Commit Graph

1449 Commits

Author SHA1 Message Date
Juan Lang f8044948ba crypt32: Remove an unnecessary if. 2009-11-18 11:08:01 +01:00
Juan Lang 8585203103 crypt32: Prohibit name constraints that contain neither an excluded nor a permitted subtree. 2009-11-18 11:07:53 +01:00
Juan Lang a299470622 crypt32/tests: Fix another test failure. 2009-11-17 15:14:53 +01:00
Juan Lang 440c702ce4 crypt32: Implement CertIsRDNAttrsInCertificateName. 2009-11-17 15:14:53 +01:00
Juan Lang ed74536f0c crypt32: Add tests for CertIsRDNAttrsInCertificateName. 2009-11-17 15:14:53 +01:00
Juan Lang 7d12294f08 crypt32: Add stub for CertIsRDNAttrsInCertificateName. 2009-11-17 15:14:53 +01:00
Juan Lang 4a948fa929 crypt32: Add more tests for CertCompareCertificateName. 2009-11-17 15:14:53 +01:00
Juan Lang 1974e61b59 crypt32: Correctly match subdomains with dns name constraints. 2009-11-17 12:05:11 +01:00
Juan Lang b74ef17efc crypt32: If a hostname in a URI or rfc822 name constraint doesn't begin with '.', a match must be exact. 2009-11-17 12:05:04 +01:00
Juan Lang e82005fe2d crypt32: Only compare the hostname portion of a URL when checking against a name constraint. 2009-11-17 12:04:58 +01:00
Juan Lang 3c8a04f12f crypt32: Include name constraints errors in the chain's error status. 2009-11-17 12:04:52 +01:00
Juan Lang f9ad32f0ad crypt32: Trace method used to find an issuer. 2009-11-17 12:04:46 +01:00
Juan Lang 8adc75b3ec crypt32: Fix more test failures. 2009-11-16 11:34:31 +01:00
Juan Lang f6c4824675 crypt32: Update a comment. 2009-11-16 11:34:04 +01:00
Juan Lang c4b997bab3 crypt32: Set CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS when a certificate's name constraints are met. 2009-11-16 11:33:58 +01:00
Juan Lang 9aee8fd556 crypt32: Fix test failures. 2009-11-13 11:52:25 +01:00
Juan Lang 21ecc84620 crypt32: Accept any matching dNSName in a subject alternate name. 2009-11-13 11:52:25 +01:00
Juan Lang 95a14deff9 crypt32: Add tests for cs.stanford.edu's chain. 2009-11-13 11:52:25 +01:00
Juan Lang d311cc9bdb crypt32: Use broken() to mark an expected result from a broken version of crypt32. 2009-11-13 11:52:25 +01:00
Juan Lang b91d0c8bde crypt32: Implement matching a certificate with a wildcard in its name. 2009-11-13 11:52:24 +01:00
Juan Lang e740672647 crypt32: Test matching a certificate with a wildcard in its name. 2009-11-13 11:52:24 +01:00
Juan Lang a29789e0bf crypt32: Add openssl.org's cert to the tested chains. 2009-11-13 11:52:24 +01:00
Juan Lang 574de15f51 crypt32: Fix more test failures on older crypt32 versions. 2009-11-12 13:11:38 +01:00
Juan Lang ba3433fa02 crypt32: Fix more test failures on older crypt32 versions. 2009-11-12 13:11:32 +01:00
Juan Lang 4d2c9c3e87 crypt32/tests: Fix test failures. 2009-11-12 13:11:25 +01:00
Juan Lang d7c9bd13a2 crypt32: Fix test failures on multiple Windows versions. 2009-11-11 10:55:51 +01:00
Juan Lang 300d5fe5c4 crypt32: Correct error when a matching name constraint is found. 2009-11-11 10:55:44 +01:00
Juan Lang 0cf2e6fae6 crypt32: Stop reading a serialized store if a non-context prop ID appears before a context prop ID. 2009-11-11 10:55:36 +01:00
Juan Lang bdbee82c42 crypt32: Trace cert version. 2009-11-11 10:54:38 +01:00
Juan Lang 0695b0dc73 crypt32: Fix test failures across Windows versions. 2009-11-11 10:54:24 +01:00
Juan Lang 49c1a34721 crypt32: Fix some test failures on older crypt32 versions. 2009-11-11 10:54:12 +01:00
Juan Lang 7eb33b18da crypt32: Update a comment to reflect a fixed vulnerability. 2009-11-11 10:53:56 +01:00
Juan Lang ee02d43731 crypt32: Correct error when a constrained, permitted name type isn't found in the subject name. 2009-11-10 13:08:31 +01:00
Juan Lang 2503e9ec73 crypt32: Use helper function to find the subject alternate name extension wherever it's needed. 2009-11-10 13:08:26 +01:00
Juan Lang ae6e884142 crypt32: Correct error when the subject alternate name can't be decoded. 2009-11-10 13:08:20 +01:00
Juan Lang 865f3df35b crypt32: Check the issued certificate for name constraint violations, not the issuing certificate. 2009-11-10 13:08:14 +01:00
Juan Lang ef6ce9a590 crypt32: Add more tests of name constraints. 2009-11-10 13:08:06 +01:00
Juan Lang a5361e45de crypt32: Test more chains against different policies. 2009-11-10 13:07:35 +01:00
Juan Lang 25e8f27817 crypt32: Disallow embedded NULLs in alternate names. 2009-11-10 13:07:28 +01:00
Juan Lang ddf78bdb38 crypt32: Test decoding alternate names with embedded NULLs. 2009-11-10 13:07:21 +01:00
Juan Lang 6a3901f04b crypt32: Test encoding and decoding name values with embedded NULLs. 2009-11-10 13:07:15 +01:00
Juan Lang 216df7a714 crypt32: Reject certificates whose fields don't match their versions. 2009-11-10 13:07:07 +01:00
Juan Lang 9fe6be454f crypt32: Forbid minimum or maximum fields in name constraints. 2009-11-10 13:07:00 +01:00
Juan Lang e7404ba24f crypt32: Fix decoding names when CRYPT_DECODE_ALLOC_FLAG is not specified. 2009-11-10 13:05:40 +01:00
Juan Lang 6cefdef501 crypt32: Fix decoding unicode names when CRYPT_DECODE_ALLOC_FLAG is not specified. 2009-11-10 13:05:35 +01:00
Marcus Meissner c25753ece2 crypt32: Pass the correct pointer into CertificateFindStore. 2009-11-09 20:21:23 +01:00
Juan Lang 267e890220 crypt32: Fix test failures on Win9x/NT4. 2009-11-09 19:58:40 +01:00
Juan Lang fbcce9f308 crypt32: Implement decoding cert policy constraints. 2009-11-09 19:58:34 +01:00
Juan Lang 32ad424972 crypt32: Implement encoding cert policy constraints. 2009-11-09 19:58:28 +01:00
Juan Lang ae32f7bffc crypt32: Add tests for encoding/decoding cert policy constraints. 2009-11-09 19:58:20 +01:00