Juan Lang : crypt32: Set trust status on root element in chain.
Alexandre Julliard
julliard at wine.codeweavers.com
Wed Aug 29 07:48:11 CDT 2007
Module: wine
Branch: master
Commit: eda48d8868065d2d7debafa79ba25fd8e1d8bc59
URL: http://source.winehq.org/git/wine.git/?a=commit;h=eda48d8868065d2d7debafa79ba25fd8e1d8bc59
Author: Juan Lang <juan.lang at gmail.com>
Date: Tue Aug 28 15:52:37 2007 -0700
crypt32: Set trust status on root element in chain.
---
dlls/crypt32/chain.c | 19 ++++++++++++++-----
1 files changed, 14 insertions(+), 5 deletions(-)
diff --git a/dlls/crypt32/chain.c b/dlls/crypt32/chain.c
index 161ba29..2b00ff0 100644
--- a/dlls/crypt32/chain.c
+++ b/dlls/crypt32/chain.c
@@ -340,20 +340,25 @@ static BOOL CRYPT_BuildSimpleChain(HCERTCHAINENGINE hChainEngine,
}
if (ret)
{
- PCCERT_CONTEXT root = chain->rgpElement[chain->cElement - 1]->
- pCertContext;
+ PCERT_CHAIN_ELEMENT rootElement =
+ chain->rgpElement[chain->cElement - 1];
+ PCCERT_CONTEXT root = rootElement->pCertContext;
if (!(ret = CRYPT_IsCertificateSelfSigned(root)))
TRACE("Last certificate is not self-signed\n");
else
{
- chain->rgpElement[chain->cElement - 1]->TrustStatus.dwInfoStatus
- |= CERT_TRUST_IS_SELF_SIGNED;
+ rootElement->TrustStatus.dwInfoStatus |=
+ CERT_TRUST_IS_SELF_SIGNED;
if (!(ret = CryptVerifyCertificateSignatureEx(0,
root->dwCertEncodingType, CRYPT_VERIFY_CERT_SIGN_SUBJECT_CERT,
(void *)root, CRYPT_VERIFY_CERT_SIGN_ISSUER_CERT, (void *)root,
0, NULL)))
+ {
TRACE("Last certificate's signature is invalid\n");
+ rootElement->TrustStatus.dwErrorStatus |=
+ CERT_TRUST_IS_NOT_SIGNATURE_VALID;
+ }
}
if (ret)
{
@@ -367,11 +372,15 @@ static BOOL CRYPT_BuildSimpleChain(HCERTCHAINENGINE hChainEngine,
trustedRoot = CertFindCertificateInStore(engine->hRoot,
root->dwCertEncodingType, 0, CERT_FIND_SHA1_HASH, &blob, NULL);
if (!trustedRoot)
- chain->TrustStatus.dwErrorStatus |=
+ rootElement->TrustStatus.dwErrorStatus |=
CERT_TRUST_IS_UNTRUSTED_ROOT;
else
CertFreeCertificateContext(trustedRoot);
}
+ chain->TrustStatus.dwErrorStatus |=
+ rootElement->TrustStatus.dwErrorStatus;
+ chain->TrustStatus.dwInfoStatus |=
+ rootElement->TrustStatus.dwInfoStatus & ~CERT_TRUST_IS_SELF_SIGNED;
}
if (!ret)
{
More information about the wine-cvs
mailing list