context.
2009-11-04 16:45:18 +01:00
Juan Lang
1f363cd399
crypt32: Trace whenever a reference count changes, and change default debug channel to quiet the main crypt channel.
2009-11-04 16:45:18 +01:00
Juan Lang
17894eb093
crypt32: Release a link context's linked context on every release, not just when it reaches 0.
2009-11-04 16:45:17 +01:00
Juan Lang
52820b9cf8
crypt32: When creating a link context, call Context_AddRef to add-ref it so its children get add-ref'd too.
2009-11-04 16:45:17 +01:00
Juan Lang
5f81ad6821
crypt32: When add-ref'ing a context, add-ref its linked contexts too.
2009-11-04 16:45:17 +01:00
Juan Lang
fb5e0d8a4d
crypt32: When removing contexts from a list, make sure the context no longer references the list.
2009-11-04 16:45:17 +01:00
Juan Lang
976c6ff3f8
crypt32: Correct reference counting when deleting contexts from collections.
2009-11-04 16:45:17 +01:00
Juan Lang
92324ab38e
crypt32: Propagate errors from CertFree*Context to CertDelete*FromStore.
2009-11-04 16:45:17 +01:00
Juan Lang
40855cae97
crypt32: Add return value to Context_Release to allow detecting reference counting errors.
2009-11-04 16:45:16 +01:00
Juan Lang
d8094382a8
crypt32: Implement CertAddEncodedCertificateToSystemStoreA/W.
2009-11-04 16:45:16 +01:00
Juan Lang
9364d7a928
crypt32: Add stub for CertAddCertificateLinkToStore.
2009-11-04 13:07:56 +01:00
Juan Lang
f554669286
crypt32: Implement CryptGetIntendedKeyUsage.
2009-11-04 13:07:56 +01:00
Juan Lang
6ac162231b
crypt32: Add tests for CertGetIntendedKeyUsage.
2009-11-04 13:07:55 +01:00
Juan Lang
1c7c406b86
crypt32: Correct spec entries for certificate stores.
2009-11-03 21:31:33 +01:00
Juan Lang
ed701e0787
crypt32: Add stub for CryptGetIntendedKeyUsage.
2009-11-03 21:31:28 +01:00
Juan Lang
af3afcf81d
crypt32: Fix a memory leak in a test.
2009-11-03 21:29:29 +01:00
Juan Lang
7a73fd97ad
crypt32: Fix a memory leak reading trusted root certs.
2009-11-03 21:29:24 +01:00
Juan Lang
7dd75d1181
crypt32: Fix a memory leak querying a message object.
2009-11-03 21:29:19 +01:00
Juan Lang
9928e2e1c5
crypt32: Support reading a serialized store object from memory in CryptQueryObject.
2009-11-03 21:29:13 +01:00
Juan Lang
51a1f5a642
crypt32: Abstract function used to read from reading a serialized store.
2009-11-03 21:29:03 +01:00
Juan Lang
16036dd27a
crypt32: Allow errors in locally installed root certs.
2009-11-03 21:18:30 +01:00
Juan Lang
d6795bd908
crypt32: Trace contents of CERT_CHAIN_PARA.
2009-11-03 21:17:34 +01:00
Juan Lang
fc0aff0d2e
crypt32: Add support for the CRYPT_STRING_NOCRLF flag to CryptBinaryToStringA/W.
2009-11-03 21:16:12 +01:00
Juan Lang
2d5ac92d9a
crypt32: Partially implement CryptBinaryToStringW.
2009-11-03 21:15:55 +01:00
Juan Lang
9750d0f7f5
crypt32: Trace policy error status in CertVerifyCertificateChainPolicy.
2009-10-30 11:32:09 +01:00
Juan Lang
c4ce06293c
crypt32: Create a V1 certificate if it doesn't have extensions.
2009-10-30 11:32:04 +01:00
Juan Lang
07b735682b
crypt32: Check CA certificates for the enhanced key usage extension.
2009-10-30 11:26:39 +01:00
Juan Lang
60770fb011
crypt32: Only permit v1 or v2 CA certificates without a key usage extension if they're installed locally.
2009-10-30 11:26:30 +01:00
Juan Lang
7b0297769d
crypt32: Use a helper function to find an existing cert by hash.
2009-10-30 11:26:21 +01:00
Juan Lang
77472187c9
crypt32: Add key usage extension to chain4_0.
2009-10-30 11:26:15 +01:00
Juan Lang
33a6235053
crypt32: Only permit v1 or v2 CA certificates without a basic constraints extension if they're installed locally.
2009-10-30 11:26:06 +01:00
Juan Lang
552fec4002
crypt32: Add basic constraints to chain quality selection algorithm.
2009-10-30 11:24:23 +01:00
Juan Lang
c310637f4f
crypt32: Remove redundant if clause.
2009-10-30 11:24:10 +01:00
Juan Lang
9a13e1c70b
crypt32: Add basic constraints to chain15_0.
2009-10-30 11:23:58 +01:00
Juan Lang
118374c081
crypt32: Add basic constraints to chain14_0.
2009-10-30 11:23:53 +01:00
Juan Lang
0bd67b4c6f
crypt32: Add basic constraints and key usage to chain12_0.
2009-10-30 11:23:47 +01:00
Juan Lang
002439e2f0
crypt32: Add basic constraints and key usage to chain8_0.
2009-10-30 11:23:41 +01:00
Juan Lang
4557a8705b
crypt32: Add basic constraints and key usage to chain5_0.
2009-10-30 11:23:35 +01:00
Juan Lang
86d6177215
crypt32: Add basic constraints and key usage to chain2_0.
2009-10-30 11:23:27 +01:00
Juan Lang
6bf0e52011
crypt32: Add basic constraints and key usage to chain0_0.
2009-10-30 11:23:22 +01:00
Juan Lang
9059892ec1
crypt32: Implement CertVerifyCertificateChainPolicy for CERT_CHAIN_POLICY_SSL.
2009-10-29 13:07:53 +01:00
Juan Lang
2fbb736e01
crypt32: Add some tests of the SSL policy.
2009-10-29 13:07:47 +01:00
Juan Lang
facd2e975a
crypt32: Allow the caller of checkChainPolicyStatus to specify the date to test with and additional policy parameters.
2009-10-29 13:07:39 +01:00