Juan Lang : crypt32/tests: Add more tests of the authenticode policy.

Module: wine Branch: master Commit: c4ae9e9c5a4942f53ed8eff6fca688d24a12dd2a URL: http://source.winehq.org/git/wine.git/?a=commit;h=c4ae9e9c5a4942f53ed8eff6fc...

Author: Juan Lang juan.lang@gmail.com Date: Thu Oct 7 09:08:11 2010 -0700

crypt32/tests: Add more tests of the authenticode policy.

---

dlls/crypt32/tests/chain.c | 29 +++++++++++++++++++++++------ 1 files changed, 23 insertions(+), 6 deletions(-)

diff --git a/dlls/crypt32/tests/chain.c b/dlls/crypt32/tests/chain.c index 2e453e1..c172fe5 100644 --- a/dlls/crypt32/tests/chain.c +++ b/dlls/crypt32/tests/chain.c @@ -4278,6 +4278,28 @@ static void check_base_policy(void) invalidExtensionPolicyCheck, &oct2007, &policyPara); }

+static void check_authenticode_policy(void) +{ + CERT_CHAIN_POLICY_PARA policyPara = { 0 }; + SYSTEMTIME epochStart = { 0 }; + + /* The authenticode policy doesn't seem to check anything beyond the base + * policy. It might check for chains signed by the MS test cert, but none + * of these chains is. + */ + CHECK_CHAIN_POLICY_STATUS_ARRAY(CERT_CHAIN_POLICY_AUTHENTICODE, NULL, + authenticodePolicyCheck, &oct2007, NULL); + policyPara.cbSize = sizeof(policyPara); + policyPara.dwFlags = CERT_CHAIN_POLICY_ALLOW_UNKNOWN_CA_FLAG; + CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_AUTHENTICODE, NULL, + ignoredUnknownCAPolicyCheck, &oct2007, &policyPara); + CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_AUTHENTICODE, NULL, + ignoredUnknownCAPolicyCheck, &epochStart, &policyPara); + policyPara.dwFlags = CERT_CHAIN_POLICY_IGNORE_NOT_TIME_VALID_FLAG; + CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_AUTHENTICODE, NULL, + ignoredInvalidDateBasePolicyCheck, &oct2007, &policyPara); +} + static void check_ssl_policy(void) { CERT_CHAIN_POLICY_PARA policyPara = { 0 }; @@ -4516,12 +4538,7 @@ static void testVerifyCertChainPolicy(void)

check_base_policy(); check_ssl_policy(); - /* The authenticode policy doesn't seem to check anything beyond the base - * policy. It might check for chains signed by the MS test cert, but none - * of these chains is. - */ - CHECK_CHAIN_POLICY_STATUS_ARRAY(CERT_CHAIN_POLICY_AUTHENTICODE, NULL, - authenticodePolicyCheck, &oct2007, NULL); + check_authenticode_policy(); CHECK_CHAIN_POLICY_STATUS_ARRAY(CERT_CHAIN_POLICY_BASIC_CONSTRAINTS, NULL, basicConstraintsPolicyCheck, &oct2007, NULL); }