Juan Lang : crypt32: Test verifying the enhanced key usage of a chain.
Alexandre Julliard
julliard at winehq.org
Mon Nov 23 08:49:48 CST 2009
Module: wine
Branch: master
Commit: e611a839624e97708aa3c768aeacf39aca9ad6fb
URL: http://source.winehq.org/git/wine.git/?a=commit;h=e611a839624e97708aa3c768aeacf39aca9ad6fb
Author: Juan Lang <juan.lang at gmail.com>
Date: Fri Nov 20 12:06:47 2009 -0800
crypt32: Test verifying the enhanced key usage of a chain.
---
dlls/crypt32/tests/chain.c | 67 ++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 67 insertions(+), 0 deletions(-)
diff --git a/dlls/crypt32/tests/chain.c b/dlls/crypt32/tests/chain.c
index 2b8d967..b21fba6 100644
--- a/dlls/crypt32/tests/chain.c
+++ b/dlls/crypt32/tests/chain.c
@@ -3606,6 +3606,9 @@ static void testGetCertChain(void)
CERT_TRUST_IS_REVOKED | CERT_TRUST_REVOCATION_STATUS_UNKNOWN |
CERT_TRUST_IS_OFFLINE_REVOCATION;
HCERTSTORE store;
+ static char one_two_three[] = "1.2.3";
+ static char oid_server_auth[] = szOID_PKIX_KP_SERVER_AUTH;
+ LPSTR oids[2];
/* Basic parameter checks */
if (0)
@@ -3829,6 +3832,70 @@ static void testGetCertChain(void)
CertCloseStore(store, 0);
CertFreeCertificateContext(cert);
+ /* Test usage match with Google's cert */
+ store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
+ CERT_STORE_CREATE_NEW_FLAG, NULL);
+ CertAddEncodedCertificateToStore(store, X509_ASN_ENCODING,
+ verisignCA, sizeof(verisignCA), CERT_STORE_ADD_ALWAYS, NULL);
+ CertAddEncodedCertificateToStore(store, X509_ASN_ENCODING,
+ thawte_sgc_ca, sizeof(thawte_sgc_ca), CERT_STORE_ADD_ALWAYS, NULL);
+ cert = CertCreateCertificateContext(X509_ASN_ENCODING,
+ google, sizeof(google));
+ SystemTimeToFileTime(&oct2009, &fileTime);
+ memset(¶, 0, sizeof(para));
+ para.cbSize = sizeof(para);
+ oids[0] = one_two_three;
+ para.RequestedUsage.dwType = USAGE_MATCH_TYPE_AND;
+ para.RequestedUsage.Usage.rgpszUsageIdentifier = oids;
+ para.RequestedUsage.Usage.cUsageIdentifier = 1;
+ ret = pCertGetCertificateChain(NULL, cert, &fileTime, store, ¶,
+ 0, NULL, &chain);
+ ok(ret, "CertGetCertificateChain failed: %08x\n", GetLastError());
+ if (ret)
+ {
+ todo_wine
+ ok(chain->TrustStatus.dwErrorStatus & CERT_TRUST_IS_NOT_VALID_FOR_USAGE,
+ "expected CERT_TRUST_IS_NOT_VALID_FOR_USAGE\n");
+ CertFreeCertificateChain(chain);
+ }
+ oids[0] = oid_server_auth;
+ ret = pCertGetCertificateChain(NULL, cert, &fileTime, store, ¶,
+ 0, NULL, &chain);
+ ok(ret, "CertGetCertificateChain failed: %08x\n", GetLastError());
+ if (ret)
+ {
+ ok(!(chain->TrustStatus.dwErrorStatus &
+ CERT_TRUST_IS_NOT_VALID_FOR_USAGE),
+ "didn't expect CERT_TRUST_IS_NOT_VALID_FOR_USAGE\n");
+ CertFreeCertificateChain(chain);
+ }
+ oids[1] = one_two_three;
+ para.RequestedUsage.Usage.cUsageIdentifier = 2;
+ para.RequestedUsage.dwType = USAGE_MATCH_TYPE_AND;
+ ret = pCertGetCertificateChain(NULL, cert, &fileTime, store, ¶,
+ 0, NULL, &chain);
+ ok(ret, "CertGetCertificateChain failed: %08x\n", GetLastError());
+ if (ret)
+ {
+ todo_wine
+ ok(chain->TrustStatus.dwErrorStatus & CERT_TRUST_IS_NOT_VALID_FOR_USAGE,
+ "expected CERT_TRUST_IS_NOT_VALID_FOR_USAGE\n");
+ CertFreeCertificateChain(chain);
+ }
+ para.RequestedUsage.dwType = USAGE_MATCH_TYPE_OR;
+ ret = pCertGetCertificateChain(NULL, cert, &fileTime, store, ¶,
+ 0, NULL, &chain);
+ ok(ret, "CertGetCertificateChain failed: %08x\n", GetLastError());
+ if (ret)
+ {
+ ok(!(chain->TrustStatus.dwErrorStatus &
+ CERT_TRUST_IS_NOT_VALID_FOR_USAGE),
+ "didn't expect CERT_TRUST_IS_NOT_VALID_FOR_USAGE\n");
+ CertFreeCertificateChain(chain);
+ }
+ CertCloseStore(store, 0);
+ CertFreeCertificateContext(cert);
+
for (i = 0; i < sizeof(chainCheck) / sizeof(chainCheck[0]); i++)
{
chain = getChain(&chainCheck[i].certs, 0, TRUE, &oct2007,
More information about the wine-cvs
mailing list