crypt32(8/17): Separate allocating a simple chain and checking it from building it

Juan Lang juan.lang at gmail.com
Thu Sep 6 12:07:25 CDT 2007


--Juan
-------------- next part --------------
From cf08ca16d33e5f0081a25b5c73bafad386e46c48 Mon Sep 17 00:00:00 2001
From: Juan Lang <juan.lang at gmail.com>
Date: Thu, 6 Sep 2007 09:59:38 -0700
Subject: [PATCH] Separate allocating a simple chain and checking it from building it
---
 dlls/crypt32/chain.c |   58 +++++++++++++++++++++++++++++++-------------------
 1 files changed, 36 insertions(+), 22 deletions(-)

diff --git a/dlls/crypt32/chain.c b/dlls/crypt32/chain.c
index ffaef45..e9870f8 100644
--- a/dlls/crypt32/chain.c
+++ b/dlls/crypt32/chain.c
@@ -515,15 +515,43 @@ static BOOL CRYPT_CheckSimpleChain(PCert
     return ret;
 }
 
-static BOOL CRYPT_BuildSimpleChain(HCERTCHAINENGINE hChainEngine,
+/* Builds a simple chain by finding an issuer for the last cert in the chain,
+ * until reaching a self-signed cert, or until no issuer can be found.
+ */
+static BOOL CRYPT_BuildSimpleChain(PCertificateChainEngine engine,
+ HCERTSTORE world, PCERT_SIMPLE_CHAIN chain)
+{
+    BOOL ret = TRUE;
+    PCCERT_CONTEXT cert = chain->rgpElement[chain->cElement - 1]->pCertContext;
+
+    while (ret && !CRYPT_IsSimpleChainCyclic(chain) &&
+     !CRYPT_IsCertificateSelfSigned(cert))
+    {
+        DWORD flags;
+        PCCERT_CONTEXT issuer = CRYPT_GetIssuerFromStore(world, cert, &flags);
+
+        if (issuer)
+        {
+            ret = CRYPT_AddCertToSimpleChain(engine, chain, issuer, flags);
+            cert = issuer;
+        }
+        else
+        {
+            TRACE("Couldn't find issuer, halting chain creation\n");
+            break;
+        }
+    }
+    return ret;
+}
+
+static BOOL CRYPT_GetSimpleChainForCert(PCertificateChainEngine engine,
  HCERTSTORE world, PCCERT_CONTEXT cert, LPFILETIME pTime,
  PCERT_SIMPLE_CHAIN *ppChain)
 {
     BOOL ret = FALSE;
-    PCertificateChainEngine engine = (PCertificateChainEngine)hChainEngine;
     PCERT_SIMPLE_CHAIN chain;
 
-    TRACE("(%p, %p, %p, %p)\n", hChainEngine, world, cert, pTime);
+    TRACE("(%p, %p, %p, %p)\n", engine, world, cert, pTime);
 
     chain = CryptMemAlloc(sizeof(CERT_SIMPLE_CHAIN));
     if (chain)
@@ -531,26 +559,12 @@ static BOOL CRYPT_BuildSimpleChain(HCERT
         memset(chain, 0, sizeof(CERT_SIMPLE_CHAIN));
         chain->cbSize = sizeof(CERT_SIMPLE_CHAIN);
         ret = CRYPT_AddCertToSimpleChain(engine, chain, cert, 0);
-        while (ret && !CRYPT_IsSimpleChainCyclic(chain) &&
-         !CRYPT_IsCertificateSelfSigned(cert))
+        if (ret)
         {
-            DWORD flags;
-            PCCERT_CONTEXT issuer = CRYPT_GetIssuerFromStore(world, cert,
-             &flags);
-
-            if (issuer)
-            {
-                ret = CRYPT_AddCertToSimpleChain(engine, chain, issuer, flags);
-                cert = issuer;
-            }
-            else
-            {
-                TRACE("Couldn't find issuer, halting chain creation\n");
-                break;
-            }
+            ret = CRYPT_BuildSimpleChain(engine, world, chain);
+            if (ret)
+                ret = CRYPT_CheckSimpleChain(engine, chain, pTime);
         }
-        if (ret)
-            ret = CRYPT_CheckSimpleChain(engine, chain, pTime);
         if (!ret)
         {
             CRYPT_FreeSimpleChain(chain);
@@ -578,7 +592,7 @@ static BOOL CRYPT_BuildCandidateChainFro
     /* FIXME: only simple chains are supported for now, as CTLs aren't
      * supported yet.
      */
-    if ((ret = CRYPT_BuildSimpleChain(hChainEngine, world, cert, pTime,
+    if ((ret = CRYPT_GetSimpleChainForCert(engine, world, cert, pTime,
      &simpleChain)))
     {
         PCertificateChain chain = CryptMemAlloc(sizeof(CertificateChain));
-- 
1.4.1


More information about the wine-patches mailing list