ReactOS 0.4.17-dev-470-gf9e3448
rootstore.c File Reference
#include <stdarg.h>
#include <stdio.h>
#include "ntstatus.h"
#include "windef.h"
#include "winbase.h"
#include "winreg.h"
#include "wincrypt.h"
#include "winternl.h"
#include "wine/debug.h"
#include "crypt32_private.h"
Include dependency graph for rootstore.c:

Go to the source code of this file.

Classes

struct  CONST_BLOB
 

Macros

#define WIN32_NO_STATUS
 

Functions

 WINE_DEFAULT_DEBUG_CHANNEL (crypt)
 
static const chartrust_status_to_str (DWORD status)
 
static const charget_cert_common_name (PCCERT_CONTEXT cert)
 
static void check_and_store_certs (HCERTSTORE cached, HCERTSTORE new, HCERTSTORE to)
 
static void add_ms_root_certs (HCERTSTORE to, HCERTSTORE cached)
 
static void read_trusted_roots_from_known_locations (HCERTSTORE store, HCERTSTORE cached, BOOL *delete)
 
static HCERTSTORE create_root_store (HCERTSTORE cached, BOOL *delete)
 
void CRYPT_ImportSystemRootCertsToReg (void)
 

Variables

static const BYTE authenticode []
 
static const BYTE rootauthority []
 
static const BYTE rootcertauthority []
 
static const BYTE rootcertauthority2010 []
 
static const BYTE rootcertauthority2011 []
 
static const struct CONST_BLOB msRootCerts []
 

Macro Definition Documentation

◆ WIN32_NO_STATUS

#define WIN32_NO_STATUS

Definition at line 23 of file rootstore.c.

Function Documentation

◆ add_ms_root_certs()

static void add_ms_root_certs ( HCERTSTORE  to,
HCERTSTORE  cached 
)
static

Definition at line 598 of file rootstore.c.

599{
600 PCCERT_CONTEXT cert, existing;
601 DWORD i;
602
603 TRACE("\n");
604
605 for (i = 0; i < ARRAY_SIZE(msRootCerts); i++)
606 {
609 {
610 WARN("adding root cert %ld failed: %08lx\n", i, GetLastError());
611 continue;
612 }
614 {
617 }
619 }
620}
#define ARRAY_SIZE(A)
Definition: main.h:20
#define WARN(fmt,...)
Definition: precomp.h:61
#define NULL
Definition: types.h:112
BOOL WINAPI CertFreeCertificateContext(PCCERT_CONTEXT pCertContext)
Definition: cert.c:369
PCCERT_CONTEXT WINAPI CertFindCertificateInStore(HCERTSTORE hCertStore, DWORD dwCertEncodingType, DWORD dwFlags, DWORD dwType, const void *pvPara, PCCERT_CONTEXT pPrevCertContext)
Definition: cert.c:1830
BOOL WINAPI CertAddEncodedCertificateToStore(HCERTSTORE hCertStore, DWORD dwCertEncodingType, const BYTE *pbCertEncoded, DWORD cbCertEncoded, DWORD dwAddDisposition, PCCERT_CONTEXT *ppCertContext)
Definition: cert.c:56
BOOL WINAPI CertDeleteCertificateFromStore(PCCERT_CONTEXT pCertContext)
Definition: store.c:937
static MonoProfilerRuntimeShutdownBeginCallback cb
Definition: metahost.c:118
unsigned long DWORD
Definition: ntddk_ex.h:95
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
static BYTE cert[]
Definition: msg.c:1374
static const struct CONST_BLOB msRootCerts[]
#define TRACE(s)
Definition: solgame.cpp:4
DWORD WINAPI GetLastError(void)
Definition: except.c:1042
#define X509_ASN_ENCODING
Definition: wincrypt.h:2501
#define CERT_STORE_ADD_NEW
Definition: wincrypt.h:2651
#define CERT_FIND_EXISTING
Definition: wincrypt.h:3052

Referenced by create_root_store().

◆ check_and_store_certs()

static void check_and_store_certs ( HCERTSTORE  cached,
HCERTSTORE  new,
HCERTSTORE  to 
)
static

Definition at line 101 of file rootstore.c.

102{
103 DWORD root_count = 0;
104 CERT_CHAIN_ENGINE_CONFIG chainEngineConfig =
105 { sizeof(chainEngineConfig), 0 };
106 HCERTCHAINENGINE engine;
107
108 TRACE("\n");
109
111 engine = CRYPT_CreateChainEngine(to, CERT_SYSTEM_STORE_CURRENT_USER, &chainEngineConfig);
112 if (engine)
113 {
115
116 do {
118 if (cert)
119 {
120 CERT_CHAIN_PARA chainPara = { sizeof(chainPara), { 0 } };
122 BOOL ret;
123
124 ret = CertGetCertificateChain(engine, cert, NULL, cached,
126 if (!ret)
127 TRACE("rejecting %s: %s\n", get_cert_common_name(cert),
128 "chain creation failed");
129 else
130 {
131 DWORD allowedErrors = CERT_TRUST_IS_UNTRUSTED_ROOT |
135
136 /* The certificate chain verification only allows certain
137 * invalid CA certs if they're installed locally: CA
138 * certs missing the key usage extension, and CA certs
139 * missing the basic constraints extension. Of course
140 * there's a chicken and egg problem: we have to accept
141 * them here in order for them to be accepted later.
142 * Expired, locally installed certs are also allowed here,
143 * because we don't know (yet) what date will be checked
144 * for an item signed by one of these certs.
145 * Thus, accept certs with any of the allowed errors.
146 */
147 if (chain->TrustStatus.dwErrorStatus & ~allowedErrors)
148 TRACE("rejecting %s: %s\n", get_cert_common_name(cert),
149 trust_status_to_str(chain->TrustStatus.dwErrorStatus &
151 else
152 {
153 DWORD i, j;
154
155 for (i = 0; i < chain->cChain; i++)
156 for (j = 0; j < chain->rgpChain[i]->cElement; j++)
158 chain->rgpChain[i]->rgpElement[j]->pCertContext,
160 root_count++;
161 }
163 }
164 }
165 } while (cert);
167 }
168 TRACE("Added %ld root certificates\n", root_count);
169}
BOOL WINAPI CertAddCertificateContextToStore(HCERTSTORE hCertStore, PCCERT_CONTEXT pCertContext, DWORD dwAddDisposition, PCCERT_CONTEXT *ppStoreContext)
Definition: cert.c:284
BOOL WINAPI CertGetCertificateChain(HCERTCHAINENGINE hChainEngine, PCCERT_CONTEXT pCertContext, LPFILETIME pTime, HCERTSTORE hAdditionalStore, PCERT_CHAIN_PARA pChainPara, DWORD dwFlags, LPVOID pvReserved, PCCERT_CHAIN_CONTEXT *ppChainContext)
Definition: chain.c:2875
VOID WINAPI CertFreeCertificateChain(PCCERT_CHAIN_CONTEXT pChainContext)
Definition: chain.c:2956
void WINAPI CertFreeCertificateChainEngine(HCERTCHAINENGINE hChainEngine)
Definition: chain.c:245
HCERTCHAINENGINE CRYPT_CreateChainEngine(HCERTSTORE root, DWORD system_store, const CERT_CHAIN_ENGINE_CONFIG *config)
Definition: chain.c:115
HCERTSTORE WINAPI CertDuplicateStore(HCERTSTORE hCertStore)
Definition: store.c:1110
PCCERT_CONTEXT WINAPI CertEnumCertificatesInStore(HCERTSTORE hCertStore, PCCERT_CONTEXT pPrev)
Definition: store.c:922
return ret
Definition: mutex.c:146
unsigned int BOOL
Definition: ntddk_ex.h:94
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint GLint GLint j
Definition: glfuncs.h:250
static const char * trust_status_to_str(DWORD status)
Definition: rootstore.c:34
static const char * get_cert_common_name(PCCERT_CONTEXT cert)
Definition: rootstore.c:74
struct sock * chain
Definition: tcpcore.h:1
#define CERT_CHAIN_CACHE_ONLY_URL_RETRIEVAL
Definition: wincrypt.h:3778
#define CERT_TRUST_INVALID_BASIC_CONSTRAINTS
Definition: wincrypt.h:992
#define CERT_SYSTEM_STORE_CURRENT_USER
Definition: wincrypt.h:2528
#define CERT_TRUST_IS_NOT_VALID_FOR_USAGE
Definition: wincrypt.h:986
#define CERT_TRUST_IS_UNTRUSTED_ROOT
Definition: wincrypt.h:987
#define CERT_TRUST_IS_NOT_TIME_VALID
Definition: wincrypt.h:982

Referenced by read_trusted_roots_from_known_locations().

◆ create_root_store()

static HCERTSTORE create_root_store ( HCERTSTORE  cached,
BOOL delete 
)
static

Definition at line 721 of file rootstore.c.

722{
725
726
727 *delete = FALSE;
728 if (memStore)
729 {
730 add_ms_root_certs(memStore, cached);
731 read_trusted_roots_from_known_locations(memStore, cached, delete);
732 }
733
734 TRACE("returning %p\n", memStore);
735 return memStore;
736}
#define FALSE
Definition: types.h:117
HCERTSTORE WINAPI CertOpenStore(LPCSTR lpszStoreProvider, DWORD dwMsgAndCertEncodingType, HCRYPTPROV_LEGACY hCryptProv, DWORD dwFlags, const void *pvPara)
Definition: store.c:809
static void add_ms_root_certs(HCERTSTORE to, HCERTSTORE cached)
Definition: rootstore.c:598
static void read_trusted_roots_from_known_locations(HCERTSTORE store, HCERTSTORE cached, BOOL *delete)
Definition: rootstore.c:627
#define CERT_STORE_CREATE_NEW_FLAG
Definition: wincrypt.h:2633
#define CERT_STORE_PROV_MEMORY
Definition: wincrypt.h:2455

Referenced by CRYPT_ImportSystemRootCertsToReg().

◆ CRYPT_ImportSystemRootCertsToReg()

void CRYPT_ImportSystemRootCertsToReg ( void  )

Definition at line 738 of file rootstore.c.

739{
740 HCERTSTORE store = NULL, reg = NULL;
741 HKEY key = NULL;
742 LONG rc;
743 HANDLE hsem;
744 BOOL delete;
745
746 static BOOL root_certs_imported = FALSE;
747
748 if (root_certs_imported)
749 return;
750
751 hsem = CreateSemaphoreW( NULL, 0, 1, L"crypt32_root_semaphore");
752 if (!hsem)
753 {
754 ERR("Failed to create semaphore\n");
755 return;
756 }
757
759 {
761 goto done;
762 }
763
764 rc = RegCreateKeyExW(HKEY_LOCAL_MACHINE, L"Software\\Microsoft\\SystemCertificates\\Root\\Certificates", 0, NULL, 0,
765 KEY_ALL_ACCESS, NULL, &key, 0);
766 if (rc)
767 goto done;
768
770 {
771 ERR("Failed to create memory store.\n");
772 goto done;
773 }
775
776 if (!(store = create_root_store(reg, &delete)))
777 {
778 ERR("Failed to create root store\n");
779 goto done;
780 }
781 if (delete && RegDeleteTreeW(key, NULL))
782 ERR("Error deleting key.\n");
784 ERR("Failed to import system certs into registry, %08lx\n", GetLastError());
785
786done:
788 CertCloseStore(store, 0);
790 root_certs_imported = TRUE;
791 ReleaseSemaphore(hsem, 1, NULL);
792 CloseHandle(hsem);
793}
#define ERR(fmt,...)
Definition: precomp.h:57
#define RegCloseKey(hKey)
Definition: registry.h:49
LSTATUS WINAPI RegDeleteTreeW(_In_ HKEY, _In_opt_ LPCWSTR)
void CRYPT_RegReadSerializedFromReg(HKEY key, DWORD contextType, HCERTSTORE store, DWORD disposition)
Definition: regstore.c:59
const WINE_CONTEXT_INTERFACE * pCertInterface
Definition: store.c:51
BOOL CRYPT_SerializeContextsToReg(HKEY key, DWORD flags, const WINE_CONTEXT_INTERFACE *contextInterface, HCERTSTORE memStore)
Definition: regstore.c:200
#define TRUE
Definition: types.h:120
LONG WINAPI RegCreateKeyExW(_In_ HKEY hKey, _In_ LPCWSTR lpSubKey, _In_ DWORD Reserved, _In_opt_ LPWSTR lpClass, _In_ DWORD dwOptions, _In_ REGSAM samDesired, _In_opt_ LPSECURITY_ATTRIBUTES lpSecurityAttributes, _Out_ PHKEY phkResult, _Out_opt_ LPDWORD lpdwDisposition)
Definition: reg.c:1096
BOOL WINAPI CertCloseStore(HCERTSTORE hCertStore, DWORD dwFlags)
Definition: store.c:1121
#define CloseHandle
Definition: compat.h:739
#define L(x)
Definition: resources.c:13
#define INFINITE
Definition: serial.h:102
static int reg
Definition: i386-dis.c:1290
#define ERROR_ALREADY_EXISTS
Definition: disk.h:80
#define KEY_ALL_ACCESS
Definition: nt_native.h:1044
long LONG
Definition: pedump.c:60
static HCERTSTORE create_root_store(HCERTSTORE cached, BOOL *delete)
Definition: rootstore.c:721
Definition: copy.c:22
DWORD WINAPI WaitForSingleObject(IN HANDLE hHandle, IN DWORD dwMilliseconds)
Definition: synch.c:82
HANDLE WINAPI DECLSPEC_HOTPATCH CreateSemaphoreW(IN LPSECURITY_ATTRIBUTES lpSemaphoreAttributes OPTIONAL, IN LONG lInitialCount, IN LONG lMaximumCount, IN LPCWSTR lpName OPTIONAL)
Definition: synch.c:406
BOOL WINAPI DECLSPEC_HOTPATCH ReleaseSemaphore(IN HANDLE hSemaphore, IN LONG lReleaseCount, IN LPLONG lpPreviousCount)
Definition: synch.c:491
#define CERT_STORE_ADD_ALWAYS
Definition: wincrypt.h:2654
#define CERT_STORE_CERTIFICATE_CONTEXT_FLAG
Definition: wincrypt.h:3125
#define HKEY_LOCAL_MACHINE
Definition: winreg.h:12

Referenced by CRYPT_SysRegOpenStoreW().

◆ get_cert_common_name()

static const char * get_cert_common_name ( PCCERT_CONTEXT  cert)
static

Definition at line 74 of file rootstore.c.

75{
76 static char buf[1024];
77 const char *name = NULL;
78 CERT_NAME_INFO *nameInfo;
79 DWORD size;
81 cert->pCertInfo->Subject.pbData, cert->pCertInfo->Subject.cbData,
83 &size);
84
85 if (ret)
86 {
88 nameInfo);
89
90 if (commonName)
91 {
92 CertRDNValueToStrA(commonName->dwValueType,
93 &commonName->Value, buf, sizeof(buf));
94 name = buf;
95 }
96 LocalFree(nameInfo);
97 }
98 return name;
99}
BOOL WINAPI CryptDecodeObjectEx(DWORD dwCertEncodingType, LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags, PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
Definition: decode.c:6998
PCERT_RDN_ATTR WINAPI CertFindRDNAttr(LPCSTR pszObjId, PCERT_NAME_INFO pName)
Definition: cert.c:2122
DWORD WINAPI CertRDNValueToStrA(DWORD type, PCERT_RDN_VALUE_BLOB value_blob, LPSTR value, DWORD value_len)
Definition: str.c:30
GLsizeiptr size
Definition: glext.h:5919
GLenum GLuint GLenum GLsizei const GLchar * buf
Definition: glext.h:7751
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1594
static const char commonName[]
Definition: encode.c:655
Definition: name.c:39
#define CRYPT_DECODE_NOCOPY_FLAG
Definition: wincrypt.h:3608
#define X509_NAME
Definition: wincrypt.h:3524
#define CRYPT_DECODE_ALLOC_FLAG
Definition: wincrypt.h:3612
#define szOID_COMMON_NAME
Definition: wincrypt.h:3290

Referenced by check_and_store_certs().

◆ read_trusted_roots_from_known_locations()

static void read_trusted_roots_from_known_locations ( HCERTSTORE  store,
HCERTSTORE  cached,
BOOL delete 
)
static

Definition at line 627 of file rootstore.c.

628{
629 HCERTSTORE new;
630 DWORD needed, size;
631 struct enum_root_certs_params params = { NULL, 2048, &needed };
632 HCRYPTPROV prov;
634 BYTE hashval[20];
635 DWORD hashlen;
636 CRYPT_HASH_BLOB hash_blob = { sizeof(hashval), hashval };
637 CRYPT_DATA_BLOB exists_blob = { 0, NULL };
638 PCCERT_CONTEXT cert, existing;
639 unsigned int existing_count = 0, new_count = 0;
640 unsigned int cached_count = 0;
641
643 if (!new) return;
644
645 existing = NULL;
646 while ((existing = CertEnumCertificatesInStore( cached, existing )))
647 ++cached_count;
648
650 params.buffer = CryptMemAlloc( params.size );
652 {
653 if (needed > params.size)
654 {
655 CryptMemFree( params.buffer );
656 params.buffer = CryptMemAlloc( needed );
657 params.size = needed;
658 continue;
659 }
660 CryptCreateHash( prov, CALG_SHA1, 0, 0, &hash );
661 CryptHashData( hash, params.buffer, needed, 0 );
662 hashlen = sizeof(hashval);
663 CryptGetHashParam( hash, HP_HASHVAL, hashval, &hashlen, 0 );
665 if ((existing = CertFindCertificateInStore( cached, X509_ASN_ENCODING, 0,
666 CERT_FIND_SHA1_HASH, &hash_blob, NULL )))
667 {
668 /* Skip certificate which is already cached. CERT_FIRST_USER_PROP_ID is set once the cached cert
669 * is found among host imports. */
671 {
672 if (!CertSetCertificateContextProperty( existing, CERT_FIRST_USER_PROP_ID, 0, &exists_blob ))
673 ERR( "Failed to set property.\n" );
674 ++existing_count;
675 }
676 CertFreeCertificateContext( existing );
677 continue;
678 }
680 /* Add to cached so we can catch duplicates and check_and_store_certs() has the full chains. */
683 ERR("Failed to set property.\n");
685 ++new_count;
686 }
687 CryptMemFree( params.buffer );
688 CryptReleaseContext( prov, 0 );
689
690 if (existing_count < cached_count)
691 {
692 /* Some certs were removed on host. Clean up the cache and add all the certificates so cert chains
693 * get revalidated. The certs present on host are now in 'cached' store and are marked with
694 * CERT_FIRST_USER_PROP_ID property. */
695 TRACE( "Some keys were removed, reimporting, cached %u, existing %u, new %u.\n",
696 cached_count, existing_count, new_count );
697 *delete = TRUE;
698 existing_count = 0;
699 existing = NULL;
700 while ((existing = CertEnumCertificatesInStore( cached, existing )))
701 {
703 continue;
705 ++new_count;
706 }
707 }
708 if (new_count)
709 {
710 /* Clear custom property so it is not serialized and seen by apps. */
711 cert = NULL;
712 while ((cert = CertEnumCertificatesInStore( new, cert )))
714 check_and_store_certs( cached, new, store );
715 }
716
717 CertCloseStore( new, 0 );
718 TRACE( "existing %u, new %u.\n", existing_count, new_count );
719}
#define CRYPT32_CALL(func, params)
BOOL WINAPI CryptCreateHash(HCRYPTPROV hProv, ALG_ID Algid, HCRYPTKEY hKey, DWORD dwFlags, HCRYPTHASH *phHash)
Definition: crypt.c:715
BOOL WINAPI CryptGetHashParam(HCRYPTHASH hHash, DWORD dwParam, BYTE *pbData, DWORD *pdwDataLen, DWORD dwFlags)
Definition: crypt.c:1584
BOOL WINAPI CryptDestroyHash(HCRYPTHASH hHash)
Definition: crypt.c:875
BOOL WINAPI CryptReleaseContext(HCRYPTPROV hProv, DWORD dwFlags)
Definition: crypt.c:641
BOOL WINAPI CryptHashData(HCRYPTHASH hHash, const BYTE *pbData, DWORD dwDataLen, DWORD dwFlags)
Definition: crypt.c:1745
BOOL WINAPI CryptAcquireContextW(HCRYPTPROV *phProv, LPCWSTR pszContainer, LPCWSTR pszProvider, DWORD dwProvType, DWORD dwFlags)
Definition: crypt.c:362
BOOL WINAPI CertSetCertificateContextProperty(PCCERT_CONTEXT pCertContext, DWORD dwPropId, DWORD dwFlags, const void *pvData)
Definition: cert.c:838
BOOL WINAPI CertGetCertificateContextProperty(PCCERT_CONTEXT pCertContext, DWORD dwPropId, void *pvData, DWORD *pcbData)
Definition: cert.c:615
LPVOID WINAPI CryptMemAlloc(ULONG cbSize)
Definition: main.c:136
VOID WINAPI CryptMemFree(LPVOID pv)
Definition: main.c:146
GLenum const GLfloat * params
Definition: glext.h:5645
static void check_and_store_certs(HCERTSTORE cached, HCERTSTORE new, HCERTSTORE to)
Definition: rootstore.c:101
Definition: _hash_fun.h:40
static NTSTATUS enum_root_certs(void *args)
Definition: unixlib.c:667
#define PROV_RSA_FULL
Definition: wincrypt.h:2243
#define CRYPT_VERIFYCONTEXT
Definition: wincrypt.h:2273
#define CALG_SHA1
Definition: wincrypt.h:2060
ULONG_PTR HCRYPTPROV
Definition: wincrypt.h:55
#define CERT_FIRST_USER_PROP_ID
Definition: wincrypt.h:2895
ULONG_PTR HCRYPTHASH
Definition: wincrypt.h:59
#define CERT_FIND_SHA1_HASH
Definition: wincrypt.h:3012
#define HP_HASHVAL
Definition: wincrypt.h:2387
unsigned char BYTE
Definition: xxhash.c:193

Referenced by create_root_store().

◆ trust_status_to_str()

static const char * trust_status_to_str ( DWORD  status)
static

Definition at line 34 of file rootstore.c.

35{
36 static const struct
37 {
38 DWORD flag;
39 char text[32];
40 }
41 messages[] =
42 {
43 { CERT_TRUST_IS_NOT_TIME_VALID, "expired" },
44 { CERT_TRUST_IS_NOT_TIME_NESTED, "bad time nesting" },
45 { CERT_TRUST_IS_REVOKED, "revoked" },
46 { CERT_TRUST_IS_NOT_SIGNATURE_VALID, "bad signature" },
47 { CERT_TRUST_IS_NOT_VALID_FOR_USAGE, "bad usage" },
48 { CERT_TRUST_IS_UNTRUSTED_ROOT, "untrusted root" },
49 { CERT_TRUST_REVOCATION_STATUS_UNKNOWN, "unknown revocation status" },
50 { CERT_TRUST_IS_CYCLIC, "cyclic chain" },
51 { CERT_TRUST_INVALID_EXTENSION, "unsupported critical extension" },
53 { CERT_TRUST_INVALID_BASIC_CONSTRAINTS, "bad basic constraints" },
54 { CERT_TRUST_INVALID_NAME_CONSTRAINTS, "bad name constraints" },
55 { CERT_TRUST_HAS_NOT_SUPPORTED_NAME_CONSTRAINT, "unsupported name constraint" },
56 { CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT, "undefined name constraint" },
57 { CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT, "disallowed name constraint" },
58 { CERT_TRUST_HAS_EXCLUDED_NAME_CONSTRAINT, "excluded name constraint" },
59 { CERT_TRUST_IS_OFFLINE_REVOCATION, "revocation server offline" },
60 { CERT_TRUST_NO_ISSUANCE_CHAIN_POLICY, "no issuance policy" },
61 };
62 static char buf[1024];
63 int i, pos = 0;
64
65 for (i = 0; i < ARRAY_SIZE(messages); i++)
66 {
67 if (status & messages[i].flag)
68 pos += sprintf(buf + pos, "\n\t%s", messages[i].text);
69 }
70
71 return buf;
72}
const WCHAR * text
Definition: package.c:1794
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean flag
Definition: glfuncs.h:52
#define sprintf
Definition: sprintf.c:45
Definition: ps.c:97
#define CERT_TRUST_IS_REVOKED
Definition: wincrypt.h:984
#define CERT_TRUST_INVALID_POLICY_CONSTRAINTS
Definition: wincrypt.h:991
#define CERT_TRUST_REVOCATION_STATUS_UNKNOWN
Definition: wincrypt.h:988
#define CERT_TRUST_IS_CYCLIC
Definition: wincrypt.h:989
#define CERT_TRUST_INVALID_EXTENSION
Definition: wincrypt.h:990
#define CERT_TRUST_IS_NOT_TIME_NESTED
Definition: wincrypt.h:983
#define CERT_TRUST_IS_OFFLINE_REVOCATION
Definition: wincrypt.h:998
#define CERT_TRUST_NO_ISSUANCE_CHAIN_POLICY
Definition: wincrypt.h:999
#define CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT
Definition: wincrypt.h:996
#define CERT_TRUST_INVALID_NAME_CONSTRAINTS
Definition: wincrypt.h:993
#define CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT
Definition: wincrypt.h:995
#define CERT_TRUST_HAS_EXCLUDED_NAME_CONSTRAINT
Definition: wincrypt.h:997
#define CERT_TRUST_IS_NOT_SIGNATURE_VALID
Definition: wincrypt.h:985
#define CERT_TRUST_HAS_NOT_SUPPORTED_NAME_CONSTRAINT
Definition: wincrypt.h:994

Referenced by check_and_store_certs().

◆ WINE_DEFAULT_DEBUG_CHANNEL()

WINE_DEFAULT_DEBUG_CHANNEL ( crypt  )

Variable Documentation

◆ authenticode

const BYTE authenticode[]
static

Definition at line 171 of file rootstore.c.

◆ msRootCerts

const struct CONST_BLOB msRootCerts[]
static
Initial value:
= {
{ authenticode, sizeof(authenticode) },
}
static const BYTE authenticode[]
Definition: rootstore.c:171
static const BYTE rootcertauthority2011[]
Definition: rootstore.c:489
static const BYTE rootcertauthority[]
Definition: rootstore.c:301
static const BYTE rootauthority[]
Definition: rootstore.c:234
static const BYTE rootcertauthority2010[]
Definition: rootstore.c:392

Referenced by add_ms_root_certs().

◆ rootauthority

const BYTE rootauthority[]
static

Definition at line 234 of file rootstore.c.

◆ rootcertauthority

const BYTE rootcertauthority[]
static

Definition at line 301 of file rootstore.c.

◆ rootcertauthority2010

const BYTE rootcertauthority2010[]
static

Definition at line 392 of file rootstore.c.

◆ rootcertauthority2011

const BYTE rootcertauthority2011[]
static

Definition at line 489 of file rootstore.c.