Module: wine Branch: master Commit: eda48d8868065d2d7debafa79ba25fd8e1d8bc59 URL: http://source.winehq.org/git/wine.git/?a=commit;h=eda48d8868065d2d7debafa79b...
Author: Juan Lang juan.lang@gmail.com Date: Tue Aug 28 15:52:37 2007 -0700
crypt32: Set trust status on root element in chain.
---
dlls/crypt32/chain.c | 19 ++++++++++++++----- 1 files changed, 14 insertions(+), 5 deletions(-)
diff --git a/dlls/crypt32/chain.c b/dlls/crypt32/chain.c index 161ba29..2b00ff0 100644 --- a/dlls/crypt32/chain.c +++ b/dlls/crypt32/chain.c @@ -340,20 +340,25 @@ static BOOL CRYPT_BuildSimpleChain(HCERTCHAINENGINE hChainEngine, } if (ret) { - PCCERT_CONTEXT root = chain->rgpElement[chain->cElement - 1]-> - pCertContext; + PCERT_CHAIN_ELEMENT rootElement = + chain->rgpElement[chain->cElement - 1]; + PCCERT_CONTEXT root = rootElement->pCertContext;
if (!(ret = CRYPT_IsCertificateSelfSigned(root))) TRACE("Last certificate is not self-signed\n"); else { - chain->rgpElement[chain->cElement - 1]->TrustStatus.dwInfoStatus - |= CERT_TRUST_IS_SELF_SIGNED; + rootElement->TrustStatus.dwInfoStatus |= + CERT_TRUST_IS_SELF_SIGNED; if (!(ret = CryptVerifyCertificateSignatureEx(0, root->dwCertEncodingType, CRYPT_VERIFY_CERT_SIGN_SUBJECT_CERT, (void *)root, CRYPT_VERIFY_CERT_SIGN_ISSUER_CERT, (void *)root, 0, NULL))) + { TRACE("Last certificate's signature is invalid\n"); + rootElement->TrustStatus.dwErrorStatus |= + CERT_TRUST_IS_NOT_SIGNATURE_VALID; + } } if (ret) { @@ -367,11 +372,15 @@ static BOOL CRYPT_BuildSimpleChain(HCERTCHAINENGINE hChainEngine, trustedRoot = CertFindCertificateInStore(engine->hRoot, root->dwCertEncodingType, 0, CERT_FIND_SHA1_HASH, &blob, NULL); if (!trustedRoot) - chain->TrustStatus.dwErrorStatus |= + rootElement->TrustStatus.dwErrorStatus |= CERT_TRUST_IS_UNTRUSTED_ROOT; else CertFreeCertificateContext(trustedRoot); } + chain->TrustStatus.dwErrorStatus |= + rootElement->TrustStatus.dwErrorStatus; + chain->TrustStatus.dwInfoStatus |= + rootElement->TrustStatus.dwInfoStatus & ~CERT_TRUST_IS_SELF_SIGNED; } if (!ret) {