Juan Lang : crypt32:
Add a function to create a certificate chain engine potentially before
the root store is created .
Alexandre Julliard
julliard at wine.codeweavers.com
Tue Sep 11 07:28:42 CDT 2007
Module: wine
Branch: master
Commit: 391f826d49604f2bc70bf2574e2273307f139d48
URL: http://source.winehq.org/git/wine.git/?a=commit;h=391f826d49604f2bc70bf2574e2273307f139d48
Author: Juan Lang <juan.lang at gmail.com>
Date: Mon Sep 10 09:33:39 2007 -0700
crypt32: Add a function to create a certificate chain engine potentially before the root store is created.
---
dlls/crypt32/chain.c | 78 +++++++++++++++++++++++----------------
dlls/crypt32/crypt32_private.h | 7 ++++
2 files changed, 53 insertions(+), 32 deletions(-)
diff --git a/dlls/crypt32/chain.c b/dlls/crypt32/chain.c
index 4424f52..10997af 100644
--- a/dlls/crypt32/chain.c
+++ b/dlls/crypt32/chain.c
@@ -104,12 +104,48 @@ static BOOL CRYPT_CheckRestrictedRoot(HCERTSTORE store)
return ret;
}
-BOOL WINAPI CertCreateCertificateChainEngine(PCERT_CHAIN_ENGINE_CONFIG pConfig,
- HCERTCHAINENGINE *phChainEngine)
+HCERTCHAINENGINE CRYPT_CreateChainEngine(HCERTSTORE root,
+ PCERT_CHAIN_ENGINE_CONFIG pConfig)
{
static const WCHAR caW[] = { 'C','A',0 };
static const WCHAR myW[] = { 'M','y',0 };
static const WCHAR trustW[] = { 'T','r','u','s','t',0 };
+ PCertificateChainEngine engine =
+ CryptMemAlloc(sizeof(CertificateChainEngine));
+
+ if (engine)
+ {
+ HCERTSTORE worldStores[4];
+
+ engine->ref = 1;
+ engine->hRoot = root;
+ engine->hWorld = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0,
+ CERT_STORE_CREATE_NEW_FLAG, NULL);
+ worldStores[0] = CertDuplicateStore(engine->hRoot);
+ worldStores[1] = CertOpenSystemStoreW(0, caW);
+ worldStores[2] = CertOpenSystemStoreW(0, myW);
+ worldStores[3] = CertOpenSystemStoreW(0, trustW);
+ CRYPT_AddStoresToCollection(engine->hWorld,
+ sizeof(worldStores) / sizeof(worldStores[0]), worldStores);
+ CRYPT_AddStoresToCollection(engine->hWorld,
+ pConfig->cAdditionalStore, pConfig->rghAdditionalStore);
+ CRYPT_CloseStores(sizeof(worldStores) / sizeof(worldStores[0]),
+ worldStores);
+ engine->dwFlags = pConfig->dwFlags;
+ engine->dwUrlRetrievalTimeout = pConfig->dwUrlRetrievalTimeout;
+ engine->MaximumCachedCertificates =
+ pConfig->MaximumCachedCertificates;
+ if (pConfig->CycleDetectionModulus)
+ engine->CycleDetectionModulus = pConfig->CycleDetectionModulus;
+ else
+ engine->CycleDetectionModulus = DEFAULT_CYCLE_MODULUS;
+ }
+ return (HCERTCHAINENGINE)engine;
+}
+
+BOOL WINAPI CertCreateCertificateChainEngine(PCERT_CHAIN_ENGINE_CONFIG pConfig,
+ HCERTCHAINENGINE *phChainEngine)
+{
BOOL ret;
TRACE("(%p, %p)\n", pConfig, phChainEngine);
@@ -123,39 +159,17 @@ BOOL WINAPI CertCreateCertificateChainEngine(PCERT_CHAIN_ENGINE_CONFIG pConfig,
ret = CRYPT_CheckRestrictedRoot(pConfig->hRestrictedRoot);
if (ret)
{
- PCertificateChainEngine engine =
- CryptMemAlloc(sizeof(CertificateChainEngine));
+ HCERTSTORE root;
+ HCERTCHAINENGINE engine;
+ if (pConfig->hRestrictedRoot)
+ root = CertDuplicateStore(pConfig->hRestrictedRoot);
+ else
+ root = CertOpenSystemStoreW(0, rootW);
+ engine = CRYPT_CreateChainEngine(root, pConfig);
if (engine)
{
- HCERTSTORE worldStores[4];
-
- engine->ref = 1;
- if (pConfig->hRestrictedRoot)
- engine->hRoot = CertDuplicateStore(pConfig->hRestrictedRoot);
- else
- engine->hRoot = CertOpenSystemStoreW(0, rootW);
- engine->hWorld = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0,
- CERT_STORE_CREATE_NEW_FLAG, NULL);
- worldStores[0] = CertDuplicateStore(engine->hRoot);
- worldStores[1] = CertOpenSystemStoreW(0, caW);
- worldStores[2] = CertOpenSystemStoreW(0, myW);
- worldStores[3] = CertOpenSystemStoreW(0, trustW);
- CRYPT_AddStoresToCollection(engine->hWorld,
- sizeof(worldStores) / sizeof(worldStores[0]), worldStores);
- CRYPT_AddStoresToCollection(engine->hWorld,
- pConfig->cAdditionalStore, pConfig->rghAdditionalStore);
- CRYPT_CloseStores(sizeof(worldStores) / sizeof(worldStores[0]),
- worldStores);
- engine->dwFlags = pConfig->dwFlags;
- engine->dwUrlRetrievalTimeout = pConfig->dwUrlRetrievalTimeout;
- engine->MaximumCachedCertificates =
- pConfig->MaximumCachedCertificates;
- if (pConfig->CycleDetectionModulus)
- engine->CycleDetectionModulus = pConfig->CycleDetectionModulus;
- else
- engine->CycleDetectionModulus = DEFAULT_CYCLE_MODULUS;
- *phChainEngine = (HCERTCHAINENGINE)engine;
+ *phChainEngine = engine;
ret = TRUE;
}
else
diff --git a/dlls/crypt32/crypt32_private.h b/dlls/crypt32/crypt32_private.h
index ffd5a87..4397005 100644
--- a/dlls/crypt32/crypt32_private.h
+++ b/dlls/crypt32/crypt32_private.h
@@ -251,6 +251,13 @@ PWINECRYPT_CERTSTORE CRYPT_FileNameOpenStoreA(HCRYPTPROV hCryptProv,
PWINECRYPT_CERTSTORE CRYPT_FileNameOpenStoreW(HCRYPTPROV hCryptProv,
DWORD dwFlags, const void *pvPara);
+/* Allocates and initializes a certificate chain engine, but without creating
+ * the root store. Instead, it uses root, and assumes the caller has done any
+ * checking necessary.
+ */
+HCERTCHAINENGINE CRYPT_CreateChainEngine(HCERTSTORE root,
+ PCERT_CHAIN_ENGINE_CONFIG pConfig);
+
/* Helper function for store reading functions and
* CertAddSerializedElementToStore. Returns a context of the appropriate type
* if it can, or NULL otherwise. Doesn't validate any of the properties in
More information about the wine-cvs
mailing list