static DWORD SOFTPUB_LoadCertMessage(CRYPT_PROVIDER_DATA *data) { DWORD err = ERROR_SUCCESS; if (data->pWintrustData->u.pCert && WVT_IS_CBSTRUCT_GT_MEMBEROFFSET(WINTRUST_CERT_INFO, data->pWintrustData->u.pCert->cbStruct, psCertContext)) { if (data->psPfns) { CRYPT_PROVIDER_SGNR signer = { sizeof(signer), { 0 } }; DWORD i; BOOL ret; /* Add a signer with nothing but the time to verify, so we can * add a cert to it */ if (WVT_ISINSTRUCT(WINTRUST_CERT_INFO, data->pWintrustData->u.pCert->cbStruct, psftVerifyAsOf) && data->pWintrustData->u.pCert->psftVerifyAsOf) data->sftSystemTime = signer.sftVerifyAsOf; else { SYSTEMTIME sysTime; GetSystemTime(&sysTime); SystemTimeToFileTime(&sysTime, &signer.sftVerifyAsOf); } ret = data->psPfns->pfnAddSgnr2Chain(data, FALSE, 0, &signer); if (ret) { ret = data->psPfns->pfnAddCert2Chain(data, 0, FALSE, 0, data->pWintrustData->u.pCert->psCertContext); if (WVT_ISINSTRUCT(WINTRUST_CERT_INFO, data->pWintrustData->u.pCert->cbStruct, pahStores)) for (i = 0; ret && i < data->pWintrustData->u.pCert->chStores; i++) ret = data->psPfns->pfnAddStore2Chain(data, data->pWintrustData->u.pCert->pahStores[i]); } if (!ret) err = GetLastError(); } } else err = ERROR_INVALID_PARAMETER; return err; }
/* Assumes data->pWintrustData->u.pFile exists. Sets data->pPDSip->gSubject to * the file's subject GUID. */ static DWORD SOFTPUB_GetFileSubject(CRYPT_PROVIDER_DATA *data) { DWORD err = ERROR_SUCCESS; if (!WVT_ISINSTRUCT(WINTRUST_FILE_INFO, data->pWintrustData->u.pFile->cbStruct, pgKnownSubject) || !data->pWintrustData->u.pFile->pgKnownSubject) { if (!CryptSIPRetrieveSubjectGuid( data->pWintrustData->u.pFile->pcwszFilePath, data->pWintrustData->u.pFile->hFile, &data->u.pPDSip->gSubject)) { LARGE_INTEGER fileSize; DWORD sipError = GetLastError(); /* Special case for empty files: the error is expected to be * TRUST_E_SUBJECT_FORM_UNKNOWN, rather than whatever * CryptSIPRetrieveSubjectGuid returns. */ if (GetFileSizeEx(data->pWintrustData->u.pFile->hFile, &fileSize) && !fileSize.QuadPart) err = TRUST_E_SUBJECT_FORM_UNKNOWN; else err = sipError; } } else data->u.pPDSip->gSubject = *data->pWintrustData->u.pFile->pgKnownSubject; TRACE("returning %d\n", err); return err; }
static LONG WINTRUST_CertActionVerify(HWND hwnd, GUID *actionID, WINTRUST_DATA *data) { DWORD stateAction; LONG err = ERROR_SUCCESS; if (WVT_ISINSTRUCT(WINTRUST_DATA, data->cbStruct, dwStateAction)) stateAction = data->dwStateAction; else { TRACE("no dwStateAction, assuming WTD_STATEACTION_IGNORE\n"); stateAction = WTD_STATEACTION_IGNORE; } switch (stateAction) { case WTD_STATEACTION_IGNORE: err = WINTRUST_CertVerifyAndClose(hwnd, actionID, data); break; case WTD_STATEACTION_VERIFY: err = WINTRUST_CertVerify(hwnd, actionID, data); break; case WTD_STATEACTION_CLOSE: err = WINTRUST_DefaultClose(hwnd, actionID, data); break; default: FIXME("unimplemented for %d\n", data->dwStateAction); } return err; }
/*********************************************************************** * WinVerifyTrust (WINTRUST.@) * * Verifies an object by calling the specified trust provider. * * PARAMS * hwnd [I] Handle to a caller window. * ActionID [I] Pointer to a GUID that identifies the action to perform. * ActionData [I] Information used by the trust provider to verify the object. * * RETURNS * Success: Zero. * Failure: A TRUST_E_* error code. * * NOTES * Trust providers can be found at: * HKLM\SOFTWARE\Microsoft\Cryptography\Providers\Trust\ */ LONG WINAPI WinVerifyTrust( HWND hwnd, GUID *ActionID, LPVOID ActionData ) { static const GUID unknown = { 0xC689AAB8, 0x8E78, 0x11D0, { 0x8C,0x47, 0x00,0xC0,0x4F,0xC2,0x95,0xEE } }; static const GUID published_software = WIN_SPUB_ACTION_PUBLISHED_SOFTWARE; static const GUID generic_verify_v2 = WINTRUST_ACTION_GENERIC_VERIFY_V2; static const GUID generic_cert_verify = WINTRUST_ACTION_GENERIC_CERT_VERIFY; static const GUID generic_chain_verify = WINTRUST_ACTION_GENERIC_CHAIN_VERIFY; static const GUID cert_action_verify = CERT_CERTIFICATE_ACTION_VERIFY; LONG err = ERROR_SUCCESS; WINTRUST_DATA *actionData = ActionData; TRACE("(%p, %s, %p)\n", hwnd, debugstr_guid(ActionID), ActionData); dump_wintrust_data(ActionData); /* Support for known old-style callers: */ if (IsEqualGUID(ActionID, &published_software)) err = WINTRUST_PublishedSoftware(hwnd, ActionID, ActionData); else if (IsEqualGUID(ActionID, &cert_action_verify)) err = WINTRUST_CertActionVerify(hwnd, ActionID, ActionData); else { DWORD stateAction; /* Check known actions to warn of possible problems */ if (!IsEqualGUID(ActionID, &unknown) && !IsEqualGUID(ActionID, &generic_verify_v2) && !IsEqualGUID(ActionID, &generic_cert_verify) && !IsEqualGUID(ActionID, &generic_chain_verify)) WARN("unknown action %s, default behavior may not be right\n", debugstr_guid(ActionID)); if (WVT_ISINSTRUCT(WINTRUST_DATA, actionData->cbStruct, dwStateAction)) stateAction = actionData->dwStateAction; else { TRACE("no dwStateAction, assuming WTD_STATEACTION_IGNORE\n"); stateAction = WTD_STATEACTION_IGNORE; } switch (stateAction) { case WTD_STATEACTION_IGNORE: err = WINTRUST_DefaultVerifyAndClose(hwnd, ActionID, ActionData); break; case WTD_STATEACTION_VERIFY: err = WINTRUST_DefaultVerify(hwnd, ActionID, ActionData); break; case WTD_STATEACTION_CLOSE: err = WINTRUST_DefaultClose(hwnd, ActionID, ActionData); break; default: FIXME("unimplemented for %d\n", actionData->dwStateAction); } } TRACE("returning %08x\n", err); return err; }