2 * Copyright 2001 Rein Klazes
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
32 #include "wintrust_priv.h"
33 #include "wine/debug.h"
35 WINE_DEFAULT_DEBUG_CHANNEL(wintrust
);
38 /***********************************************************************
39 * DllMain (WINTRUST.@)
41 BOOL WINAPI
DllMain( HINSTANCE inst
, DWORD reason
, LPVOID reserved
)
45 case DLL_WINE_PREATTACH
:
46 return FALSE
; /* prefer native version */
47 case DLL_PROCESS_ATTACH
:
48 DisableThreadLibraryCalls( inst
);
54 /***********************************************************************
55 * TrustIsCertificateSelfSigned (WINTRUST.@)
57 BOOL WINAPI
TrustIsCertificateSelfSigned( PCCERT_CONTEXT cert
)
62 ret
= CertCompareCertificateName(cert
->dwCertEncodingType
,
63 &cert
->pCertInfo
->Subject
, &cert
->pCertInfo
->Issuer
);
67 /***********************************************************************
68 * WinVerifyTrust (WINTRUST.@)
70 * Verifies an object by calling the specified trust provider.
73 * hwnd [I] Handle to a caller window.
74 * ActionID [I] Pointer to a GUID that identifies the action to perform.
75 * ActionData [I] Information used by the trust provider to verify the object.
79 * Failure: A TRUST_E_* error code.
82 * Trust providers can be found at:
83 * HKLM\SOFTWARE\Microsoft\Cryptography\Providers\Trust\
85 LONG WINAPI
WinVerifyTrust( HWND hwnd
, GUID
*ActionID
, LPVOID ActionData
)
87 FIXME("%p %s %p\n", hwnd
, debugstr_guid(ActionID
), ActionData
);
91 /***********************************************************************
92 * WinVerifyTrustEx (WINTRUST.@)
94 HRESULT WINAPI
WinVerifyTrustEx( HWND hwnd
, GUID
*ActionID
,
95 WINTRUST_DATA
* ActionData
)
97 return WinVerifyTrust(hwnd
, ActionID
, ActionData
);
100 /***********************************************************************
101 * WTHelperGetProvSignerFromChain (WINTRUST.@)
103 CRYPT_PROVIDER_SGNR
* WINAPI
WTHelperGetProvSignerFromChain(
104 CRYPT_PROVIDER_DATA
*pProvData
, DWORD idxSigner
, BOOL fCounterSigner
,
105 DWORD idxCounterSigner
)
107 CRYPT_PROVIDER_SGNR
*sgnr
;
109 TRACE("(%p %d %d %d)\n", pProvData
, idxSigner
, fCounterSigner
,
112 if (idxSigner
>= pProvData
->csSigners
|| !pProvData
->pasSigners
)
114 sgnr
= &pProvData
->pasSigners
[idxSigner
];
117 if (idxCounterSigner
>= sgnr
->csCounterSigners
||
118 !sgnr
->pasCounterSigners
)
120 sgnr
= &sgnr
->pasCounterSigners
[idxCounterSigner
];
122 TRACE("returning %p\n", sgnr
);
126 /***********************************************************************
127 * WTHelperGetProvCertFromChain (WINTRUST.@)
129 CRYPT_PROVIDER_CERT
* WINAPI
WTHelperGetProvCertFromChain(
130 CRYPT_PROVIDER_SGNR
*pSgnr
, DWORD idxCert
)
132 CRYPT_PROVIDER_CERT
*cert
;
134 TRACE("(%p %d)\n", pSgnr
, idxCert
);
136 if (idxCert
>= pSgnr
->csCertChain
|| !pSgnr
->pasCertChain
)
138 cert
= &pSgnr
->pasCertChain
[idxCert
];
139 TRACE("returning %p\n", cert
);
143 /***********************************************************************
144 * WTHelperProvDataFromStateData (WINTRUST.@)
146 CRYPT_PROVIDER_DATA
* WINAPI
WTHelperProvDataFromStateData(HANDLE hStateData
)
148 TRACE("%p\n", hStateData
);
149 return (CRYPT_PROVIDER_DATA
*)hStateData
;
152 static const WCHAR Software_Publishing
[] = {
153 'S','o','f','t','w','a','r','e','\\',
154 'M','i','c','r','o','s','o','f','t','\\',
155 'W','i','n','d','o','w','s','\\',
156 'C','u','r','r','e','n','t','V','e','r','s','i','o','n','\\',
157 'W','i','n','t','r','u','s','t','\\',
158 'T','r','u','s','t',' ','P','r','o','v','i','d','e','r','s','\\',
159 'S','o','f','t','w','a','r','e',' ',
160 'P','u','b','l','i','s','h','i','n','g',0 };
161 static const WCHAR State
[] = { 'S','t','a','t','e',0 };
163 /***********************************************************************
164 * WintrustGetRegPolicyFlags (WINTRUST.@)
166 void WINAPI
WintrustGetRegPolicyFlags( DWORD
* pdwPolicyFlags
)
171 TRACE("%p\n", pdwPolicyFlags
);
174 r
= RegCreateKeyExW(HKEY_CURRENT_USER
, Software_Publishing
, 0, NULL
, 0,
175 KEY_READ
, NULL
, &key
, NULL
);
178 DWORD size
= sizeof(DWORD
);
180 r
= RegQueryValueExW(key
, State
, NULL
, NULL
, (LPBYTE
)pdwPolicyFlags
,
185 /* Failed to query, create and return default value */
186 *pdwPolicyFlags
= WTPF_IGNOREREVOCATIONONTS
|
187 WTPF_OFFLINEOKNBU_COM
|
188 WTPF_OFFLINEOKNBU_IND
|
191 WintrustSetRegPolicyFlags(*pdwPolicyFlags
);
196 /***********************************************************************
197 * WintrustSetRegPolicyFlags (WINTRUST.@)
199 BOOL WINAPI
WintrustSetRegPolicyFlags( DWORD dwPolicyFlags
)
204 TRACE("%x\n", dwPolicyFlags
);
206 r
= RegCreateKeyExW(HKEY_CURRENT_USER
, Software_Publishing
, 0,
207 NULL
, 0, KEY_WRITE
, NULL
, &key
, NULL
);
210 r
= RegSetValueExW(key
, State
, 0, REG_DWORD
, (LPBYTE
)&dwPolicyFlags
,
214 if (r
) SetLastError(r
);
215 return r
== ERROR_SUCCESS
;
218 /* Utility functions */
219 void * WINAPI
WINTRUST_Alloc(DWORD cb
)
221 return HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY
, cb
);
224 void * WINAPI
WINTRUST_ReAlloc(void *ptr
, DWORD cb
)
226 return HeapReAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY
, ptr
, cb
);
229 void WINAPI
WINTRUST_Free(void *p
)
231 HeapFree(GetProcessHeap(), 0, p
);
234 BOOL WINAPI
WINTRUST_AddStore(CRYPT_PROVIDER_DATA
*data
, HCERTSTORE store
)
239 data
->pahStores
= WINTRUST_ReAlloc(data
->pahStores
,
240 (data
->chStores
+ 1) * sizeof(HCERTSTORE
));
243 data
->pahStores
= WINTRUST_Alloc(sizeof(HCERTSTORE
));
248 data
->pahStores
[data
->chStores
++] = CertDuplicateStore(store
);
252 SetLastError(ERROR_OUTOFMEMORY
);
256 BOOL WINAPI
WINTRUST_AddSgnr(CRYPT_PROVIDER_DATA
*data
,
257 BOOL fCounterSigner
, DWORD idxSigner
, CRYPT_PROVIDER_SGNR
*sgnr
)
261 if (sgnr
->cbStruct
> sizeof(CRYPT_PROVIDER_SGNR
))
263 SetLastError(ERROR_INVALID_PARAMETER
);
268 FIXME("unimplemented for counter signers\n");
269 SetLastError(ERROR_INVALID_PARAMETER
);
273 data
->pasSigners
= WINTRUST_ReAlloc(data
->pasSigners
,
274 (data
->csSigners
+ 1) * sizeof(CRYPT_PROVIDER_SGNR
));
277 data
->pasSigners
= WINTRUST_Alloc(sizeof(CRYPT_PROVIDER_SGNR
));
280 if (data
->pasSigners
)
282 if (idxSigner
< data
->csSigners
)
283 memmove(&data
->pasSigners
[idxSigner
],
284 &data
->pasSigners
[idxSigner
+ 1],
285 (data
->csSigners
- idxSigner
) * sizeof(CRYPT_PROVIDER_SGNR
));
287 if (sgnr
->cbStruct
== sizeof(CRYPT_PROVIDER_SGNR
))
289 /* The PSDK says psSigner should be allocated using pfnAlloc, but
290 * it doesn't say anything about ownership. Since callers are
291 * internal, assume ownership is passed, and just store the
294 memcpy(&data
->pasSigners
[idxSigner
], sgnr
,
295 sizeof(CRYPT_PROVIDER_SGNR
));
298 memset(&data
->pasSigners
[idxSigner
], 0,
299 sizeof(CRYPT_PROVIDER_SGNR
));
303 SetLastError(ERROR_OUTOFMEMORY
);
307 BOOL WINAPI
WINTRUST_AddCert(CRYPT_PROVIDER_DATA
*data
, DWORD idxSigner
,
308 BOOL fCounterSigner
, DWORD idxCounterSigner
, PCCERT_CONTEXT pCert2Add
)
314 FIXME("unimplemented for counter signers\n");
315 SetLastError(ERROR_INVALID_PARAMETER
);
318 if (data
->pasSigners
[idxSigner
].csCertChain
)
319 data
->pasSigners
[idxSigner
].pasCertChain
=
320 WINTRUST_ReAlloc(data
->pasSigners
[idxSigner
].pasCertChain
,
321 (data
->pasSigners
[idxSigner
].csCertChain
+ 1) *
322 sizeof(CRYPT_PROVIDER_CERT
));
325 data
->pasSigners
[idxSigner
].pasCertChain
=
326 WINTRUST_Alloc(sizeof(CRYPT_PROVIDER_CERT
));
327 data
->pasSigners
[idxSigner
].csCertChain
= 0;
329 if (data
->pasSigners
[idxSigner
].pasCertChain
)
331 CRYPT_PROVIDER_CERT
*cert
= &data
->pasSigners
[idxSigner
].pasCertChain
[
332 data
->pasSigners
[idxSigner
].csCertChain
];
334 cert
->cbStruct
= sizeof(CRYPT_PROVIDER_CERT
);
335 cert
->pCert
= CertDuplicateCertificateContext(pCert2Add
);
336 data
->pasSigners
[idxSigner
].csCertChain
++;
340 SetLastError(ERROR_OUTOFMEMORY
);