Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-04-20 20:36:35 +00:00
Code Issues Projects Releases Packages Wiki Activity

sync crypt32_winetest with wine 1.1.34

Browse source 
svn path=/trunk/; revision=44432
This commit is contained in:
Christoph von Wittich 2009-12-06 09:36:50 +00:00
parent 79690d04fa
commit 87465c2280
5 changed files with 949 additions and 123 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

369
rostests/winetests/crypt32/cert.c
View file

@ -2541,6 +2541,29 @@ static void testGetValidUsages(void)
CertFreeCertificateContext(contexts[2]);
}
static BYTE cn[] = {
0x30,0x14,0x31,0x12,0x30,0x10,0x06,0x03,0x55,0x04,0x03,0x13,0x09,0x4a,0x75,
0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67 };
static BYTE cnWithLeadingSpace[] = {
0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x20,0x4a,
0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67 };
static BYTE cnWithTrailingSpace[] = {
0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,
0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x20 };
static BYTE cnWithIntermediateSpace[] = {
0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,
0x61,0x6e,0x20,0x20,0x4c,0x61,0x6e,0x67 };
static BYTE cnThenO[] = {
0x30,0x2d,0x31,0x2b,0x30,0x10,0x06,0x03,0x55,0x04,0x03,0x13,0x09,0x4a,0x75,
0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x30,0x17,0x06,0x03,0x55,0x04,0x0a,0x13,
0x10,0x54,0x68,0x65,0x20,0x57,0x69,0x6e,0x65,0x20,0x50,0x72,0x6f,0x6a,0x65,
0x63,0x74 };
static BYTE oThenCN[] = {
0x30,0x2d,0x31,0x2b,0x30,0x10,0x06,0x03,0x55,0x04,0x0a,0x13,0x09,0x4a,0x75,
0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x30,0x17,0x06,0x03,0x55,0x04,0x03,0x13,
0x10,0x54,0x68,0x65,0x20,0x57,0x69,0x6e,0x65,0x20,0x50,0x72,0x6f,0x6a,0x65,
0x63,0x74 };
static void testCompareCertName(void)
{
static BYTE bogus[] = { 1, 2, 3, 4 };
@ -2572,6 +2595,167 @@ static void testCompareCertName(void)
blob2.cbData = sizeof(emptyPrime);
ret = CertCompareCertificateName(0, &blob1, &blob2);
ok(!ret, "Expected failure\n");
/* Tests to show that CertCompareCertificateName doesn't decode the name
* to remove spaces, or to do an order-independent comparison.
*/
/* Compare CN="Juan Lang" with CN=" Juan Lang" */
blob1.pbData = cn;
blob1.cbData = sizeof(cn);
blob2.pbData = cnWithLeadingSpace;
blob2.cbData = sizeof(cnWithLeadingSpace);
ret = CertCompareCertificateName(0, &blob1, &blob2);
ok(!ret, "Expected failure\n");
ret = CertCompareCertificateName(X509_ASN_ENCODING, &blob1, &blob2);
ok(!ret, "Expected failure\n");
/* Compare CN="Juan Lang" with CN="Juan Lang " */
blob2.pbData = cnWithTrailingSpace;
blob2.cbData = sizeof(cnWithTrailingSpace);
ret = CertCompareCertificateName(0, &blob1, &blob2);
ok(!ret, "Expected failure\n");
ret = CertCompareCertificateName(X509_ASN_ENCODING, &blob1, &blob2);
ok(!ret, "Expected failure\n");
/* Compare CN="Juan Lang" with CN="Juan Lang" */
blob2.pbData = cnWithIntermediateSpace;
blob2.cbData = sizeof(cnWithIntermediateSpace);
ret = CertCompareCertificateName(0, &blob1, &blob2);
ok(!ret, "Expected failure\n");
ret = CertCompareCertificateName(X509_ASN_ENCODING, &blob1, &blob2);
ok(!ret, "Expected failure\n");
/* Compare 'CN="Juan Lang", O="The Wine Project"' with
* 'O="The Wine Project", CN="Juan Lang"'
*/
blob1.pbData = cnThenO;
blob1.cbData = sizeof(cnThenO);
blob2.pbData = oThenCN;
blob2.cbData = sizeof(oThenCN);
ret = CertCompareCertificateName(0, &blob1, &blob2);
ok(!ret, "Expected failure\n");
ret = CertCompareCertificateName(X509_ASN_ENCODING, &blob1, &blob2);
ok(!ret, "Expected failure\n");
}
static void testIsRDNAttrsInCertificateName(void)
{
static char oid_1_2_3[] = "1.2.3";
static char oid_common_name[] = szOID_COMMON_NAME;
static char oid_organization[] = szOID_ORGANIZATION_NAME;
static char juan[] = "Juan Lang";
static char juan_with_leading_space[] = " Juan Lang";
static char juan_with_intermediate_space[] = "Juan Lang";
static char juan_with_trailing_space[] = "Juan Lang ";
static char juan_lower_case[] = "juan lang";
static WCHAR juanW[] = { 'J','u','a','n',' ','L','a','n','g',0 };
static char the_wine_project[] = "The Wine Project";
BOOL ret;
CERT_NAME_BLOB name;
CERT_RDN_ATTR attr[2];
CERT_RDN rdn = { 0, NULL };
name.cbData = sizeof(cn);
name.pbData = cn;
if (0)
{
/* Crash */
ret = CertIsRDNAttrsInCertificateName(0, 0, NULL, NULL);
ret = CertIsRDNAttrsInCertificateName(X509_ASN_ENCODING, 0, &name,
NULL);
}
SetLastError(0xdeadbeef);
ret = CertIsRDNAttrsInCertificateName(0, 0, &name, NULL);
ok(!ret && GetLastError() == ERROR_FILE_NOT_FOUND,
"expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError());
ret = CertIsRDNAttrsInCertificateName(X509_ASN_ENCODING, 0, &name, &rdn);
ok(ret, "CertIsRDNAttrsInCertificateName failed: %08x\n", GetLastError());
attr[0].pszObjId = oid_1_2_3;
rdn.rgRDNAttr = attr;
rdn.cRDNAttr = 1;
SetLastError(0xdeadbeef);
ret = CertIsRDNAttrsInCertificateName(X509_ASN_ENCODING, 0, &name, &rdn);
ok(!ret && GetLastError() == CRYPT_E_NO_MATCH,
"expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
attr[0].pszObjId = oid_common_name;
attr[0].dwValueType = CERT_RDN_PRINTABLE_STRING;
attr[0].Value.cbData = strlen(juan);
attr[0].Value.pbData = (BYTE *)juan;
ret = CertIsRDNAttrsInCertificateName(X509_ASN_ENCODING, 0, &name, &rdn);
ok(ret, "CertIsRDNAttrsInCertificateName failed: %08x\n", GetLastError());
/* Again, spaces are not removed for name comparison. */
attr[0].Value.cbData = strlen(juan_with_leading_space);
attr[0].Value.pbData = (BYTE *)juan_with_leading_space;
SetLastError(0xdeadbeef);
ret = CertIsRDNAttrsInCertificateName(X509_ASN_ENCODING, 0, &name, &rdn);
ok(!ret && GetLastError() == CRYPT_E_NO_MATCH,
"expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
attr[0].Value.cbData = strlen(juan_with_intermediate_space);
attr[0].Value.pbData = (BYTE *)juan_with_intermediate_space;
SetLastError(0xdeadbeef);
ret = CertIsRDNAttrsInCertificateName(X509_ASN_ENCODING, 0, &name, &rdn);
ok(!ret && GetLastError() == CRYPT_E_NO_MATCH,
"expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
attr[0].Value.cbData = strlen(juan_with_trailing_space);
attr[0].Value.pbData = (BYTE *)juan_with_trailing_space;
SetLastError(0xdeadbeef);
ret = CertIsRDNAttrsInCertificateName(X509_ASN_ENCODING, 0, &name, &rdn);
ok(!ret && GetLastError() == CRYPT_E_NO_MATCH,
"expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
/* The lower case name isn't matched unless a case insensitive match is
* specified.
*/
attr[0].Value.cbData = strlen(juan_lower_case);
attr[0].Value.pbData = (BYTE *)juan_lower_case;
SetLastError(0xdeadbeef);
ret = CertIsRDNAttrsInCertificateName(X509_ASN_ENCODING, 0, &name, &rdn);
ok(!ret && GetLastError() == CRYPT_E_NO_MATCH,
"expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
ret = CertIsRDNAttrsInCertificateName(X509_ASN_ENCODING,
CERT_CASE_INSENSITIVE_IS_RDN_ATTRS_FLAG, &name, &rdn);
ok(ret ||
broken(!ret && GetLastError() == CRYPT_E_NO_MATCH), /* Older crypt32 */
"CertIsRDNAttrsInCertificateName failed: %08x\n", GetLastError());
/* The values don't match unless they have the same RDN type */
attr[0].dwValueType = CERT_RDN_UNICODE_STRING;
attr[0].Value.cbData = lstrlenW(juanW) * sizeof(WCHAR);
attr[0].Value.pbData = (BYTE *)juanW;
SetLastError(0xdeadbeef);
ret = CertIsRDNAttrsInCertificateName(X509_ASN_ENCODING, 0, &name, &rdn);
ok(!ret && GetLastError() == CRYPT_E_NO_MATCH,
"expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
SetLastError(0xdeadbeef);
ret = CertIsRDNAttrsInCertificateName(X509_ASN_ENCODING,
CERT_UNICODE_IS_RDN_ATTRS_FLAG, &name, &rdn);
ok(!ret && GetLastError() == CRYPT_E_NO_MATCH,
"expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
attr[0].dwValueType = CERT_RDN_IA5_STRING;
attr[0].Value.cbData = strlen(juan);
attr[0].Value.pbData = (BYTE *)juan;
SetLastError(0xdeadbeef);
ret = CertIsRDNAttrsInCertificateName(X509_ASN_ENCODING, 0, &name, &rdn);
ok(!ret && GetLastError() == CRYPT_E_NO_MATCH,
"expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
/* All attributes must be present */
attr[0].dwValueType = CERT_RDN_PRINTABLE_STRING;
attr[0].Value.cbData = strlen(juan);
attr[0].Value.pbData = (BYTE *)juan;
attr[1].pszObjId = oid_organization;
attr[1].dwValueType = CERT_RDN_PRINTABLE_STRING;
attr[1].Value.cbData = strlen(the_wine_project);
attr[1].Value.pbData = (BYTE *)the_wine_project;
rdn.cRDNAttr = 2;
SetLastError(0xdeadbeef);
ret = CertIsRDNAttrsInCertificateName(X509_ASN_ENCODING, 0, &name, &rdn);
ok(!ret && GetLastError() == CRYPT_E_NO_MATCH,
"expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
/* Order also matters */
name.pbData = cnThenO;
name.cbData = sizeof(cnThenO);
ret = CertIsRDNAttrsInCertificateName(X509_ASN_ENCODING, 0, &name, &rdn);
ok(ret, "CertIsRDNAttrsInCertificateName failed: %08x\n", GetLastError());
name.pbData = oThenCN;
name.cbData = sizeof(oThenCN);
SetLastError(0xdeadbeef);
ret = CertIsRDNAttrsInCertificateName(X509_ASN_ENCODING, 0, &name, &rdn);
ok(!ret && GetLastError() == CRYPT_E_NO_MATCH,
"expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
}
static BYTE int1[] = { 0x88, 0xff, 0xff, 0xff };
@ -2880,12 +3064,99 @@ static void testVerifySubjectCert(void)
CertFreeCertificateContext(context1);
}
static const BYTE rootWithKeySignAndCRLSign[] = {
0x30,0x82,0x01,0xdf,0x30,0x82,0x01,0x4c,0xa0,0x03,0x02,0x01,0x02,0x02,0x10,
0x5b,0xc7,0x0b,0x27,0x99,0xbb,0x2e,0x99,0x47,0x9d,0x45,0x4e,0x7c,0x1a,0xca,
0xe8,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31,
0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31,
0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,
0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35,
0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,
0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,
0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89,
0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82,
0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34,
0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7,
0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91,
0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5,
0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd,
0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c,
0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35,
0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01,
0x00,0x01,0xa3,0x42,0x30,0x40,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01,
0xff,0x04,0x04,0x03,0x02,0x00,0x06,0x30,0x0f,0x06,0x03,0x55,0x1d,0x13,0x01,
0x01,0xff,0x04,0x05,0x30,0x03,0x01,0x01,0xff,0x30,0x1d,0x06,0x03,0x55,0x1d,
0x0e,0x04,0x16,0x04,0x14,0x14,0x8c,0x16,0xbb,0xbe,0x70,0xa2,0x28,0x89,0xa0,
0x58,0xff,0x98,0xbd,0xa8,0x24,0x2b,0x8a,0xe9,0x9a,0x30,0x09,0x06,0x05,0x2b,
0x0e,0x03,0x02,0x1d,0x05,0x00,0x03,0x81,0x81,0x00,0x74,0xcb,0x21,0xfd,0x2d,
0x25,0xdc,0xa5,0xaa,0xa1,0x26,0xdc,0x8b,0x40,0x11,0x64,0xae,0x5c,0x71,0x3c,
0x28,0xbc,0xf9,0xb3,0xcb,0xa5,0x94,0xb2,0x8d,0x4c,0x23,0x2b,0x9b,0xde,0x2c,
0x4c,0x30,0x04,0xc6,0x88,0x10,0x2f,0x53,0xfd,0x6c,0x82,0xf1,0x13,0xfb,0xda,
0x27,0x75,0x25,0x48,0xe4,0x72,0x09,0x2a,0xee,0xb4,0x1e,0xc9,0x55,0xf5,0xf7,
0x82,0x91,0xd8,0x4b,0xe4,0x3a,0xfe,0x97,0x87,0xdf,0xfb,0x15,0x5a,0x12,0x3e,
0x12,0xe6,0xad,0x40,0x0b,0xcf,0xee,0x1a,0x44,0xe0,0x83,0xb2,0x67,0x94,0xd4,
0x2e,0x7c,0xf2,0x06,0x9d,0xb3,0x3b,0x7e,0x2f,0xda,0x25,0x66,0x7e,0xa7,0x1f,
0x45,0xd4,0xf5,0xe3,0xdf,0x2a,0xf1,0x18,0x28,0x20,0xb5,0xf8,0xf5,0x8d,0x7a,
0x2e,0x84,0xee };
static const BYTE eeCert[] = {
0x30,0x82,0x01,0xb9,0x30,0x82,0x01,0x22,0xa0,0x03,0x02,0x01,0x02,0x02,0x01,
0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,
0x00,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,
0x65,0x72,0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x35,0x30,0x31,0x30,
0x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x30,0x30,0x31,0x30,
0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,
0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9f,0x30,0x0d,0x06,
0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,
0x00,0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5,
0x33,0x0e,0x67,0x5f,0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6,
0xdc,0xb6,0x17,0x8e,0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7,
0x48,0x9f,0x6e,0xfe,0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b,
0x47,0xd1,0x57,0x71,0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b,
0x05,0x72,0xa7,0x87,0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc,
0x6a,0x80,0x83,0x68,0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85,
0x85,0xb5,0x46,0x36,0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2,
0xd3,0x51,0x9a,0x22,0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72,
0xa3,0x02,0x03,0x01,0x00,0x01,0xa3,0x23,0x30,0x21,0x30,0x1f,0x06,0x03,0x55,
0x1d,0x23,0x04,0x18,0x30,0x18,0x80,0x14,0x14,0x8c,0x16,0xbb,0xbe,0x70,0xa2,
0x28,0x89,0xa0,0x58,0xff,0x98,0xbd,0xa8,0x24,0x2b,0x8a,0xe9,0x9a,0x30,0x0d,
0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x81,
0x81,0x00,0x8a,0x49,0xa9,0x86,0x5e,0xc9,0x33,0x7e,0xfd,0xab,0x64,0x1f,0x6d,
0x00,0xd7,0x9b,0xec,0xd1,0x5b,0x38,0xcc,0xd6,0xf3,0xf2,0xb4,0x75,0x70,0x00,
0x82,0x9d,0x37,0x58,0xe1,0xcd,0x2c,0x61,0xb3,0x28,0xe7,0x8a,0x00,0xbe,0x6e,
0xca,0xe8,0x55,0xd5,0xad,0x3a,0xea,0xaf,0x13,0x20,0x1c,0x44,0xfc,0xb4,0xf9,
0x29,0x2b,0xdc,0x8a,0x2d,0x1b,0x27,0x9e,0xb9,0x3b,0x4a,0x71,0x9d,0x47,0x7d,
0xf7,0x92,0x6b,0x21,0x7f,0xfa,0x88,0x79,0x94,0x33,0xf6,0xdd,0x92,0x04,0x92,
0xd6,0x5e,0x0a,0x74,0xf2,0x85,0xa6,0xd5,0x3c,0x28,0xc0,0x89,0x5d,0xda,0xf3,
0xa6,0x01,0xc2,0xe9,0xa3,0xc1,0xb7,0x21,0x08,0xba,0x18,0x07,0x45,0xeb,0x77,
0x7d,0xcd,0xc6,0xe7,0x2a,0x7b,0x46,0xd2,0x3d,0xb5 };
static const BYTE rootSignedCRL[] = {
0x30,0x82,0x01,0x1f,0x30,0x81,0x89,0x02,0x01,0x01,0x30,0x0d,0x06,0x09,0x2a,
0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x30,0x10,0x31,0x0e,0x30,
0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31,0x17,0x0d,
0x30,0x37,0x30,0x39,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,
0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35,0x39,0x5a,0x30,0x14,
0x30,0x12,0x02,0x01,0x01,0x17,0x0d,0x30,0x37,0x30,0x39,0x30,0x31,0x30,0x30,
0x30,0x30,0x30,0x30,0x5a,0xa0,0x2f,0x30,0x2d,0x30,0x0a,0x06,0x03,0x55,0x1d,
0x14,0x04,0x03,0x02,0x01,0x01,0x30,0x1f,0x06,0x03,0x55,0x1d,0x23,0x04,0x18,
0x30,0x18,0x80,0x14,0x14,0x8c,0x16,0xbb,0xbe,0x70,0xa2,0x28,0x89,0xa0,0x58,
0xff,0x98,0xbd,0xa8,0x24,0x2b,0x8a,0xe9,0x9a,0x30,0x0d,0x06,0x09,0x2a,0x86,
0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x81,0x81,0x00,0xa3,0xcf,
0x17,0x5d,0x7a,0x08,0xab,0x11,0x1a,0xbd,0x5c,0xde,0x9a,0x22,0x92,0x38,0xe6,
0x96,0xcc,0xb1,0xc5,0x42,0x86,0xa6,0xae,0xad,0xa3,0x1a,0x2b,0xa0,0xb0,0x65,
0xaa,0x9c,0xd7,0x2d,0x44,0x8c,0xae,0x61,0xc7,0x30,0x17,0x89,0x84,0x3b,0x4a,
0x8f,0x17,0x08,0x06,0x37,0x1c,0xf7,0x2d,0x4e,0x47,0x07,0x61,0x50,0xd9,0x06,
0xd1,0x46,0xed,0x0a,0xbb,0xc3,0x9b,0x36,0x0b,0xa7,0x27,0x2f,0x2b,0x55,0xce,
0x2a,0xa5,0x60,0xc6,0x53,0x28,0xe8,0xee,0xad,0x0e,0x2b,0xe8,0xd7,0x5f,0xc9,
0xa5,0xed,0xf9,0x77,0xb0,0x3c,0x81,0xcf,0xcc,0x49,0xb2,0x1a,0xc3,0xfd,0x34,
0xd5,0xbc,0xb0,0xd5,0xa5,0x9c,0x1b,0x72,0xc3,0x0f,0xa3,0xe3,0x3c,0xf0,0xc3,
0x91,0xe8,0x93,0x4f,0xd4,0x2f };
static void testVerifyRevocation(void)
{
BOOL ret;
CERT_REVOCATION_STATUS status = { 0 };
PCCERT_CONTEXT cert = CertCreateCertificateContext(X509_ASN_ENCODING,
bigCert, sizeof(bigCert));
PCCERT_CONTEXT certs[2];
CERT_REVOCATION_PARA revPara = { sizeof(revPara), 0 };
/* Crash
ret = CertVerifyRevocation(0, 0, 0, NULL, 0, NULL, NULL);
@ -2901,16 +3172,103 @@ static void testVerifyRevocation(void)
ok(ret, "CertVerifyRevocation failed: %08x\n", GetLastError());
ret = CertVerifyRevocation(2, 0, 0, NULL, 0, NULL, &status);
ok(ret, "CertVerifyRevocation failed: %08x\n", GetLastError());
certs[0] = CertCreateCertificateContext(X509_ASN_ENCODING, bigCert,
sizeof(bigCert));
SetLastError(0xdeadbeef);
ret = CertVerifyRevocation(0, 0, 1, (void **)&cert, 0, NULL, &status);
ret = CertVerifyRevocation(0, 0, 1, (void **)certs, 0, NULL, &status);
ok(!ret && GetLastError() == CRYPT_E_NO_REVOCATION_DLL,
"Expected CRYPT_E_NO_REVOCATION_DLL, got %08x\n", GetLastError());
SetLastError(0xdeadbeef);
ret = CertVerifyRevocation(0, 2, 1, (void **)&cert, 0, NULL, &status);
ret = CertVerifyRevocation(0, 2, 1, (void **)certs, 0, NULL, &status);
ok(!ret && GetLastError() == CRYPT_E_NO_REVOCATION_DLL,
"Expected CRYPT_E_NO_REVOCATION_DLL, got %08x\n", GetLastError());
CertFreeCertificateContext(cert);
CertFreeCertificateContext(certs[0]);
certs[0] = CertCreateCertificateContext(X509_ASN_ENCODING,
rootWithKeySignAndCRLSign, sizeof(rootWithKeySignAndCRLSign));
certs[1] = CertCreateCertificateContext(X509_ASN_ENCODING,
eeCert, sizeof(eeCert));
/* The root cert itself can't be checked for revocation */
SetLastError(0xdeadbeef);
ret = CertVerifyRevocation(X509_ASN_ENCODING, CERT_CONTEXT_REVOCATION_TYPE,
1, (void **)certs, 0, NULL, &status);
ok(!ret && GetLastError() == CRYPT_E_NO_REVOCATION_CHECK,
"expected CRYPT_E_NO_REVOCATION_CHECK, got %08x\n", GetLastError());
ok(status.dwError == CRYPT_E_NO_REVOCATION_CHECK,
"expected CRYPT_E_NO_REVOCATION_CHECK, got %08x\n", status.dwError);
ok(status.dwIndex == 0, "expected index 0, got %d\n", status.dwIndex);
/* Neither can the end cert */
SetLastError(0xdeadbeef);
ret = CertVerifyRevocation(X509_ASN_ENCODING, CERT_CONTEXT_REVOCATION_TYPE,
1, (void **)&certs[1], 0, NULL, &status);
ok(!ret && (GetLastError() == CRYPT_E_NO_REVOCATION_CHECK /* Win9x */ ||
GetLastError() == CRYPT_E_REVOCATION_OFFLINE),
"expected CRYPT_E_NO_REVOCATION_CHECK or CRYPT_E_REVOCATION_OFFLINE, got %08x\n",
GetLastError());
ok(status.dwError == CRYPT_E_NO_REVOCATION_CHECK /* Win9x */ ||
status.dwError == CRYPT_E_REVOCATION_OFFLINE,
"expected CRYPT_E_NO_REVOCATION_CHECK or CRYPT_E_REVOCATION_OFFLINE, got %08x\n",
status.dwError);
ok(status.dwIndex == 0, "expected index 0, got %d\n", status.dwIndex);
/* Both certs together can't, either (they're not CRLs) */
SetLastError(0xdeadbeef);
ret = CertVerifyRevocation(X509_ASN_ENCODING, CERT_CONTEXT_REVOCATION_TYPE,
2, (void **)certs, 0, NULL, &status);
ok(!ret && (GetLastError() == CRYPT_E_NO_REVOCATION_CHECK ||
GetLastError() == CRYPT_E_REVOCATION_OFFLINE /* WinME */),
"expected CRYPT_E_NO_REVOCATION_CHECK or CRYPT_E_REVOCATION_OFFLINE, got %08x\n",
GetLastError());
ok(status.dwError == CRYPT_E_NO_REVOCATION_CHECK ||
status.dwError == CRYPT_E_REVOCATION_OFFLINE /* WinME */,
"expected CRYPT_E_NO_REVOCATION_CHECK or CRYPT_E_REVOCATION_OFFLINE, got %08x\n",
status.dwError);
ok(status.dwIndex == 0, "expected index 0, got %d\n", status.dwIndex);
ok(status.dwIndex == 0, "expected index 0, got %d\n", status.dwIndex);
/* Now add a CRL to the hCrlStore */
revPara.hCrlStore = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
CERT_STORE_CREATE_NEW_FLAG, NULL);
CertAddEncodedCRLToStore(revPara.hCrlStore, X509_ASN_ENCODING,
rootSignedCRL, sizeof(rootSignedCRL), CERT_STORE_ADD_ALWAYS, NULL);
SetLastError(0xdeadbeef);
ret = CertVerifyRevocation(X509_ASN_ENCODING, CERT_CONTEXT_REVOCATION_TYPE,
2, (void **)certs, 0, &revPara, &status);
ok(!ret && (GetLastError() == CRYPT_E_NO_REVOCATION_CHECK ||
GetLastError() == CRYPT_E_REVOCATION_OFFLINE /* WinME */),
"expected CRYPT_E_NO_REVOCATION_CHECK or CRYPT_E_REVOCATION_OFFLINE, got %08x\n",
GetLastError());
ok(status.dwError == CRYPT_E_NO_REVOCATION_CHECK ||
status.dwError == CRYPT_E_REVOCATION_OFFLINE /* WinME */,
"expected CRYPT_E_NO_REVOCATION_CHECK or CRYPT_E_REVOCATION_OFFLINE, got %08x\n",
status.dwError);
ok(status.dwIndex == 0, "expected index 0, got %d\n", status.dwIndex);
/* Specifying CERT_VERIFY_REV_CHAIN_FLAG doesn't change things either */
SetLastError(0xdeadbeef);
ret = CertVerifyRevocation(X509_ASN_ENCODING, CERT_CONTEXT_REVOCATION_TYPE,
2, (void **)certs, CERT_VERIFY_REV_CHAIN_FLAG, &revPara, &status);
ok(!ret && GetLastError() == CRYPT_E_NO_REVOCATION_CHECK,
"expected CRYPT_E_NO_REVOCATION_CHECK, got %08x\n", GetLastError());
ok(status.dwError == CRYPT_E_NO_REVOCATION_CHECK,
"expected CRYPT_E_NO_REVOCATION_CHECK, got %08x\n", status.dwError);
ok(status.dwIndex == 0, "expected index 0, got %d\n", status.dwIndex);
/* Again, specifying the issuer cert: no change */
revPara.pIssuerCert = certs[0];
SetLastError(0xdeadbeef);
ret = CertVerifyRevocation(X509_ASN_ENCODING, CERT_CONTEXT_REVOCATION_TYPE,
1, (void **)&certs[1], 0, &revPara, &status);
/* Win2k thinks the cert is revoked, and it is, except the CRL is out of
* date, hence the revocation status should be unknown.
*/
ok(!ret && (GetLastError() == CRYPT_E_NO_REVOCATION_CHECK ||
broken(GetLastError() == CRYPT_E_REVOKED /* Win2k */)),
"expected CRYPT_E_NO_REVOCATION_CHECK, got %08x\n", GetLastError());
ok(status.dwError == CRYPT_E_NO_REVOCATION_CHECK ||
broken(status.dwError == CRYPT_E_REVOKED /* Win2k */),
"expected CRYPT_E_NO_REVOCATION_CHECK, got %08x\n", status.dwError);
ok(status.dwIndex == 0, "expected index 0, got %d\n", status.dwIndex);
CertCloseStore(revPara.hCrlStore, 0);
CertFreeCertificateContext(certs[1]);
CertFreeCertificateContext(certs[0]);
}
static BYTE privKey[] = {
@ -3283,4 +3641,5 @@ START_TEST(cert)
testVerifyRevocation();
testAcquireCertPrivateKey();
testGetPublicKeyLength();
testIsRDNAttrsInCertificateName();
}

88
rostests/winetests/crypt32/chain.c
View file

@ -2927,7 +2927,8 @@ static CONST_DATA_BLOB chain19[] = {
static const CERT_TRUST_STATUS elementStatus19[] = {
{ CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER },
{ CERT_TRUST_IS_UNTRUSTED_ROOT,
CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER },
CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER |
CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS },
};
static const SimpleChainStatusCheck simpleStatus19[] = {
{ sizeof(elementStatus19) / sizeof(elementStatus19[0]), elementStatus19 },
@ -2951,7 +2952,8 @@ static CONST_DATA_BLOB chain21[] = {
static const CERT_TRUST_STATUS elementStatus21[] = {
{ CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER },
{ CERT_TRUST_IS_UNTRUSTED_ROOT,
CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER },
CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER |
CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS },
};
static const SimpleChainStatusCheck simpleStatus21[] = {
{ sizeof(elementStatus21) / sizeof(elementStatus21[0]), elementStatus21 },
@ -3257,7 +3259,7 @@ static ChainCheck chainCheck[] = {
CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT,
CERT_TRUST_HAS_PREFERRED_ISSUER | CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS
},
{ CERT_TRUST_IS_UNTRUSTED_ROOT, 0 },
{ CERT_TRUST_IS_UNTRUSTED_ROOT, CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS },
1, simpleStatus19 },
0 },
/* Older versions of crypt32 do not set
@ -3278,7 +3280,7 @@ static ChainCheck chainCheck[] = {
CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT,
CERT_TRUST_HAS_PREFERRED_ISSUER | CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS
},
{ CERT_TRUST_IS_UNTRUSTED_ROOT, 0 },
{ CERT_TRUST_IS_UNTRUSTED_ROOT, CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS },
1, simpleStatus21 },
0 },
{ { sizeof(chain22) / sizeof(chain22[0]), chain22 },
@ -3405,8 +3407,9 @@ static ChainCheck chainCheckEmbeddedNullBroken = {
{ sizeof(chain27) / sizeof(chain27[0]), chain27 },
{ { CERT_TRUST_IS_NOT_TIME_NESTED | CERT_TRUST_IS_NOT_VALID_FOR_USAGE |
CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT,
CERT_TRUST_HAS_PREFERRED_ISSUER },
{ CERT_TRUST_IS_UNTRUSTED_ROOT, CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS },
CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS | CERT_TRUST_HAS_PREFERRED_ISSUER },
{ CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT,
CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS },
1, simpleStatus27Broken },
0 };
@ -3421,7 +3424,12 @@ static void testGetCertChain(void)
PCCERT_CONTEXT cert;
CERT_CHAIN_PARA para = { 0 };
PCCERT_CHAIN_CONTEXT chain;
FILETIME fileTime;
DWORD i;
HCERTSTORE store;
static char one_two_three[] = "1.2.3";
static char oid_server_auth[] = szOID_PKIX_KP_SERVER_AUTH;
LPSTR oids[2];
/* Basic parameter checks */
if (0)
@ -3481,6 +3489,68 @@ static void testGetCertChain(void)
CertFreeCertificateContext(cert);
/* Test usage match with Google's cert */
store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
CERT_STORE_CREATE_NEW_FLAG, NULL);
CertAddEncodedCertificateToStore(store, X509_ASN_ENCODING,
verisignCA, sizeof(verisignCA), CERT_STORE_ADD_ALWAYS, NULL);
CertAddEncodedCertificateToStore(store, X509_ASN_ENCODING,
thawte_sgc_ca, sizeof(thawte_sgc_ca), CERT_STORE_ADD_ALWAYS, NULL);
cert = CertCreateCertificateContext(X509_ASN_ENCODING,
google, sizeof(google));
SystemTimeToFileTime(&oct2009, &fileTime);
memset(&para, 0, sizeof(para));
para.cbSize = sizeof(para);
oids[0] = one_two_three;
para.RequestedUsage.dwType = USAGE_MATCH_TYPE_AND;
para.RequestedUsage.Usage.rgpszUsageIdentifier = oids;
para.RequestedUsage.Usage.cUsageIdentifier = 1;
ret = pCertGetCertificateChain(NULL, cert, &fileTime, store, &para,
0, NULL, &chain);
ok(ret, "CertGetCertificateChain failed: %08x\n", GetLastError());
if (ret)
{
ok(chain->TrustStatus.dwErrorStatus & CERT_TRUST_IS_NOT_VALID_FOR_USAGE,
"expected CERT_TRUST_IS_NOT_VALID_FOR_USAGE\n");
CertFreeCertificateChain(chain);
}
oids[0] = oid_server_auth;
ret = pCertGetCertificateChain(NULL, cert, &fileTime, store, &para,
0, NULL, &chain);
ok(ret, "CertGetCertificateChain failed: %08x\n", GetLastError());
if (ret)
{
ok(!(chain->TrustStatus.dwErrorStatus &
CERT_TRUST_IS_NOT_VALID_FOR_USAGE),
"didn't expect CERT_TRUST_IS_NOT_VALID_FOR_USAGE\n");
CertFreeCertificateChain(chain);
}
oids[1] = one_two_three;
para.RequestedUsage.Usage.cUsageIdentifier = 2;
para.RequestedUsage.dwType = USAGE_MATCH_TYPE_AND;
ret = pCertGetCertificateChain(NULL, cert, &fileTime, store, &para,
0, NULL, &chain);
ok(ret, "CertGetCertificateChain failed: %08x\n", GetLastError());
if (ret)
{
ok(chain->TrustStatus.dwErrorStatus & CERT_TRUST_IS_NOT_VALID_FOR_USAGE,
"expected CERT_TRUST_IS_NOT_VALID_FOR_USAGE\n");
CertFreeCertificateChain(chain);
}
para.RequestedUsage.dwType = USAGE_MATCH_TYPE_OR;
ret = pCertGetCertificateChain(NULL, cert, &fileTime, store, &para,
0, NULL, &chain);
ok(ret, "CertGetCertificateChain failed: %08x\n", GetLastError());
if (ret)
{
ok(!(chain->TrustStatus.dwErrorStatus &
CERT_TRUST_IS_NOT_VALID_FOR_USAGE),
"didn't expect CERT_TRUST_IS_NOT_VALID_FOR_USAGE\n");
CertFreeCertificateChain(chain);
}
CertCloseStore(store, 0);
CertFreeCertificateContext(cert);
for (i = 0; i < sizeof(chainCheck) / sizeof(chainCheck[0]); i++)
{
chain = getChain(&chainCheck[i].certs, 0, TRUE, &oct2007,
@ -3510,8 +3580,10 @@ static void testGetCertChain(void)
{
ok(chain->TrustStatus.dwErrorStatus ==
chainCheckEmbeddedNull.status.status.dwErrorStatus ||
broken(chain->TrustStatus.dwErrorStatus ==
chainCheckEmbeddedNullBroken.status.status.dwErrorStatus),
broken((chain->TrustStatus.dwErrorStatus &
~chainCheckEmbeddedNullBroken.status.statusToIgnore.dwErrorStatus) ==
(chainCheckEmbeddedNullBroken.status.status.dwErrorStatus &
~chainCheckEmbeddedNullBroken.status.statusToIgnore.dwErrorStatus)),
"unexpected chain error status %08x\n",
chain->TrustStatus.dwErrorStatus);
if (chainCheckEmbeddedNull.status.status.dwErrorStatus ==

553
rostests/winetests/crypt32/crl.c
View file

@ -223,12 +223,188 @@ static void testAddCRL(void)
CertCloseStore(store, 0);
}
static const BYTE v1CRLWithIssuerAndEntry[] = { 0x30, 0x44, 0x30, 0x02, 0x06,
0x00, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13,
0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x18, 0x0f,
0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30,
0x30, 0x5a, 0x30, 0x16, 0x30, 0x14, 0x02, 0x01, 0x01, 0x18, 0x0f, 0x31, 0x36,
0x30, 0x31, 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a };
static const BYTE v2CRLWithIssuingDistPoint[] = {
0x30,0x70,0x02,0x01,0x01,0x30,0x02,0x06,0x00,0x30,0x15,0x31,0x13,0x30,0x11,
0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,
0x67,0x00,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,
0x30,0x30,0x30,0x5a,0x30,0x16,0x30,0x14,0x02,0x01,0x01,0x18,0x0f,0x31,0x36,
0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0xa0,0x27,
0x30,0x25,0x30,0x23,0x06,0x03,0x55,0x1d,0x1c,0x01,0x01,0xff,0x04,0x19,0x30,
0x17,0xa0,0x15,0xa0,0x13,0x86,0x11,0x68,0x74,0x74,0x70,0x3a,0x2f,0x2f,0x77,
0x69,0x6e,0x65,0x68,0x71,0x2e,0x6f,0x72,0x67 };
static const BYTE verisignCRL[] = { 0x30, 0x82, 0x01, 0xb1, 0x30, 0x82, 0x01,
0x1a, 0x02, 0x01, 0x01, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
0x0d, 0x01, 0x01, 0x02, 0x05, 0x00, 0x30, 0x61, 0x31, 0x11, 0x30, 0x0f, 0x06,
0x03, 0x55, 0x04, 0x07, 0x13, 0x08, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65,
0x74, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x0e, 0x56,
0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6e, 0x2c, 0x20, 0x49, 0x6e, 0x63, 0x2e,
0x31, 0x33, 0x30, 0x31, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x2a, 0x56, 0x65,
0x72, 0x69, 0x53, 0x69, 0x67, 0x6e, 0x20, 0x43, 0x6f, 0x6d, 0x6d, 0x65, 0x72,
0x63, 0x69, 0x61, 0x6c, 0x20, 0x53, 0x6f, 0x66, 0x74, 0x77, 0x61, 0x72, 0x65,
0x20, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x73, 0x68, 0x65, 0x72, 0x73, 0x20, 0x43,
0x41, 0x17, 0x0d, 0x30, 0x31, 0x30, 0x33, 0x32, 0x34, 0x30, 0x30, 0x30, 0x30,
0x30, 0x30, 0x5a, 0x17, 0x0d, 0x30, 0x34, 0x30, 0x31, 0x30, 0x37, 0x32, 0x33,
0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x69, 0x30, 0x21, 0x02, 0x10, 0x1b, 0x51,
0x90, 0xf7, 0x37, 0x24, 0x39, 0x9c, 0x92, 0x54, 0xcd, 0x42, 0x46, 0x37, 0x99,
0x6a, 0x17, 0x0d, 0x30, 0x31, 0x30, 0x31, 0x33, 0x30, 0x30, 0x30, 0x30, 0x31,
0x32, 0x34, 0x5a, 0x30, 0x21, 0x02, 0x10, 0x75, 0x0e, 0x40, 0xff, 0x97, 0xf0,
0x47, 0xed, 0xf5, 0x56, 0xc7, 0x08, 0x4e, 0xb1, 0xab, 0xfd, 0x17, 0x0d, 0x30,
0x31, 0x30, 0x31, 0x33, 0x31, 0x30, 0x30, 0x30, 0x30, 0x34, 0x39, 0x5a, 0x30,
0x21, 0x02, 0x10, 0x77, 0xe6, 0x5a, 0x43, 0x59, 0x93, 0x5d, 0x5f, 0x7a, 0x75,
0x80, 0x1a, 0xcd, 0xad, 0xc2, 0x22, 0x17, 0x0d, 0x30, 0x30, 0x30, 0x38, 0x33,
0x31, 0x30, 0x30, 0x30, 0x30, 0x35, 0x36, 0x5a, 0xa0, 0x1a, 0x30, 0x18, 0x30,
0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x0b, 0x06,
0x03, 0x55, 0x1d, 0x0f, 0x04, 0x04, 0x03, 0x02, 0x05, 0xa0, 0x30, 0x0d, 0x06,
0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x02, 0x05, 0x00, 0x03,
0x81, 0x81, 0x00, 0x18, 0x2c, 0xe8, 0xfc, 0x16, 0x6d, 0x91, 0x4a, 0x3d, 0x88,
0x54, 0x48, 0x5d, 0xb8, 0x11, 0xbf, 0x64, 0xbb, 0xf9, 0xda, 0x59, 0x19, 0xdd,
0x0e, 0x65, 0xab, 0xc0, 0x0c, 0xfa, 0x67, 0x7e, 0x21, 0x1e, 0x83, 0x0e, 0xcf,
0x9b, 0x89, 0x8a, 0xcf, 0x0c, 0x4b, 0xc1, 0x39, 0x9d, 0xe7, 0x6a, 0xac, 0x46,
0x74, 0x6a, 0x91, 0x62, 0x22, 0x0d, 0xc4, 0x08, 0xbd, 0xf5, 0x0a, 0x90, 0x7f,
0x06, 0x21, 0x3d, 0x7e, 0xa7, 0xaa, 0x5e, 0xcd, 0x22, 0x15, 0xe6, 0x0c, 0x75,
0x8e, 0x6e, 0xad, 0xf1, 0x84, 0xe4, 0x22, 0xb4, 0x30, 0x6f, 0xfb, 0x64, 0x8f,
0xd7, 0x80, 0x43, 0xf5, 0x19, 0x18, 0x66, 0x1d, 0x72, 0xa3, 0xe3, 0x94, 0x82,
0x28, 0x52, 0xa0, 0x06, 0x4e, 0xb1, 0xc8, 0x92, 0x0c, 0x97, 0xbe, 0x15, 0x07,
0xab, 0x7a, 0xc9, 0xea, 0x08, 0x67, 0x43, 0x4d, 0x51, 0x63, 0x3b, 0x9c, 0x9c,
0xcd };
static const BYTE verisignCommercialSoftPubCA[] = {
0x30,0x82,0x02,0x40,0x30,0x82,0x01,0xa9,0x02,0x10,0x03,0xc7,0x8f,0x37,0xdb,0x92,
0x28,0xdf,0x3c,0xbb,0x1a,0xad,0x82,0xfa,0x67,0x10,0x30,0x0d,0x06,0x09,0x2a,0x86,
0x48,0x86,0xf7,0x0d,0x01,0x01,0x02,0x05,0x00,0x30,0x61,0x31,0x11,0x30,0x0f,0x06,
0x03,0x55,0x04,0x07,0x13,0x08,0x49,0x6e,0x74,0x65,0x72,0x6e,0x65,0x74,0x31,0x17,
0x30,0x15,0x06,0x03,0x55,0x04,0x0a,0x13,0x0e,0x56,0x65,0x72,0x69,0x53,0x69,0x67,
0x6e,0x2c,0x20,0x49,0x6e,0x63,0x2e,0x31,0x33,0x30,0x31,0x06,0x03,0x55,0x04,0x0b,
0x13,0x2a,0x56,0x65,0x72,0x69,0x53,0x69,0x67,0x6e,0x20,0x43,0x6f,0x6d,0x6d,0x65,
0x72,0x63,0x69,0x61,0x6c,0x20,0x53,0x6f,0x66,0x74,0x77,0x61,0x72,0x65,0x20,0x50,
0x75,0x62,0x6c,0x69,0x73,0x68,0x65,0x72,0x73,0x20,0x43,0x41,0x30,0x1e,0x17,0x0d,
0x39,0x36,0x30,0x34,0x30,0x39,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,
0x34,0x30,0x31,0x30,0x37,0x32,0x33,0x35,0x39,0x35,0x39,0x5a,0x30,0x61,0x31,0x11,
0x30,0x0f,0x06,0x03,0x55,0x04,0x07,0x13,0x08,0x49,0x6e,0x74,0x65,0x72,0x6e,0x65,
0x74,0x31,0x17,0x30,0x15,0x06,0x03,0x55,0x04,0x0a,0x13,0x0e,0x56,0x65,0x72,0x69,
0x53,0x69,0x67,0x6e,0x2c,0x20,0x49,0x6e,0x63,0x2e,0x31,0x33,0x30,0x31,0x06,0x03,
0x55,0x04,0x0b,0x13,0x2a,0x56,0x65,0x72,0x69,0x53,0x69,0x67,0x6e,0x20,0x43,0x6f,
0x6d,0x6d,0x65,0x72,0x63,0x69,0x61,0x6c,0x20,0x53,0x6f,0x66,0x74,0x77,0x61,0x72,
0x65,0x20,0x50,0x75,0x62,0x6c,0x69,0x73,0x68,0x65,0x72,0x73,0x20,0x43,0x41,0x30,
0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,
0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xc3,0xd3,0x69,0x65,
0x52,0x01,0x94,0x54,0xab,0x28,0xc6,0x62,0x18,0xb3,0x54,0x55,0xc5,0x44,0x87,0x45,
0x4a,0x3b,0xc2,0x7e,0xd8,0xd3,0xd7,0xc8,0x80,0x86,0x8d,0xd8,0x0c,0xf1,0x16,0x9c,
0xcc,0x6b,0xa9,0x29,0xb2,0x8f,0x76,0x73,0x92,0xc8,0xc5,0x62,0xa6,0x3c,0xed,0x1e,
0x05,0x75,0xf0,0x13,0x00,0x6c,0x14,0x4d,0xd4,0x98,0x90,0x07,0xbe,0x69,0x73,0x81,
0xb8,0x62,0x4e,0x31,0x1e,0xd1,0xfc,0xc9,0x0c,0xeb,0x7d,0x90,0xbf,0xae,0xb4,0x47,
0x51,0xec,0x6f,0xce,0x64,0x35,0x02,0xd6,0x7d,0x67,0x05,0x77,0xe2,0x8f,0xd9,0x51,
0xd7,0xfb,0x97,0x19,0xbc,0x3e,0xd7,0x77,0x81,0xc6,0x43,0xdd,0xf2,0xdd,0xdf,0xca,
0xa3,0x83,0x8b,0xcb,0x41,0xc1,0x3d,0x22,0x48,0x48,0xa6,0x19,0x02,0x03,0x01,0x00,
0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x02,0x05,0x00,
0x03,0x81,0x81,0x00,0xb5,0xbc,0xb0,0x75,0x6a,0x89,0xa2,0x86,0xbd,0x64,0x78,0xc3,
0xa7,0x32,0x75,0x72,0x11,0xaa,0x26,0x02,0x17,0x60,0x30,0x4c,0xe3,0x48,0x34,0x19,
0xb9,0x52,0x4a,0x51,0x18,0x80,0xfe,0x53,0x2d,0x7b,0xd5,0x31,0x8c,0xc5,0x65,0x99,
0x41,0x41,0x2f,0xf2,0xae,0x63,0x7a,0xe8,0x73,0x99,0x15,0x90,0x1a,0x1f,0x7a,0x8b,
0x41,0xd0,0x8e,0x3a,0xd0,0xcd,0x38,0x34,0x44,0xd0,0x75,0xf8,0xea,0x71,0xc4,0x81,
0x19,0x38,0x17,0x35,0x4a,0xae,0xc5,0x3e,0x32,0xe6,0x21,0xb8,0x05,0xc0,0x93,0xe1,
0xc7,0x38,0x5c,0xd8,0xf7,0x93,0x38,0x64,0x90,0xed,0x54,0xce,0xca,0xd3,0xd3,0xd0,
0x5f,0xef,0x04,0x9b,0xde,0x02,0x82,0xdd,0x88,0x29,0xb1,0xc3,0x4f,0xa5,0xcd,0x71,
0x64,0x31,0x3c,0x3c
};
static const BYTE rootWithKeySignAndCRLSign[] = {
0x30,0x82,0x01,0xdf,0x30,0x82,0x01,0x4c,0xa0,0x03,0x02,0x01,0x02,0x02,0x10,
0x5b,0xc7,0x0b,0x27,0x99,0xbb,0x2e,0x99,0x47,0x9d,0x45,0x4e,0x7c,0x1a,0xca,
0xe8,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31,
0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31,
0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,
0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35,
0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,
0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,
0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89,
0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82,
0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34,
0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7,
0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91,
0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5,
0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd,
0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c,
0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35,
0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01,
0x00,0x01,0xa3,0x42,0x30,0x40,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01,
0xff,0x04,0x04,0x03,0x02,0x00,0x06,0x30,0x0f,0x06,0x03,0x55,0x1d,0x13,0x01,
0x01,0xff,0x04,0x05,0x30,0x03,0x01,0x01,0xff,0x30,0x1d,0x06,0x03,0x55,0x1d,
0x0e,0x04,0x16,0x04,0x14,0x14,0x8c,0x16,0xbb,0xbe,0x70,0xa2,0x28,0x89,0xa0,
0x58,0xff,0x98,0xbd,0xa8,0x24,0x2b,0x8a,0xe9,0x9a,0x30,0x09,0x06,0x05,0x2b,
0x0e,0x03,0x02,0x1d,0x05,0x00,0x03,0x81,0x81,0x00,0x74,0xcb,0x21,0xfd,0x2d,
0x25,0xdc,0xa5,0xaa,0xa1,0x26,0xdc,0x8b,0x40,0x11,0x64,0xae,0x5c,0x71,0x3c,
0x28,0xbc,0xf9,0xb3,0xcb,0xa5,0x94,0xb2,0x8d,0x4c,0x23,0x2b,0x9b,0xde,0x2c,
0x4c,0x30,0x04,0xc6,0x88,0x10,0x2f,0x53,0xfd,0x6c,0x82,0xf1,0x13,0xfb,0xda,
0x27,0x75,0x25,0x48,0xe4,0x72,0x09,0x2a,0xee,0xb4,0x1e,0xc9,0x55,0xf5,0xf7,
0x82,0x91,0xd8,0x4b,0xe4,0x3a,0xfe,0x97,0x87,0xdf,0xfb,0x15,0x5a,0x12,0x3e,
0x12,0xe6,0xad,0x40,0x0b,0xcf,0xee,0x1a,0x44,0xe0,0x83,0xb2,0x67,0x94,0xd4,
0x2e,0x7c,0xf2,0x06,0x9d,0xb3,0x3b,0x7e,0x2f,0xda,0x25,0x66,0x7e,0xa7,0x1f,
0x45,0xd4,0xf5,0xe3,0xdf,0x2a,0xf1,0x18,0x28,0x20,0xb5,0xf8,0xf5,0x8d,0x7a,
0x2e,0x84,0xee };
static const BYTE eeCert[] = {
0x30,0x82,0x01,0x93,0x30,0x81,0xfd,0xa0,0x03,0x02,0x01,0x02,0x02,0x01,0x01,
0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,
0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,
0x72,0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x35,0x30,0x31,0x30,0x30,
0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x30,0x30,0x31,0x30,0x30,
0x30,0x30,0x30,0x30,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,
0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,
0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,
0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5,0x33,
0x0e,0x67,0x5f,0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6,0xdc,
0xb6,0x17,0x8e,0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7,0x48,
0x9f,0x6e,0xfe,0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b,0x47,
0xd1,0x57,0x71,0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b,0x05,
0x72,0xa7,0x87,0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc,0x6a,
0x80,0x83,0x68,0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85,0x85,
0xb5,0x46,0x36,0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2,0xd3,
0x51,0x9a,0x22,0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72,0xa3,
0x02,0x03,0x01,0x00,0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,
0x01,0x01,0x05,0x05,0x00,0x03,0x81,0x81,0x00,0x22,0xf1,0x66,0x00,0x79,0xd2,
0xe6,0xb2,0xb2,0xf7,0x2f,0x98,0x92,0x7d,0x73,0xc3,0x6c,0x5c,0x77,0x20,0xe3,
0xbf,0x3e,0xe0,0xb3,0x5c,0x68,0xb4,0x9b,0x3a,0x41,0xae,0x94,0xa0,0x80,0x3a,
0xfe,0x5d,0x7a,0x56,0x87,0x85,0x44,0x45,0xcf,0xa6,0xd3,0x10,0xe7,0x73,0x41,
0xf2,0x7f,0x88,0x85,0x91,0x8e,0xe6,0xec,0xe2,0xce,0x08,0xbc,0xa5,0x76,0xe5,
0x4d,0x1d,0xb7,0x70,0x31,0xdd,0xc9,0x9a,0x15,0x32,0x11,0x5a,0x4e,0x62,0xc8,
0xd1,0xf8,0xec,0x46,0x39,0x5b,0xe7,0x67,0x1f,0x58,0xe8,0xa1,0xa0,0x5b,0xf7,
0x8a,0x6d,0x5f,0x91,0x18,0xd4,0x90,0x85,0xff,0x30,0xc7,0xca,0x9c,0xc6,0x92,
0xb0,0xca,0x16,0xc4,0xa4,0xc0,0xd6,0xe8,0xff,0x15,0x19,0xd1,0x30,0x61,0xf3,
0xef,0x9f };
static const BYTE rootSignedCRL[] = {
0x30,0x82,0x01,0x1d,0x30,0x81,0x87,0x02,0x01,0x01,0x30,0x0d,0x06,0x09,0x2a,
0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x30,0x10,0x31,0x0e,0x30,
0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31,0x17,0x0d,
0x30,0x37,0x30,0x39,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,
0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35,0x39,0x5a,0x30,0x14,
0x30,0x12,0x02,0x01,0x01,0x17,0x0d,0x30,0x37,0x30,0x39,0x30,0x31,0x30,0x30,
0x30,0x30,0x30,0x30,0x5a,0xa0,0x2d,0x30,0x2b,0x30,0x0a,0x06,0x03,0x55,0x1d,
0x14,0x04,0x03,0x02,0x01,0x01,0x30,0x1d,0x06,0x03,0x55,0x1d,0x23,0x04,0x16,
0x04,0x14,0x14,0x8c,0x16,0xbb,0xbe,0x70,0xa2,0x28,0x89,0xa0,0x58,0xff,0x98,
0xbd,0xa8,0x24,0x2b,0x8a,0xe9,0x9a,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,
0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x81,0x81,0x00,0x9b,0x2b,0x99,0x0d,
0x16,0x83,0x93,0x54,0x29,0x3a,0xa6,0x53,0x5d,0xf8,0xa6,0x73,0x9f,0x2a,0x45,
0x39,0x91,0xff,0x91,0x1c,0x27,0x06,0xe8,0xdb,0x72,0x3f,0x66,0x89,0x15,0x68,
0x55,0xd5,0x49,0x63,0xa6,0x00,0xe9,0x66,0x9c,0x97,0xf9,0xb3,0xb3,0x2b,0x1b,
0xc7,0x79,0x46,0xa8,0xd8,0x2b,0x78,0x27,0xa0,0x70,0x02,0x81,0xc6,0x40,0xb3,
0x76,0x32,0x65,0x4c,0xf8,0xff,0x1d,0x41,0x6e,0x16,0x09,0xa2,0x8a,0x7b,0x0c,
0xd0,0xa6,0x9b,0x61,0xa3,0x7c,0x02,0x91,0x79,0xdf,0x6a,0x5e,0x88,0x95,0x66,
0x33,0x17,0xcb,0x5a,0xd2,0xdc,0x89,0x05,0x62,0x97,0x60,0x73,0x7b,0x2c,0x1a,
0x90,0x20,0x73,0x24,0x9f,0x45,0x22,0x4b,0xc1,0x33,0xd1,0xda,0xd8,0x7e,0x1b,
0x3d,0x74,0xd6,0x3b };
static void testFindCRL(void)
{
HCERTSTORE store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
CERT_STORE_CREATE_NEW_FLAG, NULL);
PCCRL_CONTEXT context;
PCCERT_CONTEXT cert;
PCCERT_CONTEXT cert, endCert, rootCert;
CRL_FIND_ISSUED_FOR_PARA issuedForPara = { NULL, NULL };
DWORD count, revoked_count;
BOOL ret;
if (!store) return;
@ -286,8 +462,289 @@ static void testFindCRL(void)
ok(context != NULL, "Expected a context\n");
if (context)
CertFreeCRLContext(context);
/* Try various find flags */
context = pCertFindCRLInStore(store, 0, CRL_FIND_ISSUED_BY_SIGNATURE_FLAG,
CRL_FIND_ISSUED_BY, cert, NULL);
ok(!context || broken(context != NULL /* Win9x */), "unexpected context\n");
/* The CRL doesn't have an AKI extension, so it matches any cert */
context = pCertFindCRLInStore(store, 0, CRL_FIND_ISSUED_BY_AKI_FLAG,
CRL_FIND_ISSUED_BY, cert, NULL);
ok(context != NULL, "Expected a context\n");
if (context)
CertFreeCRLContext(context);
if (0)
{
/* Crash or return NULL/STATUS_ACCESS_VIOLATION */
context = pCertFindCRLInStore(store, 0, 0, CRL_FIND_ISSUED_FOR, NULL,
NULL);
context = pCertFindCRLInStore(store, 0, 0, CRL_FIND_ISSUED_FOR,
&issuedForPara, NULL);
}
/* Test whether the cert matches the CRL in the store */
issuedForPara.pSubjectCert = cert;
issuedForPara.pIssuerCert = cert;
context = pCertFindCRLInStore(store, 0, 0, CRL_FIND_ISSUED_FOR,
&issuedForPara, NULL);
ok(context != NULL || broken(!context /* Win9x, NT4 */),
"Expected a context\n");
if (context)
{
ok(context->cbCrlEncoded == sizeof(signedCRL),
"unexpected CRL size %d\n", context->cbCrlEncoded);
ok(!memcmp(context->pbCrlEncoded, signedCRL, context->cbCrlEncoded),
"unexpected CRL data\n");
CertFreeCRLContext(context);
}
ret = CertAddEncodedCRLToStore(store, X509_ASN_ENCODING,
v1CRLWithIssuerAndEntry, sizeof(v1CRLWithIssuerAndEntry),
CERT_STORE_ADD_ALWAYS, NULL);
ok(ret, "CertAddEncodedCRLToStore failed: %08x\n", GetLastError());
ret = CertAddEncodedCRLToStore(store, X509_ASN_ENCODING,
v2CRLWithIssuingDistPoint, sizeof(v2CRLWithIssuingDistPoint),
CERT_STORE_ADD_ALWAYS, NULL);
ok(ret, "CertAddEncodedCRLToStore failed: %08x\n", GetLastError());
ret = CertAddEncodedCRLToStore(store, X509_ASN_ENCODING,
verisignCRL, sizeof(verisignCRL), CERT_STORE_ADD_ALWAYS, NULL);
ok(ret, "CertAddEncodedCRLToStore failed: %08x\n", GetLastError());
issuedForPara.pSubjectCert = cert;
issuedForPara.pIssuerCert = cert;
context = NULL;
count = revoked_count = 0;
do {
context = pCertFindCRLInStore(store, 0, 0, CRL_FIND_ISSUED_FOR,
&issuedForPara, context);
if (context)
{
PCRL_ENTRY entry;
count++;
if (CertFindCertificateInCRL(cert, context, 0, NULL, &entry) &&
entry)
revoked_count++;
}
} while (context);
/* signedCRL, v1CRLWithIssuerAndEntry, and v2CRLWithIssuingDistPoint all
* match cert's issuer, but verisignCRL does not, so the expected count
* is 0.
*/
ok(count == 3 || broken(count == 0 /* NT4, Win9x */),
"expected 3 matching CRLs, got %d\n", count);
/* Only v1CRLWithIssuerAndEntry and v2CRLWithIssuingDistPoint contain
* entries, so the count of CRL entries that match cert is 2.
*/
ok(revoked_count == 2 || broken(revoked_count == 0 /* NT4, Win9x */),
"expected 2 matching CRL entries, got %d\n", revoked_count);
CertFreeCertificateContext(cert);
/* Try again with a cert that doesn't match any CRLs in the store */
cert = CertCreateCertificateContext(X509_ASN_ENCODING,
bigCertWithDifferentIssuer, sizeof(bigCertWithDifferentIssuer));
ok(cert != NULL, "CertCreateCertificateContext failed: %08x\n",
GetLastError());
issuedForPara.pSubjectCert = cert;
issuedForPara.pIssuerCert = cert;
context = NULL;
count = revoked_count = 0;
do {
context = pCertFindCRLInStore(store, 0, 0, CRL_FIND_ISSUED_FOR,
&issuedForPara, context);
if (context)
{
PCRL_ENTRY entry;
count++;
if (CertFindCertificateInCRL(cert, context, 0, NULL, &entry) &&
entry)
revoked_count++;
}
} while (context);
ok(count == 0, "expected 0 matching CRLs, got %d\n", count);
ok(revoked_count == 0, "expected 0 matching CRL entries, got %d\n",
revoked_count);
CertFreeCertificateContext(cert);
/* Test again with a real certificate and CRL. The certificate wasn't
* revoked, but its issuer does have a CRL.
*/
cert = CertCreateCertificateContext(X509_ASN_ENCODING,
verisignCommercialSoftPubCA, sizeof(verisignCommercialSoftPubCA));
ok(cert != NULL, "CertCreateCertificateContext failed: %08x\n",
GetLastError());
issuedForPara.pIssuerCert = cert;
issuedForPara.pSubjectCert = cert;
context = NULL;
count = revoked_count = 0;
do {
context = pCertFindCRLInStore(store, 0, 0, CRL_FIND_ISSUED_FOR,
&issuedForPara, context);
if (context)
{
PCRL_ENTRY entry;
count++;
if (CertFindCertificateInCRL(cert, context, 0, NULL, &entry) &&
entry)
revoked_count++;
}
} while (context);
ok(count == 1 || broken(count == 0 /* Win9x, NT4 */),
"expected 1 matching CRLs, got %d\n", count);
ok(revoked_count == 0, "expected 0 matching CRL entries, got %d\n",
revoked_count);
CertFreeCertificateContext(cert);
CertCloseStore(store, 0);
/* This test uses a synthesized chain (rootWithKeySignAndCRLSign ->
* eeCert) whose end certificate is in the CRL.
*/
store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
CERT_STORE_CREATE_NEW_FLAG, NULL);
/* Add a CRL for the end certificate */
CertAddEncodedCRLToStore(store, X509_ASN_ENCODING,
rootSignedCRL, sizeof(rootSignedCRL), CERT_STORE_ADD_ALWAYS, NULL);
/* Add another CRL unrelated to the tested chain */
CertAddEncodedCRLToStore(store, X509_ASN_ENCODING,
verisignCRL, sizeof(verisignCRL), CERT_STORE_ADD_ALWAYS, NULL);
endCert = CertCreateCertificateContext(X509_ASN_ENCODING,
eeCert, sizeof(eeCert));
rootCert = CertCreateCertificateContext(X509_ASN_ENCODING,
rootWithKeySignAndCRLSign, sizeof(rootWithKeySignAndCRLSign));
issuedForPara.pSubjectCert = endCert;
issuedForPara.pIssuerCert = rootCert;
context = NULL;
count = revoked_count = 0;
do {
context = pCertFindCRLInStore(store, 0, 0, CRL_FIND_ISSUED_FOR,
&issuedForPara, context);
if (context)
{
PCRL_ENTRY entry;
count++;
if (CertFindCertificateInCRL(endCert, context, 0, NULL, &entry) &&
entry)
revoked_count++;
}
} while (context);
ok(count == 1 || broken(count == 0 /* Win9x, NT4 */),
"expected 1 matching CRLs, got %d\n", count);
ok(revoked_count == 1 || broken(revoked_count == 0 /* Win9x, NT4 */),
"expected 1 matching CRL entries, got %d\n", revoked_count);
/* Test CRL_FIND_ISSUED_BY flags */
count = revoked_count = 0;
do {
context = pCertFindCRLInStore(store, 0, 0, CRL_FIND_ISSUED_BY,
endCert, context);
if (context)
{
PCRL_ENTRY entry;
count++;
if (CertFindCertificateInCRL(endCert, context, 0, NULL, &entry) &&
entry)
revoked_count++;
}
} while (context);
ok(count == 0, "expected 0 matching CRLs, got %d\n", count);
ok(revoked_count == 0, "expected 0 matching CRL entries, got %d\n",
revoked_count);
count = revoked_count = 0;
do {
context = pCertFindCRLInStore(store, 0, 0, CRL_FIND_ISSUED_BY,
rootCert, context);
if (context)
{
PCRL_ENTRY entry;
count++;
if (CertFindCertificateInCRL(endCert, context, 0, NULL, &entry) &&
entry)
revoked_count++;
}
} while (context);
ok(count == 1, "expected 1 matching CRLs, got %d\n", count);
ok(revoked_count == 1, "expected 1 matching CRL entries, got %d\n",
revoked_count);
count = revoked_count = 0;
do {
context = pCertFindCRLInStore(store, 0, CRL_FIND_ISSUED_BY_AKI_FLAG,
CRL_FIND_ISSUED_BY, endCert, context);
if (context)
{
PCRL_ENTRY entry;
count++;
if (CertFindCertificateInCRL(endCert, context, 0, NULL, &entry) &&
entry)
revoked_count++;
}
} while (context);
ok(count == 0, "expected 0 matching CRLs, got %d\n", count);
ok(revoked_count == 0, "expected 0 matching CRL entries, got %d\n",
revoked_count);
count = revoked_count = 0;
do {
context = pCertFindCRLInStore(store, 0, CRL_FIND_ISSUED_BY_AKI_FLAG,
CRL_FIND_ISSUED_BY, rootCert, context);
if (context)
{
PCRL_ENTRY entry;
count++;
if (CertFindCertificateInCRL(rootCert, context, 0, NULL, &entry) &&
entry)
revoked_count++;
}
} while (context);
ok(count == 0 || broken(count == 1 /* Win9x */),
"expected 0 matching CRLs, got %d\n", count);
ok(revoked_count == 0, "expected 0 matching CRL entries, got %d\n",
revoked_count);
count = revoked_count = 0;
do {
context = pCertFindCRLInStore(store, 0,
CRL_FIND_ISSUED_BY_SIGNATURE_FLAG, CRL_FIND_ISSUED_BY, endCert,
context);
if (context)
{
PCRL_ENTRY entry;
count++;
if (CertFindCertificateInCRL(endCert, context, 0, NULL, &entry) &&
entry)
revoked_count++;
}
} while (context);
ok(count == 0, "expected 0 matching CRLs, got %d\n", count);
ok(revoked_count == 0, "expected 0 matching CRL entries, got %d\n",
revoked_count);
count = revoked_count = 0;
do {
context = pCertFindCRLInStore(store, 0,
CRL_FIND_ISSUED_BY_SIGNATURE_FLAG, CRL_FIND_ISSUED_BY, rootCert,
context);
if (context)
{
PCRL_ENTRY entry;
count++;
if (CertFindCertificateInCRL(endCert, context, 0, NULL, &entry) &&
entry)
revoked_count++;
}
} while (context);
ok(count == 1, "expected 1 matching CRLs, got %d\n", count);
ok(revoked_count == 1, "expected 1 matching CRL entries, got %d\n",
revoked_count);
CertFreeCertificateContext(rootCert);
CertFreeCertificateContext(endCert);
CertCloseStore(store, 0);
}
@ -475,59 +932,24 @@ static void testCRLProperties(void)
}
}
static const BYTE v1CRLWithIssuerAndEntry[] = { 0x30, 0x44, 0x30, 0x02, 0x06,
0x00, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13,
0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x18, 0x0f,
0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30,
0x30, 0x5a, 0x30, 0x16, 0x30, 0x14, 0x02, 0x01, 0x01, 0x18, 0x0f, 0x31, 0x36,
0x30, 0x31, 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a };
static const BYTE v2CRLWithIssuingDistPoint[] = { 0x30,0x5c,0x02,0x01,0x01,
0x30,0x02,0x06,0x00,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,
0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x18,0x0f,0x31,
0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,
0x16,0x30,0x14,0x02,0x01,0x01,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,
0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0xa0,0x13,0x30,0x11,0x30,0x0f,0x06,
0x03,0x55,0x1d,0x13,0x04,0x08,0x30,0x06,0x01,0x01,0xff,0x02,0x01,0x01 };
static const BYTE verisignCRL[] = { 0x30, 0x82, 0x01, 0xb1, 0x30, 0x82, 0x01,
0x1a, 0x02, 0x01, 0x01, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
0x0d, 0x01, 0x01, 0x02, 0x05, 0x00, 0x30, 0x61, 0x31, 0x11, 0x30, 0x0f, 0x06,
0x03, 0x55, 0x04, 0x07, 0x13, 0x08, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65,
0x74, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x0e, 0x56,
0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6e, 0x2c, 0x20, 0x49, 0x6e, 0x63, 0x2e,
0x31, 0x33, 0x30, 0x31, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x2a, 0x56, 0x65,
0x72, 0x69, 0x53, 0x69, 0x67, 0x6e, 0x20, 0x43, 0x6f, 0x6d, 0x6d, 0x65, 0x72,
0x63, 0x69, 0x61, 0x6c, 0x20, 0x53, 0x6f, 0x66, 0x74, 0x77, 0x61, 0x72, 0x65,
0x20, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x73, 0x68, 0x65, 0x72, 0x73, 0x20, 0x43,
0x41, 0x17, 0x0d, 0x30, 0x31, 0x30, 0x33, 0x32, 0x34, 0x30, 0x30, 0x30, 0x30,
0x30, 0x30, 0x5a, 0x17, 0x0d, 0x30, 0x34, 0x30, 0x31, 0x30, 0x37, 0x32, 0x33,
0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x69, 0x30, 0x21, 0x02, 0x10, 0x1b, 0x51,
0x90, 0xf7, 0x37, 0x24, 0x39, 0x9c, 0x92, 0x54, 0xcd, 0x42, 0x46, 0x37, 0x99,
0x6a, 0x17, 0x0d, 0x30, 0x31, 0x30, 0x31, 0x33, 0x30, 0x30, 0x30, 0x30, 0x31,
0x32, 0x34, 0x5a, 0x30, 0x21, 0x02, 0x10, 0x75, 0x0e, 0x40, 0xff, 0x97, 0xf0,
0x47, 0xed, 0xf5, 0x56, 0xc7, 0x08, 0x4e, 0xb1, 0xab, 0xfd, 0x17, 0x0d, 0x30,
0x31, 0x30, 0x31, 0x33, 0x31, 0x30, 0x30, 0x30, 0x30, 0x34, 0x39, 0x5a, 0x30,
0x21, 0x02, 0x10, 0x77, 0xe6, 0x5a, 0x43, 0x59, 0x93, 0x5d, 0x5f, 0x7a, 0x75,
0x80, 0x1a, 0xcd, 0xad, 0xc2, 0x22, 0x17, 0x0d, 0x30, 0x30, 0x30, 0x38, 0x33,
0x31, 0x30, 0x30, 0x30, 0x30, 0x35, 0x36, 0x5a, 0xa0, 0x1a, 0x30, 0x18, 0x30,
0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x0b, 0x06,
0x03, 0x55, 0x1d, 0x0f, 0x04, 0x04, 0x03, 0x02, 0x05, 0xa0, 0x30, 0x0d, 0x06,
0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x02, 0x05, 0x00, 0x03,
0x81, 0x81, 0x00, 0x18, 0x2c, 0xe8, 0xfc, 0x16, 0x6d, 0x91, 0x4a, 0x3d, 0x88,
0x54, 0x48, 0x5d, 0xb8, 0x11, 0xbf, 0x64, 0xbb, 0xf9, 0xda, 0x59, 0x19, 0xdd,
0x0e, 0x65, 0xab, 0xc0, 0x0c, 0xfa, 0x67, 0x7e, 0x21, 0x1e, 0x83, 0x0e, 0xcf,
0x9b, 0x89, 0x8a, 0xcf, 0x0c, 0x4b, 0xc1, 0x39, 0x9d, 0xe7, 0x6a, 0xac, 0x46,
0x74, 0x6a, 0x91, 0x62, 0x22, 0x0d, 0xc4, 0x08, 0xbd, 0xf5, 0x0a, 0x90, 0x7f,
0x06, 0x21, 0x3d, 0x7e, 0xa7, 0xaa, 0x5e, 0xcd, 0x22, 0x15, 0xe6, 0x0c, 0x75,
0x8e, 0x6e, 0xad, 0xf1, 0x84, 0xe4, 0x22, 0xb4, 0x30, 0x6f, 0xfb, 0x64, 0x8f,
0xd7, 0x80, 0x43, 0xf5, 0x19, 0x18, 0x66, 0x1d, 0x72, 0xa3, 0xe3, 0x94, 0x82,
0x28, 0x52, 0xa0, 0x06, 0x4e, 0xb1, 0xc8, 0x92, 0x0c, 0x97, 0xbe, 0x15, 0x07,
0xab, 0x7a, 0xc9, 0xea, 0x08, 0x67, 0x43, 0x4d, 0x51, 0x63, 0x3b, 0x9c, 0x9c,
0xcd };
static const BYTE bigCertWithCRLDistPoints[] = {
0x30,0x81,0xa5,0x02,0x01,0x01,0x30,0x02,0x06,0x00,0x30,0x15,0x31,0x13,0x30,
0x11,0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,
0x6e,0x67,0x00,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,
0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,
0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x15,0x31,0x13,0x30,0x11,
0x06,0x03,0x55,0x04,0x03,0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,
0x67,0x00,0x30,0x22,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,
0x01,0x01,0x05,0x00,0x03,0x11,0x00,0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,0xa3,0x26,0x30,0x24,0x30,0x22,0x06,
0x03,0x55,0x1d,0x1f,0x04,0x1b,0x30,0x19,0x30,0x17,0xa0,0x15,0xa0,0x13,0x86,
0x11,0x68,0x74,0x74,0x70,0x3a,0x2f,0x2f,0x77,0x69,0x6e,0x65,0x68,0x71,0x2e,
0x6f,0x72,0x67 };
static void testIsValidCRLForCert(void)
{
BOOL ret;
PCCERT_CONTEXT cert1, cert2;
PCCERT_CONTEXT cert1, cert2, cert3;
PCCRL_CONTEXT crl;
HCERTSTORE store;
@ -568,21 +990,33 @@ static void testIsValidCRLForCert(void)
CertFreeCRLContext(crl);
/* Yet with a CRL_ISSUING_DIST_POINT in the CRL, I still can't get this
* to say the CRL is not valid for either cert.
/* With a CRL_ISSUING_DIST_POINT in the CRL, it returns FALSE, since the
* cert doesn't have the same extension in it.
*/
crl = CertCreateCRLContext(X509_ASN_ENCODING, v2CRLWithIssuingDistPoint,
sizeof(v2CRLWithIssuingDistPoint));
ok(crl != NULL, "CertCreateCRLContext failed: %08x\n", GetLastError());
ret = pCertIsValidCRLForCertificate(cert1, crl, 0, NULL);
ok(ret, "CertIsValidCRLForCertificate failed: %08x\n", GetLastError());
ok(!ret && GetLastError() == CRYPT_E_NO_MATCH,
"expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
ret = pCertIsValidCRLForCertificate(cert2, crl, 0, NULL);
ok(!ret && GetLastError() == CRYPT_E_NO_MATCH,
"expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
/* With a CRL_ISSUING_DIST_POINT in the CRL, it matches the cert containing
* a CRL_DIST_POINTS_INFO extension.
*/
cert3 = CertCreateCertificateContext(X509_ASN_ENCODING,
bigCertWithCRLDistPoints, sizeof(bigCertWithCRLDistPoints));
ok(cert3 != NULL, "CertCreateCertificateContext failed: %08x\n",
GetLastError());
ret = pCertIsValidCRLForCertificate(cert3, crl, 0, NULL);
ok(ret, "CertIsValidCRLForCertificate failed: %08x\n", GetLastError());
CertFreeCRLContext(crl);
/* And again, with a real CRL, the CRL is valid for both certs. */
/* And again, with a real CRL, the CRL is valid for all three certs. */
crl = CertCreateCRLContext(X509_ASN_ENCODING, verisignCRL,
sizeof(verisignCRL));
ok(crl != NULL, "CertCreateCRLContext failed: %08x\n", GetLastError());
@ -591,11 +1025,13 @@ static void testIsValidCRLForCert(void)
ok(ret, "CertIsValidCRLForCertificate failed: %08x\n", GetLastError());
ret = pCertIsValidCRLForCertificate(cert2, crl, 0, NULL);
ok(ret, "CertIsValidCRLForCertificate failed: %08x\n", GetLastError());
ret = pCertIsValidCRLForCertificate(cert3, crl, 0, NULL);
ok(ret, "CertIsValidCRLForCertificate failed: %08x\n", GetLastError());
CertFreeCRLContext(crl);
/* One last test: a CRL in a different store than the cert is also valid
* for the cert, so CertIsValidCRLForCertificate must always return TRUE?
* for the cert.
*/
store = CertOpenStore(CERT_STORE_PROV_MEMORY, X509_ASN_ENCODING, 0,
CERT_STORE_CREATE_NEW_FLAG, NULL);
@ -609,11 +1045,14 @@ static void testIsValidCRLForCert(void)
ok(ret, "CertIsValidCRLForCertificate failed: %08x\n", GetLastError());
ret = pCertIsValidCRLForCertificate(cert2, crl, 0, NULL);
ok(ret, "CertIsValidCRLForCertificate failed: %08x\n", GetLastError());
ret = pCertIsValidCRLForCertificate(cert3, crl, 0, NULL);
ok(ret, "CertIsValidCRLForCertificate failed: %08x\n", GetLastError());
CertFreeCRLContext(crl);
CertCloseStore(store, 0);
CertFreeCertificateContext(cert3);
CertFreeCertificateContext(cert2);
CertFreeCertificateContext(cert1);
}
@ -710,8 +1149,8 @@ static void testVerifyCRLRevocation(void)
CertFreeCRLContext(crl);
/* Check against CRL with different issuer and entry for the cert */
crl = CertCreateCRLContext(X509_ASN_ENCODING, v1CRLWithIssuerAndEntry,
sizeof(v1CRLWithIssuerAndEntry));
crl = CertCreateCRLContext(X509_ASN_ENCODING, crlWithDifferentIssuer,
sizeof(crlWithDifferentIssuer));
ok(crl != NULL, "CertCreateCRLContext failed: %08x\n", GetLastError());
ret = CertVerifyCRLRevocation(X509_ASN_ENCODING, cert->pCertInfo, 1,
(PCRL_INFO *)&crl->pCrlInfo);

42
rostests/winetests/crypt32/encode.c
View file

@ -1387,8 +1387,9 @@ static void test_decodeNameValue(DWORD dwEncoding)
embeddedNullNameValue.encoded, embeddedNullNameValue.encodedSize,
CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_SHARE_OID_STRING_FLAG, NULL,
&buf, &bufSize);
ok(ret, "Value type %d: CryptDecodeObjectEx failed: %08x\n",
embeddedNullNameValue.value.dwValueType, GetLastError());
/* Some Windows versions disallow name values with embedded NULLs, so
* either success or failure is acceptable.
*/
if (ret)
{
CERT_NAME_VALUE rdnEncodedValue = { CERT_RDN_ENCODED_BLOB,
@ -3851,23 +3852,14 @@ static const BYTE v2CRLWithExt[] = { 0x30,0x5c,0x02,0x01,0x01,0x30,0x02,0x06,
0x02,0x01,0x01,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,
0x30,0x30,0x30,0x30,0x5a,0xa0,0x13,0x30,0x11,0x30,0x0f,0x06,0x03,0x55,0x1d,
0x13,0x04,0x08,0x30,0x06,0x01,0x01,0xff,0x02,0x01,0x01 };
static const BYTE v2CRLWithIssuingDistPoint[] = { 0x30,0x5c,0x02,0x01,0x01,
0x30,0x02,0x06,0x00,0x30,0x15,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x03,
0x13,0x0a,0x4a,0x75,0x61,0x6e,0x20,0x4c,0x61,0x6e,0x67,0x00,0x18,0x0f,0x31,
0x36,0x30,0x31,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x30,
0x16,0x30,0x14,0x02,0x01,0x01,0x18,0x0f,0x31,0x36,0x30,0x31,0x30,0x31,0x30,
0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0xa0,0x13,0x30,0x11,0x30,0x0f,0x06,
0x03,0x55,0x1d,0x13,0x04,0x08,0x30,0x06,0x01,0x01,0xff,0x02,0x01,0x01 };
static void test_encodeCRLToBeSigned(DWORD dwEncoding)
{
BOOL ret;
BYTE *buf = NULL;
static CHAR oid_issuing_dist_point[] = szOID_ISSUING_DIST_POINT;
DWORD size = 0;
CRL_INFO info = { 0 };
CRL_ENTRY entry = { { 0 }, { 0 }, 0, 0 };
CERT_EXTENSION ext;
/* Test with a V1 CRL */
ret = pCryptEncodeObjectEx(dwEncoding, X509_CERT_CRL_TO_BE_SIGNED, &info,
@ -3978,21 +3970,6 @@ static void test_encodeCRLToBeSigned(DWORD dwEncoding)
ok(!memcmp(buf, v2CRLWithExt, size), "Got unexpected value\n");
LocalFree(buf);
}
/* a v2 CRL with an issuing dist point extension */
ext.pszObjId = oid_issuing_dist_point;
ext.fCritical = TRUE;
ext.Value.cbData = sizeof(urlIDP);
ext.Value.pbData = (LPBYTE)urlIDP;
entry.rgExtension = &ext;
ret = pCryptEncodeObjectEx(dwEncoding, X509_CERT_CRL_TO_BE_SIGNED, &info,
CRYPT_ENCODE_ALLOC_FLAG, NULL, &buf, &size);
ok(ret, "CryptEncodeObjectEx failed: %08x\n", GetLastError());
if (buf)
{
ok(size == sizeof(v2CRLWithIssuingDistPoint), "Wrong size %d\n", size);
ok(!memcmp(buf, v2CRLWithIssuingDistPoint, size), "Unexpected value\n");
LocalFree(buf);
}
}
static const BYTE verisignCRL[] = { 0x30, 0x82, 0x01, 0xb1, 0x30, 0x82, 0x01,
@ -4682,19 +4659,6 @@ static void test_decodeCRLToBeSigned(DWORD dwEncoding)
{
CRL_INFO *info = (CRL_INFO *)buf;
ok(info->cExtension == 1, "Expected 1 extensions, got %d\n",
info->cExtension);
LocalFree(buf);
}
/* And again, with an issuing dist point */
ret = pCryptDecodeObjectEx(dwEncoding, X509_CERT_CRL_TO_BE_SIGNED,
v2CRLWithIssuingDistPoint, sizeof(v2CRLWithIssuingDistPoint),
CRYPT_DECODE_ALLOC_FLAG, NULL, &buf, &size);
ok(ret, "CryptDecodeObjectEx failed: %08x\n", GetLastError());
if (buf)
{
CRL_INFO *info = (CRL_INFO *)buf;
ok(info->cExtension == 1, "Expected 1 extensions, got %d\n",
info->cExtension);
LocalFree(buf);

20
rostests/winetests/crypt32/protectdata.c
View file

@ -213,7 +213,7 @@ static void test_cryptunprotectdata(void)
plain.cbData=0;
}
static void test_simpleroundtrip(const char *plaintext, int wine_fails)
static void test_simpleroundtrip(const char *plaintext)
{
DATA_BLOB input;
DATA_BLOB encrypted;
@ -234,17 +234,9 @@ static void test_simpleroundtrip(const char *plaintext, int wine_fails)
}
res = pCryptUnprotectData(&encrypted, NULL, NULL, NULL, NULL, 0, &output);
if (wine_fails) {
todo_wine
ok(res != 0, "can't unprotect; last error %u\n", GetLastError());
} else {
ok(res != 0, "can't unprotect; last error %u\n", GetLastError());
}
if (res) {
ok(output.cbData == strlen(plaintext), "output wrong length %d for input '%s', wanted %d\n", output.cbData, plaintext, strlen(plaintext));
ok(!memcmp(plaintext, (char *)output.pbData, output.cbData), "output wrong contents for input '%s'\n", plaintext);
}
ok(res != 0, "can't unprotect; last error %u\n", GetLastError());
ok(output.cbData == strlen(plaintext), "output wrong length %d for input '%s', wanted %d\n", output.cbData, plaintext, strlen(plaintext));
ok(!memcmp(plaintext, (char *)output.pbData, output.cbData), "output wrong contents for input '%s'\n", plaintext);
}
START_TEST(protectdata)
@ -262,8 +254,8 @@ START_TEST(protectdata)
protected=FALSE;
test_cryptprotectdata();
test_cryptunprotectdata();
test_simpleroundtrip("", 1);
test_simpleroundtrip("hello", 0);
test_simpleroundtrip("");
test_simpleroundtrip("hello");
/* deinit globals here */
if (cipher.pbData) LocalFree(cipher.pbData);