Juan Lang : crypt32/tests: Add more tests of the authenticode policy.
Alexandre Julliard
julliard at winehq.org
Tue Oct 19 13:03:45 CDT 2010
Module: wine
Branch: master
Commit: c4ae9e9c5a4942f53ed8eff6fca688d24a12dd2a
URL: http://source.winehq.org/git/wine.git/?a=commit;h=c4ae9e9c5a4942f53ed8eff6fca688d24a12dd2a
Author: Juan Lang <juan.lang at gmail.com>
Date: Thu Oct 7 09:08:11 2010 -0700
crypt32/tests: Add more tests of the authenticode policy.
---
dlls/crypt32/tests/chain.c | 29 +++++++++++++++++++++++------
1 files changed, 23 insertions(+), 6 deletions(-)
diff --git a/dlls/crypt32/tests/chain.c b/dlls/crypt32/tests/chain.c
index 2e453e1..c172fe5 100644
--- a/dlls/crypt32/tests/chain.c
+++ b/dlls/crypt32/tests/chain.c
@@ -4278,6 +4278,28 @@ static void check_base_policy(void)
invalidExtensionPolicyCheck, &oct2007, &policyPara);
}
+static void check_authenticode_policy(void)
+{
+ CERT_CHAIN_POLICY_PARA policyPara = { 0 };
+ SYSTEMTIME epochStart = { 0 };
+
+ /* The authenticode policy doesn't seem to check anything beyond the base
+ * policy. It might check for chains signed by the MS test cert, but none
+ * of these chains is.
+ */
+ CHECK_CHAIN_POLICY_STATUS_ARRAY(CERT_CHAIN_POLICY_AUTHENTICODE, NULL,
+ authenticodePolicyCheck, &oct2007, NULL);
+ policyPara.cbSize = sizeof(policyPara);
+ policyPara.dwFlags = CERT_CHAIN_POLICY_ALLOW_UNKNOWN_CA_FLAG;
+ CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_AUTHENTICODE, NULL,
+ ignoredUnknownCAPolicyCheck, &oct2007, &policyPara);
+ CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_AUTHENTICODE, NULL,
+ ignoredUnknownCAPolicyCheck, &epochStart, &policyPara);
+ policyPara.dwFlags = CERT_CHAIN_POLICY_IGNORE_NOT_TIME_VALID_FLAG;
+ CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_AUTHENTICODE, NULL,
+ ignoredInvalidDateBasePolicyCheck, &oct2007, &policyPara);
+}
+
static void check_ssl_policy(void)
{
CERT_CHAIN_POLICY_PARA policyPara = { 0 };
@@ -4516,12 +4538,7 @@ static void testVerifyCertChainPolicy(void)
check_base_policy();
check_ssl_policy();
- /* The authenticode policy doesn't seem to check anything beyond the base
- * policy. It might check for chains signed by the MS test cert, but none
- * of these chains is.
- */
- CHECK_CHAIN_POLICY_STATUS_ARRAY(CERT_CHAIN_POLICY_AUTHENTICODE, NULL,
- authenticodePolicyCheck, &oct2007, NULL);
+ check_authenticode_policy();
CHECK_CHAIN_POLICY_STATUS_ARRAY(CERT_CHAIN_POLICY_BASIC_CONSTRAINTS, NULL,
basicConstraintsPolicyCheck, &oct2007, NULL);
}
More information about the wine-cvs
mailing list