Juan Lang
|
558057b4b2
|
crypt32: Fix chain error status when a cert's issuer can't be found.
|
2008-10-31 12:57:25 +01:00 |
Juan Lang
|
39a7d40413
|
crypt32: Fix frequency with which chains are checked for cycles.
|
2008-10-30 11:29:37 +01:00 |
Juan Lang
|
0556e9d966
|
crypt32: Correct trust error status for cyclic chains.
|
2008-10-23 12:13:25 +02:00 |
Juan Lang
|
eeec9bf349
|
crypt32: Correct another chain status discrepancy with Windows.
|
2008-10-17 20:17:11 +02:00 |
Juan Lang
|
25698f8938
|
crypt32: Microsoft fixed a bug with name constraints, so make Wine's behavior match.
|
2008-10-17 20:17:08 +02:00 |
Juan Lang
|
cb341f3717
|
crypt32: Fix error handling for cyclic chains.
|
2008-10-09 12:29:44 +02:00 |
Juan Lang
|
71e394fb89
|
crypt32: Fix typo. Fixes Coverity item 605.
|
2008-09-10 10:40:43 +02:00 |
Michael Karcher
|
0ed076ab5c
|
crypt32: Remove duplicate MS test root key.
|
2008-06-30 15:11:12 +02:00 |
Erik de Castro Lopo
|
0ef69ef9dd
|
crypt32: Use LOWORD on LPCSTR type instead of casting to int.
|
2008-04-25 11:34:53 +02:00 |
Andrew Talbot
|
70c4b66781
|
crypt32: Assign to structs instead of using memcpy.
|
2008-02-15 12:05:47 +01:00 |
Michael Stefaniuc
|
3e005ce915
|
crypt32: Do not use an empty body in an else-statement as documentation.
|
2007-12-10 12:35:56 +01:00 |
Juan Lang
|
329761e7e1
|
crypt32: Fix a leak building an alternate chain.
|
2007-11-02 12:21:58 +01:00 |
Juan Lang
|
fc14728efc
|
crypt32: Fix a leak during chain creation.
|
2007-11-02 12:21:47 +01:00 |
Juan Lang
|
912c3e609b
|
crypt32: Implement cert chain revocation checking.
|
2007-10-24 12:33:39 +02:00 |
Juan Lang
|
9ae5ef6641
|
crypt32: Set lower quality chain count and pointer to 0 when freeing them.
|
2007-10-19 14:21:46 +02:00 |
Juan Lang
|
5d6feab0e2
|
crypt32: Don't keep a pointer to the lower quality chains when choosing a higher quality one, otherwise they'll get double-freed.
|
2007-10-19 14:21:42 +02:00 |
Juan Lang
|
7a0905128d
|
crypt32: Always set pPolicyStatus->dwError.
|
2007-10-17 13:40:41 +02:00 |
Juan Lang
|
136f033158
|
crypt32: Implement CertVerifyCertificateChain for the Microsoft root policy.
|
2007-10-16 09:35:53 +02:00 |
Juan Lang
|
9908fe9ac6
|
crypt32: Implement name constraint checking.
|
2007-10-11 22:23:58 +02:00 |
Juan Lang
|
a5833ac9f4
|
crypt32: Set subject's info status from method used to find issuer.
|
2007-09-12 11:33:11 +02:00 |
Juan Lang
|
54428bfb99
|
crypt32: Pass subject's info status when adding an issuer to a chain.
|
2007-09-12 11:33:11 +02:00 |
Juan Lang
|
5c8254886f
|
crypt32: Only decode authority key ID in subject cert once when looking for issuer.
|
2007-09-12 11:33:11 +02:00 |
Juan Lang
|
05492ae907
|
crypt32: (Re)introduce helper function to get issuer certificate.
|
2007-09-12 11:33:11 +02:00 |
Francois Gouget
|
b7bf91f5e8
|
crypt32: Fix the I_Crypt*Asn1*() prototypes. Add the i_cryptasn1tls.h header and use it.
|
2007-09-12 11:33:10 +02:00 |
Juan Lang
|
039beff441
|
crypt32: Implement CertVerifyCertificateChainPolicy for the basic constraints policy.
|
2007-09-11 12:36:41 +02:00 |
Juan Lang
|
5f06293eb1
|
crypt32: Implement CertVerifyCertificateChainPolicy for the authenticode policy.
|
2007-09-11 12:36:34 +02:00 |
Juan Lang
|
b56f0c5b68
|
crypt32: Implement CertVerifyCertificateChainPolicy for the base policy.
|
2007-09-11 12:36:27 +02:00 |
Juan Lang
|
91c76955e7
|
crypt32: Add a stub for CertVerifyCertificateChainPolicy.
|
2007-09-11 12:36:10 +02:00 |
Juan Lang
|
391f826d49
|
crypt32: Add a function to create a certificate chain engine potentially before the root store is created.
|
2007-09-11 11:50:23 +02:00 |
Juan Lang
|
5e674f3580
|
crypt32: Consider alternate issuers when building chains.
|
2007-09-10 15:50:01 +02:00 |
Juan Lang
|
1fc8c60788
|
crypt32: Flags weren't set, so don't bother passing them.
|
2007-09-10 15:49:55 +02:00 |
Juan Lang
|
a040dd22e7
|
crypt32: Defer checking signatures until chain is complete.
|
2007-09-10 15:49:50 +02:00 |
Juan Lang
|
56d4a3c392
|
crypt32: Don't ask CertGetIssuerCertificateFromStore to verify revocation status, it almost certainly doesn't do what we want.
|
2007-09-10 15:49:44 +02:00 |
Juan Lang
|
dfd2d3d9bc
|
crypt32: Don't abort chain creation if the root signature isn't valid.
|
2007-09-10 15:49:38 +02:00 |
Juan Lang
|
5b02947937
|
crypt32: Add special case for certificates with no signature algorithm.
|
2007-09-10 15:49:31 +02:00 |
Juan Lang
|
69834b16ac
|
crypt32: Set *ppChainContext even on error.
|
2007-09-10 15:49:13 +02:00 |
Juan Lang
|
c4e07a5bfc
|
crypt32: Separate allocating a simple chain and checking it from building it.
|
2007-09-10 15:49:01 +02:00 |
Juan Lang
|
a82b36ac98
|
crypt32: Store world store in chain.
|
2007-09-10 15:48:55 +02:00 |
Juan Lang
|
818634d69a
|
crypt32: Not finding an issuer shouldn't cause chain creation to fail.
|
2007-09-10 15:48:49 +02:00 |
Juan Lang
|
8698a598fc
|
crypt32: Don't add end cert's store to world.
|
2007-09-10 15:48:43 +02:00 |
Juan Lang
|
e9ee8c8717
|
crypt32: Open world store when creating chain, not when building a simple chain.
|
2007-09-10 15:48:35 +02:00 |
Juan Lang
|
1a059879bf
|
crypt32: Make a helper function to create initial candidate chain.
|
2007-09-10 15:48:27 +02:00 |
Juan Lang
|
6c9b788fb8
|
crypt32: Check path length constraint on a chain.
|
2007-08-31 19:12:38 +02:00 |
Juan Lang
|
14b0df1fef
|
crypt32: Set error status on issued certificate, not on issuer.
|
2007-08-31 19:12:33 +02:00 |
Juan Lang
|
1ce46d5e4a
|
crypt32: Check whether each signing certificate can be a CA.
|
2007-08-31 19:12:28 +02:00 |
Juan Lang
|
51948b0c98
|
crypt32: Check time of each element in chain against requested time.
|
2007-08-31 19:12:23 +02:00 |
Juan Lang
|
d06a24517f
|
crypt32: Time validity nesting doesn't appear to be checked, so don't check it.
|
2007-08-31 19:12:18 +02:00 |
Juan Lang
|
03d76d97ec
|
crypt32: Correct combining trust status of a chain's elements into the chain's trust status.
|
2007-08-31 19:12:12 +02:00 |
Juan Lang
|
c39696eb14
|
crypt32: Don't fail chain creation if signature doesn't match.
|
2007-08-31 19:12:04 +02:00 |
Juan Lang
|
1540f24e92
|
crypt32: Don't fail chain creation if root isn't self-signed.
|
2007-08-31 19:11:53 +02:00 |