Juan Lang : crypt32: Set trust status on root element in chain.

Alexandre Julliard julliard at wine.codeweavers.com
Wed Aug 29 07:48:11 CDT 2007 

Module: wine
Branch: master
Commit: eda48d8868065d2d7debafa79ba25fd8e1d8bc59
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=eda48d8868065d2d7debafa79ba25fd8e1d8bc59

Author: Juan Lang <juan.lang at gmail.com>
Date:   Tue Aug 28 15:52:37 2007 -0700

crypt32: Set trust status on root element in chain.

---

 dlls/crypt32/chain.c |   19 ++++++++++++++-----
 1 files changed, 14 insertions(+), 5 deletions(-)

diff --git a/dlls/crypt32/chain.c b/dlls/crypt32/chain.c
index 161ba29..2b00ff0 100644
--- a/dlls/crypt32/chain.c
+++ b/dlls/crypt32/chain.c
@@ -340,20 +340,25 @@ static BOOL CRYPT_BuildSimpleChain(HCERTCHAINENGINE hChainEngine,
         }
         if (ret)
         {
-            PCCERT_CONTEXT root = chain->rgpElement[chain->cElement - 1]->
-             pCertContext;
+            PCERT_CHAIN_ELEMENT rootElement =
+             chain->rgpElement[chain->cElement - 1];
+            PCCERT_CONTEXT root = rootElement->pCertContext;
 
             if (!(ret = CRYPT_IsCertificateSelfSigned(root)))
                 TRACE("Last certificate is not self-signed\n");
             else
             {
-                chain->rgpElement[chain->cElement - 1]->TrustStatus.dwInfoStatus
-                 |= CERT_TRUST_IS_SELF_SIGNED;
+                rootElement->TrustStatus.dwInfoStatus |=
+                 CERT_TRUST_IS_SELF_SIGNED;
                 if (!(ret = CryptVerifyCertificateSignatureEx(0,
                  root->dwCertEncodingType, CRYPT_VERIFY_CERT_SIGN_SUBJECT_CERT,
                  (void *)root, CRYPT_VERIFY_CERT_SIGN_ISSUER_CERT, (void *)root,
                  0, NULL)))
+                {
                     TRACE("Last certificate's signature is invalid\n");
+                    rootElement->TrustStatus.dwErrorStatus |=
+                     CERT_TRUST_IS_NOT_SIGNATURE_VALID;
+                }
             }
             if (ret)
             {
@@ -367,11 +372,15 @@ static BOOL CRYPT_BuildSimpleChain(HCERTCHAINENGINE hChainEngine,
                 trustedRoot = CertFindCertificateInStore(engine->hRoot,
                  root->dwCertEncodingType, 0, CERT_FIND_SHA1_HASH, &blob, NULL);
                 if (!trustedRoot)
-                    chain->TrustStatus.dwErrorStatus |=
+                    rootElement->TrustStatus.dwErrorStatus |=
                      CERT_TRUST_IS_UNTRUSTED_ROOT;
                 else
                     CertFreeCertificateContext(trustedRoot);
             }
+            chain->TrustStatus.dwErrorStatus |=
+             rootElement->TrustStatus.dwErrorStatus;
+            chain->TrustStatus.dwInfoStatus |=
+             rootElement->TrustStatus.dwInfoStatus & ~CERT_TRUST_IS_SELF_SIGNED;
         }
         if (!ret)
         {

More information about the wine-cvs mailing list