static DWORD SOFTPUB_LoadCertMessage(CRYPT_PROVIDER_DATA *data)
{
DWORD err = ERROR_SUCCESS;
if (data->pWintrustData->u.pCert &&
WVT_IS_CBSTRUCT_GT_MEMBEROFFSET(WINTRUST_CERT_INFO,
data->pWintrustData->u.pCert->cbStruct, psCertContext))
{
if (data->psPfns)
{
CRYPT_PROVIDER_SGNR signer = { sizeof(signer), { 0 } };
DWORD i;
BOOL ret;
/* Add a signer with nothing but the time to verify, so we can
* add a cert to it
*/
if (WVT_ISINSTRUCT(WINTRUST_CERT_INFO,
data->pWintrustData->u.pCert->cbStruct, psftVerifyAsOf) &&
data->pWintrustData->u.pCert->psftVerifyAsOf)
data->sftSystemTime = signer.sftVerifyAsOf;
else
{
SYSTEMTIME sysTime;
GetSystemTime(&sysTime);
SystemTimeToFileTime(&sysTime, &signer.sftVerifyAsOf);
}
ret = data->psPfns->pfnAddSgnr2Chain(data, FALSE, 0, &signer);
if (ret)
{
ret = data->psPfns->pfnAddCert2Chain(data, 0, FALSE, 0,
data->pWintrustData->u.pCert->psCertContext);
if (WVT_ISINSTRUCT(WINTRUST_CERT_INFO,
data->pWintrustData->u.pCert->cbStruct, pahStores))
for (i = 0;
ret && i < data->pWintrustData->u.pCert->chStores; i++)
ret = data->psPfns->pfnAddStore2Chain(data,
data->pWintrustData->u.pCert->pahStores[i]);
}
if (!ret)
err = GetLastError();
}
}
else
err = ERROR_INVALID_PARAMETER;
return err;
}
/* Sadly, the function to load the cert for the CERT_CERTIFICATE_ACTION_VERIFY
* action is not stored in the registry and is located in wintrust, not in
* cryptdlg along with the rest of the implementation (verified by running the
* action with a native wintrust.dll.)
*/
static HRESULT WINAPI WINTRUST_CertVerifyObjTrust(CRYPT_PROVIDER_DATA *data)
{
BOOL ret;
TRACE("(%p)\n", data);
if (!data->padwTrustStepErrors)
return S_FALSE;
switch (data->pWintrustData->dwUnionChoice)
{
case WTD_CHOICE_BLOB:
if (data->pWintrustData->u.pBlob &&
WVT_IS_CBSTRUCT_GT_MEMBEROFFSET(WINTRUST_BLOB_INFO,
data->pWintrustData->u.pBlob->cbStruct, pbMemObject) &&
data->pWintrustData->u.pBlob->cbMemObject ==
sizeof(CERT_VERIFY_CERTIFICATE_TRUST) &&
data->pWintrustData->u.pBlob->pbMemObject)
{
CERT_VERIFY_CERTIFICATE_TRUST *pCert =
(CERT_VERIFY_CERTIFICATE_TRUST *)
data->pWintrustData->u.pBlob->pbMemObject;
if (pCert->cbSize == sizeof(CERT_VERIFY_CERTIFICATE_TRUST) &&
pCert->pccert)
{
CRYPT_PROVIDER_SGNR signer = { sizeof(signer), { 0 } };
DWORD i;
SYSTEMTIME sysTime;
/* Add a signer with nothing but the time to verify, so we can
* add a cert to it
*/
GetSystemTime(&sysTime);
SystemTimeToFileTime(&sysTime, &signer.sftVerifyAsOf);
ret = data->psPfns->pfnAddSgnr2Chain(data, FALSE, 0, &signer);
if (!ret)
goto error;
ret = data->psPfns->pfnAddCert2Chain(data, 0, FALSE, 0,
pCert->pccert);
if (!ret)
goto error;
for (i = 0; ret && i < pCert->cRootStores; i++)
ret = data->psPfns->pfnAddStore2Chain(data,
pCert->rghstoreRoots[i]);
for (i = 0; ret && i < pCert->cStores; i++)
ret = data->psPfns->pfnAddStore2Chain(data,
pCert->rghstoreCAs[i]);
for (i = 0; ret && i < pCert->cTrustStores; i++)
ret = data->psPfns->pfnAddStore2Chain(data,
pCert->rghstoreTrust[i]);
}
else
{
SetLastError(ERROR_INVALID_PARAMETER);
ret = FALSE;
}
}
else
{
SetLastError(ERROR_INVALID_PARAMETER);
ret = FALSE;
}
break;
default:
FIXME("unimplemented for %d\n", data->pWintrustData->dwUnionChoice);
SetLastError(ERROR_INVALID_PARAMETER);
ret = FALSE;
}
error:
if (!ret)
data->padwTrustStepErrors[TRUSTERROR_STEP_FINAL_OBJPROV] =
GetLastError();
TRACE("returning %d (%08x)\n", ret ? S_OK : S_FALSE,
data->padwTrustStepErrors[TRUSTERROR_STEP_FINAL_OBJPROV]);
return ret ? S_OK : S_FALSE;
}
