From: Dmitry Timoshkov <dmitry(a)baikal.ru> At least there are certificates with 2 and 4 bytes of key usage data. Signed-off-by: Dmitry Timoshkov <dmitry(a)baikal.ru> --- dlls/crypt32/chain.c | 7 ------- 1 file changed, 7 deletions(-) diff --git a/dlls/crypt32/chain.c b/dlls/crypt32/chain.c index f03bc6c1a7b..e7c7afe9147 100644 --- a/dlls/crypt32/chain.c +++ b/dlls/crypt32/chain.c @@ -1737,13 +1737,6 @@ static BOOL CRYPT_KeyUsageValid(CertificateChainEngine *engine, &usage, &size); if (!ret) return FALSE; - else if (usage.cbData > 2) - { - /* The key usage extension only defines 9 bits => no more than 2 - * bytes are needed to encode all known usages. - */ - return FALSE; - } else { /* The only bit relevant to chain validation is the keyCertSign -- GitLab https://gitlab.winehq.org/wine/wine/-/merge_requests/7215