Juan Lang : crypt32: Use a helper function to find an existing cert by hash .
Alexandre Julliard
julliard at winehq.org
Fri Oct 30 11:04:30 CDT 2009
Module: wine
Branch: master
Commit: 7b0297769d7c56398721a38da1225ee39169b05b
URL: http://source.winehq.org/git/wine.git/?a=commit;h=7b0297769d7c56398721a38da1225ee39169b05b
Author: Juan Lang <juan.lang at gmail.com>
Date: Wed Oct 28 17:30:50 2009 -0700
crypt32: Use a helper function to find an existing cert by hash.
---
dlls/crypt32/chain.c | 53 +++++++++++++++++++++++--------------------------
1 files changed, 25 insertions(+), 28 deletions(-)
diff --git a/dlls/crypt32/chain.c b/dlls/crypt32/chain.c
index 2c1d598..5802773 100644
--- a/dlls/crypt32/chain.c
+++ b/dlls/crypt32/chain.c
@@ -69,6 +69,24 @@ static inline void CRYPT_CloseStores(DWORD cStores, HCERTSTORE *stores)
static const WCHAR rootW[] = { 'R','o','o','t',0 };
+/* Finds cert in store by comparing the cert's hashes. */
+static PCCERT_CONTEXT CRYPT_FindCertInStore(HCERTSTORE store,
+ PCCERT_CONTEXT cert)
+{
+ PCCERT_CONTEXT matching = NULL;
+ BYTE hash[20];
+ DWORD size = sizeof(hash);
+
+ if (CertGetCertificateContextProperty(cert, CERT_HASH_PROP_ID, hash, &size))
+ {
+ CRYPT_HASH_BLOB blob = { sizeof(hash), hash };
+
+ matching = CertFindCertificateInStore(store, cert->dwCertEncodingType,
+ 0, CERT_FIND_SHA1_HASH, &blob, NULL);
+ }
+ return matching;
+}
+
static BOOL CRYPT_CheckRestrictedRoot(HCERTSTORE store)
{
BOOL ret = TRUE;
@@ -77,29 +95,15 @@ static BOOL CRYPT_CheckRestrictedRoot(HCERTSTORE store)
{
HCERTSTORE rootStore = CertOpenSystemStoreW(0, rootW);
PCCERT_CONTEXT cert = NULL, check;
- BYTE hash[20];
- DWORD size;
do {
cert = CertEnumCertificatesInStore(store, cert);
if (cert)
{
- size = sizeof(hash);
-
- ret = CertGetCertificateContextProperty(cert, CERT_HASH_PROP_ID,
- hash, &size);
- if (ret)
- {
- CRYPT_HASH_BLOB blob = { sizeof(hash), hash };
-
- check = CertFindCertificateInStore(rootStore,
- cert->dwCertEncodingType, 0, CERT_FIND_SHA1_HASH, &blob,
- NULL);
- if (!check)
- ret = FALSE;
- else
- CertFreeCertificateContext(check);
- }
+ if (!(check = CRYPT_FindCertInStore(rootStore, cert)))
+ ret = FALSE;
+ else
+ CertFreeCertificateContext(check);
}
} while (ret && cert);
if (cert)
@@ -336,16 +340,9 @@ static void CRYPT_FreeSimpleChain(PCERT_SIMPLE_CHAIN chain)
static void CRYPT_CheckTrustedStatus(HCERTSTORE hRoot,
PCERT_CHAIN_ELEMENT rootElement)
{
- BYTE hash[20];
- DWORD size = sizeof(hash);
- CRYPT_HASH_BLOB blob = { sizeof(hash), hash };
- PCCERT_CONTEXT trustedRoot;
-
- CertGetCertificateContextProperty(rootElement->pCertContext,
- CERT_HASH_PROP_ID, hash, &size);
- trustedRoot = CertFindCertificateInStore(hRoot,
- rootElement->pCertContext->dwCertEncodingType, 0, CERT_FIND_SHA1_HASH,
- &blob, NULL);
+ PCCERT_CONTEXT trustedRoot = CRYPT_FindCertInStore(hRoot,
+ rootElement->pCertContext);
+
if (!trustedRoot)
rootElement->TrustStatus.dwErrorStatus |=
CERT_TRUST_IS_UNTRUSTED_ROOT;
More information about the wine-cvs
mailing list