Sweden-Number/dlls/wintrust/register.c

1251 lines
50 KiB
C

/*
* Register related wintrust functions
*
* Copyright 2006 Paul Vriens
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
*/
#include <stdarg.h>
#include "windef.h"
#include "winbase.h"
#include "winerror.h"
#include "winuser.h"
#include "winreg.h"
#include "winnls.h"
#include "objbase.h"
#include "guiddef.h"
#include "wintrust.h"
#include "softpub.h"
#include "mssip.h"
#include "wintrust_priv.h"
#include "wine/debug.h"
WINE_DEFAULT_DEBUG_CHANNEL(wintrust);
static CRYPT_TRUST_REG_ENTRY SoftpubInitialization;
static CRYPT_TRUST_REG_ENTRY SoftpubMessage;
static CRYPT_TRUST_REG_ENTRY SoftpubSignature;
static CRYPT_TRUST_REG_ENTRY SoftpubCertificate;
static CRYPT_TRUST_REG_ENTRY SoftpubCertCheck;
static CRYPT_TRUST_REG_ENTRY SoftpubFinalPolicy;
static CRYPT_TRUST_REG_ENTRY SoftpubCleanup;
static CRYPT_TRUST_REG_ENTRY SoftpubDefCertInit;
static CRYPT_TRUST_REG_ENTRY SoftpubDumpStructure;
static CRYPT_TRUST_REG_ENTRY HTTPSCertificateTrust;
static CRYPT_TRUST_REG_ENTRY HTTPSFinalProv;
static CRYPT_TRUST_REG_ENTRY OfficeInitializePolicy;
static CRYPT_TRUST_REG_ENTRY OfficeCleanupPolicy;
static CRYPT_TRUST_REG_ENTRY DriverInitializePolicy;
static CRYPT_TRUST_REG_ENTRY DriverFinalPolicy;
static CRYPT_TRUST_REG_ENTRY DriverCleanupPolicy;
static CRYPT_TRUST_REG_ENTRY GenericChainCertificateTrust;
static CRYPT_TRUST_REG_ENTRY GenericChainFinalProv;
static const CRYPT_TRUST_REG_ENTRY NullCTRE = { 0, NULL, NULL };
static const WCHAR Trust[] = {'S','o','f','t','w','a','r','e','\\',
'M','i','c','r','o','s','o','f','t','\\',
'C','r','y','p','t','o','g','r','a','p','h','y','\\',
'P','r','o','v','i','d','e','r','s','\\',
'T','r','u','s','t','\\', 0 };
static const WCHAR Initialization[] = {'I','n','i','t','i','a','l','i','z','a','t','i','o','n','\\', 0};
static const WCHAR Message[] = {'M','e','s','s','a','g','e','\\', 0};
static const WCHAR Signature[] = {'S','i','g','n','a','t','u','r','e','\\', 0};
static const WCHAR Certificate[] = {'C','e','r','t','i','f','i','c','a','t','e','\\', 0};
static const WCHAR CertCheck[] = {'C','e','r','t','C','h','e','c','k','\\', 0};
static const WCHAR FinalPolicy[] = {'F','i','n','a','l','P','o','l','i','c','y','\\', 0};
static const WCHAR DiagnosticPolicy[] = {'D','i','a','g','n','o','s','t','i','c','P','o','l','i','c','y','\\', 0};
static const WCHAR Cleanup[] = {'C','l','e','a','n','u','p','\\', 0};
static const WCHAR DefaultId[] = {'D','e','f','a','u','l','t','I','d', 0};
static const WCHAR Dll[] = {'$','D','L','L', 0};
/***********************************************************************
* WINTRUST_InitRegStructs
*
* Helper function to allocate and initialize the members of the
* CRYPT_TRUST_REG_ENTRY structs.
*/
static void WINTRUST_InitRegStructs(void)
{
#define WINTRUST_INITREGENTRY( action, dllname, functionname ) \
action.cbStruct = sizeof(CRYPT_TRUST_REG_ENTRY); \
action.pwszDLLName = WINTRUST_Alloc(sizeof(dllname)); \
lstrcpyW(action.pwszDLLName, dllname); \
action.pwszFunctionName = WINTRUST_Alloc(sizeof(functionname)); \
lstrcpyW(action.pwszFunctionName, functionname);
WINTRUST_INITREGENTRY(SoftpubInitialization, SP_POLICY_PROVIDER_DLL_NAME, SP_INIT_FUNCTION)
WINTRUST_INITREGENTRY(SoftpubMessage, SP_POLICY_PROVIDER_DLL_NAME, SP_OBJTRUST_FUNCTION)
WINTRUST_INITREGENTRY(SoftpubSignature, SP_POLICY_PROVIDER_DLL_NAME, SP_SIGTRUST_FUNCTION)
WINTRUST_INITREGENTRY(SoftpubCertificate, SP_POLICY_PROVIDER_DLL_NAME, WT_PROVIDER_CERTTRUST_FUNCTION)
WINTRUST_INITREGENTRY(SoftpubCertCheck, SP_POLICY_PROVIDER_DLL_NAME, SP_CHKCERT_FUNCTION)
WINTRUST_INITREGENTRY(SoftpubFinalPolicy, SP_POLICY_PROVIDER_DLL_NAME, SP_FINALPOLICY_FUNCTION)
WINTRUST_INITREGENTRY(SoftpubCleanup, SP_POLICY_PROVIDER_DLL_NAME, SP_CLEANUPPOLICY_FUNCTION)
WINTRUST_INITREGENTRY(SoftpubDefCertInit, SP_POLICY_PROVIDER_DLL_NAME, SP_GENERIC_CERT_INIT_FUNCTION)
WINTRUST_INITREGENTRY(SoftpubDumpStructure, SP_POLICY_PROVIDER_DLL_NAME, SP_TESTDUMPPOLICY_FUNCTION_TEST)
WINTRUST_INITREGENTRY(HTTPSCertificateTrust, SP_POLICY_PROVIDER_DLL_NAME, HTTPS_CERTTRUST_FUNCTION)
WINTRUST_INITREGENTRY(HTTPSFinalProv, SP_POLICY_PROVIDER_DLL_NAME, HTTPS_FINALPOLICY_FUNCTION)
WINTRUST_INITREGENTRY(OfficeInitializePolicy, OFFICE_POLICY_PROVIDER_DLL_NAME, OFFICE_INITPROV_FUNCTION)
WINTRUST_INITREGENTRY(OfficeCleanupPolicy, OFFICE_POLICY_PROVIDER_DLL_NAME, OFFICE_CLEANUPPOLICY_FUNCTION)
WINTRUST_INITREGENTRY(DriverInitializePolicy, SP_POLICY_PROVIDER_DLL_NAME, DRIVER_INITPROV_FUNCTION)
WINTRUST_INITREGENTRY(DriverFinalPolicy, SP_POLICY_PROVIDER_DLL_NAME, DRIVER_FINALPOLPROV_FUNCTION)
WINTRUST_INITREGENTRY(DriverCleanupPolicy, SP_POLICY_PROVIDER_DLL_NAME, DRIVER_CLEANUPPOLICY_FUNCTION)
WINTRUST_INITREGENTRY(GenericChainCertificateTrust, SP_POLICY_PROVIDER_DLL_NAME, GENERIC_CHAIN_CERTTRUST_FUNCTION)
WINTRUST_INITREGENTRY(GenericChainFinalProv, SP_POLICY_PROVIDER_DLL_NAME, GENERIC_CHAIN_FINALPOLICY_FUNCTION)
#undef WINTRUST_INITREGENTRY
}
/***********************************************************************
* WINTRUST_FreeRegStructs
*
* Helper function to free 2 members of the CRYPT_TRUST_REG_ENTRY
* structs.
*/
static void WINTRUST_FreeRegStructs(void)
{
#define WINTRUST_FREEREGENTRY( action ) \
WINTRUST_Free(action.pwszDLLName); \
WINTRUST_Free(action.pwszFunctionName);
WINTRUST_FREEREGENTRY(SoftpubInitialization);
WINTRUST_FREEREGENTRY(SoftpubMessage);
WINTRUST_FREEREGENTRY(SoftpubSignature);
WINTRUST_FREEREGENTRY(SoftpubCertificate);
WINTRUST_FREEREGENTRY(SoftpubCertCheck);
WINTRUST_FREEREGENTRY(SoftpubFinalPolicy);
WINTRUST_FREEREGENTRY(SoftpubCleanup);
WINTRUST_FREEREGENTRY(SoftpubDefCertInit);
WINTRUST_FREEREGENTRY(SoftpubDumpStructure);
WINTRUST_FREEREGENTRY(HTTPSCertificateTrust);
WINTRUST_FREEREGENTRY(HTTPSFinalProv);
WINTRUST_FREEREGENTRY(OfficeInitializePolicy);
WINTRUST_FREEREGENTRY(OfficeCleanupPolicy);
WINTRUST_FREEREGENTRY(DriverInitializePolicy);
WINTRUST_FREEREGENTRY(DriverFinalPolicy);
WINTRUST_FREEREGENTRY(DriverCleanupPolicy);
WINTRUST_FREEREGENTRY(GenericChainCertificateTrust);
WINTRUST_FREEREGENTRY(GenericChainFinalProv);
#undef WINTRUST_FREEREGENTRY
}
/***********************************************************************
* WINTRUST_guid2wstr
*
* Create a wide-string from a GUID
*
*/
static void WINTRUST_Guid2Wstr(const GUID* pgActionID, WCHAR* GuidString)
{
static const WCHAR wszFormat[] = {'{','%','0','8','l','X','-','%','0','4','X','-','%','0','4','X','-',
'%','0','2','X','%','0','2','X','-','%','0','2','X','%','0','2','X','%','0','2','X','%','0','2',
'X','%','0','2','X','%','0','2','X','}', 0};
wsprintfW(GuidString, wszFormat, pgActionID->Data1, pgActionID->Data2, pgActionID->Data3,
pgActionID->Data4[0], pgActionID->Data4[1], pgActionID->Data4[2], pgActionID->Data4[3],
pgActionID->Data4[4], pgActionID->Data4[5], pgActionID->Data4[6], pgActionID->Data4[7]);
}
/***********************************************************************
* WINTRUST_WriteProviderToReg
*
* Helper function for WintrustAddActionID
*
*/
static LONG WINTRUST_WriteProviderToReg(WCHAR* GuidString,
const WCHAR* FunctionType,
CRYPT_TRUST_REG_ENTRY RegEntry)
{
static const WCHAR Function[] = {'$','F','u','n','c','t','i','o','n', 0};
WCHAR ProvKey[MAX_PATH];
HKEY Key;
LONG Res = ERROR_SUCCESS;
/* Create the needed key string */
ProvKey[0]='\0';
lstrcatW(ProvKey, Trust);
lstrcatW(ProvKey, FunctionType);
lstrcatW(ProvKey, GuidString);
if (!RegEntry.pwszDLLName || !RegEntry.pwszFunctionName)
return ERROR_INVALID_PARAMETER;
Res = RegCreateKeyExW(HKEY_LOCAL_MACHINE, ProvKey, 0, NULL, 0, KEY_WRITE, NULL, &Key, NULL);
if (Res != ERROR_SUCCESS) goto error_close_key;
/* Create the $DLL entry */
Res = RegSetValueExW(Key, Dll, 0, REG_SZ, (BYTE*)RegEntry.pwszDLLName,
(lstrlenW(RegEntry.pwszDLLName) + 1)*sizeof(WCHAR));
if (Res != ERROR_SUCCESS) goto error_close_key;
/* Create the $Function entry */
Res = RegSetValueExW(Key, Function, 0, REG_SZ, (BYTE*)RegEntry.pwszFunctionName,
(lstrlenW(RegEntry.pwszFunctionName) + 1)*sizeof(WCHAR));
error_close_key:
RegCloseKey(Key);
return Res;
}
/***********************************************************************
* WintrustAddActionID (WINTRUST.@)
*
* Add the definitions of the actions a Trust provider can perform to
* the registry.
*
* PARAMS
* pgActionID [I] Pointer to a GUID for the Trust provider.
* fdwFlags [I] Flag to indicate whether registry errors are passed on.
* psProvInfo [I] Pointer to a structure with information about DLL
* name and functions.
*
* RETURNS
* Success: TRUE.
* Failure: FALSE. (Use GetLastError() for more information)
*
* NOTES
* Adding definitions is basically only adding relevant information
* to the registry. No verification takes place whether a DLL or its
* entrypoints exist.
* Information in the registry will always be overwritten.
*
*/
BOOL WINAPI WintrustAddActionID( GUID* pgActionID, DWORD fdwFlags,
CRYPT_REGISTER_ACTIONID* psProvInfo)
{
WCHAR GuidString[39];
LONG Res;
LONG WriteActionError = ERROR_SUCCESS;
TRACE("%s %lx %p\n", debugstr_guid(pgActionID), fdwFlags, psProvInfo);
/* Some sanity checks.
* We use the W2K3 last error as it makes more sense (W2K leaves the last error
* as is).
*/
if (!pgActionID ||
!psProvInfo ||
(psProvInfo->cbStruct != sizeof(CRYPT_REGISTER_ACTIONID)))
{
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
/* Create this string only once, instead of in the helper function */
WINTRUST_Guid2Wstr( pgActionID, GuidString);
/* Write the information to the registry */
Res = WINTRUST_WriteProviderToReg(GuidString, Initialization , psProvInfo->sInitProvider);
if (Res != ERROR_SUCCESS) WriteActionError = Res;
Res = WINTRUST_WriteProviderToReg(GuidString, Message , psProvInfo->sObjectProvider);
if (Res != ERROR_SUCCESS) WriteActionError = Res;
Res = WINTRUST_WriteProviderToReg(GuidString, Signature , psProvInfo->sSignatureProvider);
if (Res != ERROR_SUCCESS) WriteActionError = Res;
Res = WINTRUST_WriteProviderToReg(GuidString, Certificate , psProvInfo->sCertificateProvider);
if (Res != ERROR_SUCCESS) WriteActionError = Res;
Res = WINTRUST_WriteProviderToReg(GuidString, CertCheck , psProvInfo->sCertificatePolicyProvider);
if (Res != ERROR_SUCCESS) WriteActionError = Res;
Res = WINTRUST_WriteProviderToReg(GuidString, FinalPolicy , psProvInfo->sFinalPolicyProvider);
if (Res != ERROR_SUCCESS) WriteActionError = Res;
Res = WINTRUST_WriteProviderToReg(GuidString, DiagnosticPolicy, psProvInfo->sTestPolicyProvider);
if (Res != ERROR_SUCCESS) WriteActionError = Res;
Res = WINTRUST_WriteProviderToReg(GuidString, Cleanup , psProvInfo->sCleanupProvider);
if (Res != ERROR_SUCCESS) WriteActionError = Res;
/* Testing (by restricting access to the registry for some keys) shows that the last failing function
* will be used for last error.
* If the flag WT_ADD_ACTION_ID_RET_RESULT_FLAG is set and there are errors when adding the action
* we have to return FALSE. Errors includes both invalid entries as well as registry errors.
* Testing also showed that one error doesn't stop the registry writes. Every action will be dealt with.
*/
if (WriteActionError != ERROR_SUCCESS)
{
SetLastError(WriteActionError);
if (fdwFlags == WT_ADD_ACTION_ID_RET_RESULT_FLAG)
return FALSE;
}
return TRUE;
}
/***********************************************************************
* WINTRUST_RemoveProviderFromReg
*
* Helper function for WintrustRemoveActionID
*
*/
static void WINTRUST_RemoveProviderFromReg(WCHAR* GuidString,
const WCHAR* FunctionType)
{
WCHAR ProvKey[MAX_PATH];
/* Create the needed key string */
ProvKey[0]='\0';
lstrcatW(ProvKey, Trust);
lstrcatW(ProvKey, FunctionType);
lstrcatW(ProvKey, GuidString);
/* We don't care about success or failure */
RegDeleteKeyW(HKEY_LOCAL_MACHINE, ProvKey);
}
/***********************************************************************
* WintrustRemoveActionID (WINTRUST.@)
*
* Remove the definitions of the actions a Trust provider can perform
* from the registry.
*
* PARAMS
* pgActionID [I] Pointer to a GUID for the Trust provider.
*
* RETURNS
* Success: TRUE. (Use GetLastError() for more information)
* Failure: FALSE. (Use GetLastError() for more information)
*
* NOTES
* Testing shows that WintrustRemoveActionID always returns TRUE and
* that a possible error should be retrieved via GetLastError().
* There are no checks if the definitions are in the registry.
*/
BOOL WINAPI WintrustRemoveActionID( GUID* pgActionID )
{
WCHAR GuidString[39];
TRACE("(%s)\n", debugstr_guid(pgActionID));
if (!pgActionID)
{
SetLastError(ERROR_INVALID_PARAMETER);
return TRUE;
}
/* Create this string only once, instead of in the helper function */
WINTRUST_Guid2Wstr( pgActionID, GuidString);
/* We don't care about success or failure */
WINTRUST_RemoveProviderFromReg(GuidString, Initialization);
WINTRUST_RemoveProviderFromReg(GuidString, Message);
WINTRUST_RemoveProviderFromReg(GuidString, Signature);
WINTRUST_RemoveProviderFromReg(GuidString, Certificate);
WINTRUST_RemoveProviderFromReg(GuidString, CertCheck);
WINTRUST_RemoveProviderFromReg(GuidString, FinalPolicy);
WINTRUST_RemoveProviderFromReg(GuidString, DiagnosticPolicy);
WINTRUST_RemoveProviderFromReg(GuidString, Cleanup);
return TRUE;
}
/***********************************************************************
* WINTRUST_WriteSingleUsageEntry
*
* Helper for WintrustAddDefaultForUsage, writes a single value and its
* data to:
*
* HKLM\Software\Microsoft\Cryptography\Trust\Usages\<OID>
*/
static LONG WINTRUST_WriteSingleUsageEntry(LPCSTR OID,
const WCHAR* Value,
WCHAR* Data)
{
static const WCHAR Usages[] = {'U','s','a','g','e','s','\\', 0};
WCHAR* UsageKey;
HKEY Key;
LONG Res = ERROR_SUCCESS;
WCHAR* OIDW;
DWORD Len;
/* Turn OID into a wide-character string */
Len = MultiByteToWideChar( CP_ACP, 0, OID, -1, NULL, 0 );
OIDW = WINTRUST_Alloc( Len * sizeof(WCHAR) );
MultiByteToWideChar( CP_ACP, 0, OID, -1, OIDW, Len );
/* Allocate the needed space for UsageKey */
UsageKey = WINTRUST_Alloc((lstrlenW(Trust) + lstrlenW(Usages) + Len) * sizeof(WCHAR));
/* Create the key string */
lstrcpyW(UsageKey, Trust);
lstrcatW(UsageKey, Usages);
lstrcatW(UsageKey, OIDW);
Res = RegCreateKeyExW(HKEY_LOCAL_MACHINE, UsageKey, 0, NULL, 0, KEY_WRITE, NULL, &Key, NULL);
if (Res == ERROR_SUCCESS)
{
/* Create the Value entry */
Res = RegSetValueExW(Key, Value, 0, REG_SZ, (BYTE*)Data,
(lstrlenW(Data) + 1)*sizeof(WCHAR));
}
RegCloseKey(Key);
WINTRUST_Free(OIDW);
WINTRUST_Free(UsageKey);
return Res;
}
/***************************************************************************
* WINTRUST_RegisterGenVerifyV2
*
* Register WINTRUST_ACTION_GENERIC_VERIFY_V2 actions and usages.
*
* NOTES
* WINTRUST_ACTION_GENERIC_VERIFY_V2 ({00AAC56B-CD44-11D0-8CC2-00C04FC295EE}
* is defined in softpub.h
*/
static BOOL WINTRUST_RegisterGenVerifyV2(void)
{
BOOL RegisteredOK = TRUE;
static GUID ProvGUID = WINTRUST_ACTION_GENERIC_VERIFY_V2;
CRYPT_REGISTER_ACTIONID ProvInfo;
CRYPT_PROVIDER_REGDEFUSAGE DefUsage = { sizeof(CRYPT_PROVIDER_REGDEFUSAGE),
&ProvGUID,
NULL, /* No Dll provided */
NULL, /* No load callback function */
NULL }; /* No free callback function */
ProvInfo.cbStruct = sizeof(CRYPT_REGISTER_ACTIONID);
ProvInfo.sInitProvider = SoftpubInitialization;
ProvInfo.sObjectProvider = SoftpubMessage;
ProvInfo.sSignatureProvider = SoftpubSignature;
ProvInfo.sCertificateProvider = SoftpubCertificate;
ProvInfo.sCertificatePolicyProvider = SoftpubCertCheck;
ProvInfo.sFinalPolicyProvider = SoftpubFinalPolicy;
ProvInfo.sTestPolicyProvider = NullCTRE; /* No diagnostic policy */
ProvInfo.sCleanupProvider = SoftpubCleanup;
if (!WintrustAddDefaultForUsage(szOID_PKIX_KP_CODE_SIGNING, &DefUsage))
RegisteredOK = FALSE;
if (!WintrustAddActionID(&ProvGUID, 0, &ProvInfo))
RegisteredOK = FALSE;
return RegisteredOK;
}
/***************************************************************************
* WINTRUST_RegisterPublishedSoftware
*
* Register WIN_SPUB_ACTION_PUBLISHED_SOFTWARE actions and usages.
*
* NOTES
* WIN_SPUB_ACTION_PUBLISHED_SOFTWARE ({64B9D180-8DA2-11CF-8736-00AA00A485EB})
* is defined in wintrust.h
*/
static BOOL WINTRUST_RegisterPublishedSoftware(void)
{
static GUID ProvGUID = WIN_SPUB_ACTION_PUBLISHED_SOFTWARE;
CRYPT_REGISTER_ACTIONID ProvInfo;
ProvInfo.cbStruct = sizeof(CRYPT_REGISTER_ACTIONID);
ProvInfo.sInitProvider = SoftpubInitialization;
ProvInfo.sObjectProvider = SoftpubMessage;
ProvInfo.sSignatureProvider = SoftpubSignature;
ProvInfo.sCertificateProvider = SoftpubCertificate;
ProvInfo.sCertificatePolicyProvider = SoftpubCertCheck;
ProvInfo.sFinalPolicyProvider = SoftpubFinalPolicy;
ProvInfo.sTestPolicyProvider = NullCTRE; /* No diagnostic policy */
ProvInfo.sCleanupProvider = SoftpubCleanup;
if (!WintrustAddActionID(&ProvGUID, 0, &ProvInfo))
return FALSE;
return TRUE;
}
#define WIN_SPUB_ACTION_PUBLISHED_SOFTWARE_NOBADUI { 0xc6b2e8d0, 0xe005, 0x11cf, { 0xa1,0x34,0x00,0xc0,0x4f,0xd7,0xbf,0x43 }}
/***************************************************************************
* WINTRUST_RegisterPublishedSoftwareNoBadUi
*
* Register WIN_SPUB_ACTION_PUBLISHED_SOFTWARE_NOBADUI actions and usages.
*
* NOTES
* WIN_SPUB_ACTION_PUBLISHED_SOFTWARE_NOBADUI ({C6B2E8D0-E005-11CF-A134-00C04FD7BF43})
* is not defined in any include file. (FIXME: Find out if the name is correct).
*/
static BOOL WINTRUST_RegisterPublishedSoftwareNoBadUi(void)
{
static GUID ProvGUID = WIN_SPUB_ACTION_PUBLISHED_SOFTWARE_NOBADUI;
CRYPT_REGISTER_ACTIONID ProvInfo;
ProvInfo.cbStruct = sizeof(CRYPT_REGISTER_ACTIONID);
ProvInfo.sInitProvider = SoftpubInitialization;
ProvInfo.sObjectProvider = SoftpubMessage;
ProvInfo.sSignatureProvider = SoftpubSignature;
ProvInfo.sCertificateProvider = SoftpubCertificate;
ProvInfo.sCertificatePolicyProvider = SoftpubCertCheck;
ProvInfo.sFinalPolicyProvider = SoftpubFinalPolicy;
ProvInfo.sTestPolicyProvider = NullCTRE; /* No diagnostic policy */
ProvInfo.sCleanupProvider = SoftpubCleanup;
if (!WintrustAddActionID(&ProvGUID, 0, &ProvInfo))
return FALSE;
return TRUE;
}
/***************************************************************************
* WINTRUST_RegisterGenCertVerify
*
* Register WINTRUST_ACTION_GENERIC_CERT_VERIFY actions and usages.
*
* NOTES
* WINTRUST_ACTION_GENERIC_CERT_VERIFY ({189A3842-3041-11D1-85E1-00C04FC295EE})
* is defined in softpub.h
*/
static BOOL WINTRUST_RegisterGenCertVerify(void)
{
static GUID ProvGUID = WINTRUST_ACTION_GENERIC_CERT_VERIFY;
CRYPT_REGISTER_ACTIONID ProvInfo;
ProvInfo.cbStruct = sizeof(CRYPT_REGISTER_ACTIONID);
ProvInfo.sInitProvider = SoftpubDefCertInit;
ProvInfo.sObjectProvider = SoftpubMessage;
ProvInfo.sSignatureProvider = SoftpubSignature;
ProvInfo.sCertificateProvider = SoftpubCertificate;
ProvInfo.sCertificatePolicyProvider = SoftpubCertCheck;
ProvInfo.sFinalPolicyProvider = SoftpubFinalPolicy;
ProvInfo.sTestPolicyProvider = NullCTRE; /* No diagnostic policy */
ProvInfo.sCleanupProvider = SoftpubCleanup;
if (!WintrustAddActionID(&ProvGUID, 0, &ProvInfo))
return FALSE;
return TRUE;
}
/***************************************************************************
* WINTRUST_RegisterTrustProviderTest
*
* Register WINTRUST_ACTION_TRUSTPROVIDER_TEST actions and usages.
*
* NOTES
* WINTRUST_ACTION_TRUSTPROVIDER_TEST ({573E31F8-DDBA-11D0-8CCB-00C04FC295EE})
* is defined in softpub.h
*/
static BOOL WINTRUST_RegisterTrustProviderTest(void)
{
static GUID ProvGUID = WINTRUST_ACTION_TRUSTPROVIDER_TEST;
CRYPT_REGISTER_ACTIONID ProvInfo;
ProvInfo.cbStruct = sizeof(CRYPT_REGISTER_ACTIONID);
ProvInfo.sInitProvider = SoftpubInitialization;
ProvInfo.sObjectProvider = SoftpubMessage;
ProvInfo.sSignatureProvider = SoftpubSignature;
ProvInfo.sCertificateProvider = SoftpubCertificate;
ProvInfo.sCertificatePolicyProvider = SoftpubCertCheck;
ProvInfo.sFinalPolicyProvider = SoftpubFinalPolicy;
ProvInfo.sTestPolicyProvider = SoftpubDumpStructure;
ProvInfo.sCleanupProvider = SoftpubCleanup;
if (!WintrustAddActionID(&ProvGUID, 0, &ProvInfo))
return FALSE;
return TRUE;
}
/***************************************************************************
* WINTRUST_RegisterHttpsProv
*
* Register HTTPSPROV_ACTION actions and usages.
*
* NOTES
* HTTPSPROV_ACTION ({573E31F8-AABA-11D0-8CCB-00C04FC295EE})
* is defined in softpub.h
*/
static BOOL WINTRUST_RegisterHttpsProv(void)
{
BOOL RegisteredOK = TRUE;
static CHAR SoftpubLoadUsage[] = "SoftpubLoadDefUsageCallData";
static CHAR SoftpubFreeUsage[] = "SoftpubFreeDefUsageCallData";
static GUID ProvGUID = HTTPSPROV_ACTION;
CRYPT_REGISTER_ACTIONID ProvInfo;
CRYPT_PROVIDER_REGDEFUSAGE DefUsage = { sizeof(CRYPT_PROVIDER_REGDEFUSAGE),
&ProvGUID,
NULL, /* Will be filled later */
SoftpubLoadUsage,
SoftpubFreeUsage };
ProvInfo.cbStruct = sizeof(CRYPT_REGISTER_ACTIONID);
ProvInfo.sInitProvider = SoftpubInitialization;
ProvInfo.sObjectProvider = SoftpubMessage;
ProvInfo.sSignatureProvider = SoftpubSignature;
ProvInfo.sCertificateProvider = HTTPSCertificateTrust;
ProvInfo.sCertificatePolicyProvider = SoftpubCertCheck;
ProvInfo.sFinalPolicyProvider = HTTPSFinalProv;
ProvInfo.sTestPolicyProvider = NullCTRE; /* No diagnostic policy */
ProvInfo.sCleanupProvider = SoftpubCleanup;
DefUsage.pwszDllName = WINTRUST_Alloc(sizeof(SP_POLICY_PROVIDER_DLL_NAME));
lstrcpyW(DefUsage.pwszDllName, SP_POLICY_PROVIDER_DLL_NAME);
if (!WintrustAddDefaultForUsage(szOID_PKIX_KP_SERVER_AUTH, &DefUsage))
RegisteredOK = FALSE;
if (!WintrustAddDefaultForUsage(szOID_PKIX_KP_CLIENT_AUTH, &DefUsage))
RegisteredOK = FALSE;
if (!WintrustAddDefaultForUsage(szOID_SERVER_GATED_CRYPTO, &DefUsage))
RegisteredOK = FALSE;
if (!WintrustAddDefaultForUsage(szOID_SGC_NETSCAPE, &DefUsage))
RegisteredOK = FALSE;
WINTRUST_Free(DefUsage.pwszDllName);
if (!WintrustAddActionID(&ProvGUID, 0, &ProvInfo))
RegisteredOK = FALSE;
return RegisteredOK;
}
/***************************************************************************
* WINTRUST_RegisterOfficeSignVerify
*
* Register OFFICESIGN_ACTION_VERIFY actions and usages.
*
* NOTES
* OFFICESIGN_ACTION_VERIFY ({5555C2CD-17FB-11D1-85C4-00C04FC295EE})
* is defined in softpub.h
*/
static BOOL WINTRUST_RegisterOfficeSignVerify(void)
{
static GUID ProvGUID = OFFICESIGN_ACTION_VERIFY;
CRYPT_REGISTER_ACTIONID ProvInfo;
ProvInfo.cbStruct = sizeof(CRYPT_REGISTER_ACTIONID);
ProvInfo.sInitProvider = OfficeInitializePolicy;
ProvInfo.sObjectProvider = SoftpubMessage;
ProvInfo.sSignatureProvider = SoftpubSignature;
ProvInfo.sCertificateProvider = SoftpubCertificate;
ProvInfo.sCertificatePolicyProvider = SoftpubCertCheck;
ProvInfo.sFinalPolicyProvider = SoftpubFinalPolicy;
ProvInfo.sTestPolicyProvider = NullCTRE; /* No diagnostic policy */
ProvInfo.sCleanupProvider = OfficeCleanupPolicy;
if (!WintrustAddActionID(&ProvGUID, 0, &ProvInfo))
return FALSE;
return TRUE;
}
/***************************************************************************
* WINTRUST_RegisterDriverVerify
*
* Register DRIVER_ACTION_VERIFY actions and usages.
*
* NOTES
* DRIVER_ACTION_VERIFY ({F750E6C3-38EE-11D1-85E5-00C04FC295EE})
* is defined in softpub.h
*/
static BOOL WINTRUST_RegisterDriverVerify(void)
{
static GUID ProvGUID = DRIVER_ACTION_VERIFY;
CRYPT_REGISTER_ACTIONID ProvInfo;
ProvInfo.cbStruct = sizeof(CRYPT_REGISTER_ACTIONID);
ProvInfo.sInitProvider = DriverInitializePolicy;
ProvInfo.sObjectProvider = SoftpubMessage;
ProvInfo.sSignatureProvider = SoftpubSignature;
ProvInfo.sCertificateProvider = SoftpubCertificate;
ProvInfo.sCertificatePolicyProvider = SoftpubCertCheck;
ProvInfo.sFinalPolicyProvider = DriverFinalPolicy;
ProvInfo.sTestPolicyProvider = NullCTRE; /* No diagnostic policy */
ProvInfo.sCleanupProvider = DriverCleanupPolicy;
if (!WintrustAddActionID(&ProvGUID, 0, &ProvInfo))
return FALSE;
return TRUE;
}
/***************************************************************************
* WINTRUST_RegisterGenChainVerify
*
* Register WINTRUST_ACTION_GENERIC_CHAIN_VERIFY actions and usages.
*
* NOTES
* WINTRUST_ACTION_GENERIC_CHAIN_VERIFY ({FC451C16-AC75-11D1-B4B8-00C04FB66EA0})
* is defined in softpub.h
*/
static BOOL WINTRUST_RegisterGenChainVerify(void)
{
static GUID ProvGUID = WINTRUST_ACTION_GENERIC_CHAIN_VERIFY;
CRYPT_REGISTER_ACTIONID ProvInfo;
ProvInfo.cbStruct = sizeof(CRYPT_REGISTER_ACTIONID);
ProvInfo.sInitProvider = SoftpubInitialization;
ProvInfo.sObjectProvider = SoftpubMessage;
ProvInfo.sSignatureProvider = SoftpubSignature;
ProvInfo.sCertificateProvider = GenericChainCertificateTrust;
ProvInfo.sCertificatePolicyProvider = SoftpubCertCheck;
ProvInfo.sFinalPolicyProvider = GenericChainFinalProv;
ProvInfo.sTestPolicyProvider = NullCTRE; /* No diagnostic policy */
ProvInfo.sCleanupProvider = SoftpubCleanup;
if (!WintrustAddActionID(&ProvGUID, 0, &ProvInfo))
return FALSE;
return TRUE;
}
/***********************************************************************
* WintrustAddDefaultForUsage (WINTRUST.@)
*
* Write OID and callback functions to the registry.
*
* PARAMS
* pszUsageOID [I] Pointer to a GUID.
* psDefUsage [I] Pointer to a structure that specifies the callback functions.
*
* RETURNS
* Success: TRUE.
* Failure: FALSE.
*
* NOTES
* WintrustAddDefaultForUsage will only return TRUE or FALSE, no last
* error is set, not even when the registry cannot be written to.
*/
BOOL WINAPI WintrustAddDefaultForUsage(const char *pszUsageOID,
CRYPT_PROVIDER_REGDEFUSAGE *psDefUsage)
{
static const WCHAR CBAlloc[] = {'C','a','l','l','b','a','c','k','A','l','l','o','c','F','u','n','c','t','i','o','n', 0};
static const WCHAR CBFree[] = {'C','a','l','l','b','a','c','k','F','r','e','e','F','u','n','c','t','i','o','n', 0};
LONG Res = ERROR_SUCCESS;
LONG WriteUsageError = ERROR_SUCCESS;
DWORD Len;
WCHAR GuidString[39];
TRACE("(%s %p)\n", debugstr_a(pszUsageOID), psDefUsage);
/* Some sanity checks. */
if (!pszUsageOID ||
!psDefUsage ||
!psDefUsage->pgActionID ||
(psDefUsage->cbStruct != sizeof(CRYPT_PROVIDER_REGDEFUSAGE)))
{
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
if (psDefUsage->pwszDllName)
{
Res = WINTRUST_WriteSingleUsageEntry(pszUsageOID, Dll, psDefUsage->pwszDllName);
if (Res != ERROR_SUCCESS) WriteUsageError = Res;
}
if (psDefUsage->pwszLoadCallbackDataFunctionName)
{
WCHAR* CallbackW;
Len = MultiByteToWideChar( CP_ACP, 0, psDefUsage->pwszLoadCallbackDataFunctionName, -1, NULL, 0 );
CallbackW = WINTRUST_Alloc( Len * sizeof(WCHAR) );
MultiByteToWideChar( CP_ACP, 0, psDefUsage->pwszLoadCallbackDataFunctionName, -1, CallbackW, Len );
Res = WINTRUST_WriteSingleUsageEntry(pszUsageOID, CBAlloc, CallbackW);
if (Res != ERROR_SUCCESS) WriteUsageError = Res;
WINTRUST_Free(CallbackW);
}
if (psDefUsage->pwszFreeCallbackDataFunctionName)
{
WCHAR* CallbackW;
Len = MultiByteToWideChar( CP_ACP, 0, psDefUsage->pwszFreeCallbackDataFunctionName, -1, NULL, 0 );
CallbackW = WINTRUST_Alloc( Len * sizeof(WCHAR) );
MultiByteToWideChar( CP_ACP, 0, psDefUsage->pwszFreeCallbackDataFunctionName, -1, CallbackW, Len );
Res = WINTRUST_WriteSingleUsageEntry(pszUsageOID, CBFree, CallbackW);
if (Res != ERROR_SUCCESS) WriteUsageError = Res;
WINTRUST_Free(CallbackW);
}
WINTRUST_Guid2Wstr(psDefUsage->pgActionID, GuidString);
Res = WINTRUST_WriteSingleUsageEntry(pszUsageOID, DefaultId, GuidString);
if (Res != ERROR_SUCCESS) WriteUsageError = Res;
if (WriteUsageError != ERROR_SUCCESS)
return FALSE;
return TRUE;
}
static FARPROC WINTRUST_ReadProviderFromReg(WCHAR *GuidString, const WCHAR *FunctionType)
{
WCHAR ProvKey[MAX_PATH], DllName[MAX_PATH];
char FunctionName[MAX_PATH];
HKEY Key;
LONG Res = ERROR_SUCCESS;
DWORD Size;
HMODULE Lib;
FARPROC Func = NULL;
/* Create the needed key string */
ProvKey[0]='\0';
lstrcatW(ProvKey, Trust);
lstrcatW(ProvKey, FunctionType);
lstrcatW(ProvKey, GuidString);
Res = RegOpenKeyExW(HKEY_LOCAL_MACHINE, ProvKey, 0, KEY_READ, &Key);
if (Res != ERROR_SUCCESS) return NULL;
/* Read the $DLL entry */
Size = sizeof(DllName);
Res = RegQueryValueExW(Key, Dll, NULL, NULL, (LPBYTE)DllName, &Size);
if (Res != ERROR_SUCCESS) goto error_close_key;
/* Read the $Function entry */
Size = sizeof(FunctionName);
Res = RegQueryValueExA(Key, "$Function", NULL, NULL, (LPBYTE)FunctionName, &Size);
if (Res != ERROR_SUCCESS) goto error_close_key;
/* Load the library - there appears to be no way to close a provider, so
* just leak the module handle.
*/
Lib = LoadLibraryW(DllName);
Func = GetProcAddress(Lib, FunctionName);
error_close_key:
RegCloseKey(Key);
return Func;
}
static CRITICAL_SECTION cache_cs;
static CRITICAL_SECTION_DEBUG cache_cs_debug =
{
0, 0, &cache_cs,
{ &cache_cs_debug.ProcessLocksList, &cache_cs_debug.ProcessLocksList },
0, 0, { (DWORD_PTR)(__FILE__ ": cache_cs") }
};
static CRITICAL_SECTION cache_cs = { &cache_cs_debug, -1, 0, 0, 0, 0 };
static struct provider_cache_entry
{
GUID guid;
CRYPT_PROVIDER_FUNCTIONS provider_functions;
}
*provider_cache;
static unsigned int provider_cache_size;
/***********************************************************************
* WintrustLoadFunctionPointers (WINTRUST.@)
*/
BOOL WINAPI WintrustLoadFunctionPointers( GUID* pgActionID,
CRYPT_PROVIDER_FUNCTIONS* pPfns )
{
WCHAR GuidString[39];
BOOL cached = FALSE;
unsigned int i;
TRACE("(%s %p)\n", debugstr_guid(pgActionID), pPfns);
if (!pPfns) return FALSE;
if (!pgActionID)
{
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
if (pPfns->cbStruct != sizeof(CRYPT_PROVIDER_FUNCTIONS)) return FALSE;
EnterCriticalSection( &cache_cs );
for (i = 0; i < provider_cache_size; ++i)
{
if (IsEqualGUID( &provider_cache[i].guid, pgActionID ))
{
TRACE( "Using cached data.\n" );
*pPfns = provider_cache[i].provider_functions;
cached = TRUE;
break;
}
}
LeaveCriticalSection( &cache_cs );
if (cached) return TRUE;
/* Create this string only once, instead of in the helper function */
WINTRUST_Guid2Wstr( pgActionID, GuidString);
/* Get the function pointers from the registry, where applicable */
pPfns->pfnAlloc = WINTRUST_Alloc;
pPfns->pfnFree = WINTRUST_Free;
pPfns->pfnAddStore2Chain = WINTRUST_AddStore;
pPfns->pfnAddSgnr2Chain = WINTRUST_AddSgnr;
pPfns->pfnAddCert2Chain = WINTRUST_AddCert;
pPfns->pfnAddPrivData2Chain = WINTRUST_AddPrivData;
pPfns->psUIpfns = NULL;
pPfns->pfnInitialize = (PFN_PROVIDER_INIT_CALL)WINTRUST_ReadProviderFromReg(GuidString, Initialization);
pPfns->pfnObjectTrust = (PFN_PROVIDER_OBJTRUST_CALL)WINTRUST_ReadProviderFromReg(GuidString, Message);
pPfns->pfnSignatureTrust = (PFN_PROVIDER_SIGTRUST_CALL)WINTRUST_ReadProviderFromReg(GuidString, Signature);
pPfns->pfnCertificateTrust = (PFN_PROVIDER_CERTTRUST_CALL)WINTRUST_ReadProviderFromReg(GuidString, Certificate);
pPfns->pfnCertCheckPolicy = (PFN_PROVIDER_CERTCHKPOLICY_CALL)WINTRUST_ReadProviderFromReg(GuidString, CertCheck);
pPfns->pfnFinalPolicy = (PFN_PROVIDER_FINALPOLICY_CALL)WINTRUST_ReadProviderFromReg(GuidString, FinalPolicy);
pPfns->pfnTestFinalPolicy = (PFN_PROVIDER_TESTFINALPOLICY_CALL)WINTRUST_ReadProviderFromReg(GuidString, DiagnosticPolicy);
pPfns->pfnCleanupPolicy = (PFN_PROVIDER_CLEANUP_CALL)WINTRUST_ReadProviderFromReg(GuidString, Cleanup);
EnterCriticalSection( &cache_cs );
for (i = 0; i < provider_cache_size; ++i)
if (IsEqualGUID( &provider_cache[i].guid, pgActionID )) break;
if (i == provider_cache_size)
{
struct provider_cache_entry *new;
new = realloc( provider_cache, (provider_cache_size + 1) * sizeof(*new) );
if (new)
{
provider_cache = new;
provider_cache[provider_cache_size].guid = *pgActionID;
provider_cache[provider_cache_size].provider_functions = *pPfns;
++provider_cache_size;
}
}
LeaveCriticalSection( &cache_cs );
return TRUE;
}
/***********************************************************************
* WINTRUST_SIPPAddProvider
*
* Helper for DllRegisterServer.
*/
static BOOL WINTRUST_SIPPAddProvider(GUID* Subject, WCHAR* MagicNumber)
{
static WCHAR CryptSIPGetSignedDataMsg[] =
{'C','r','y','p','t','S','I','P','G','e','t','S','i','g','n','e','d','D','a','t','a','M','s','g', 0};
static WCHAR CryptSIPPutSignedDataMsg[] =
{'C','r','y','p','t','S','I','P','P','u','t','S','i','g','n','e','d','D','a','t','a','M','s','g', 0};
static WCHAR CryptSIPCreateIndirectData[] =
{'C','r','y','p','t','S','I','P','C','r','e','a','t','e','I','n','d','i','r','e','c','t','D','a','t','a', 0};
static WCHAR CryptSIPVerifyIndirectData[] =
{'C','r','y','p','t','S','I','P','V','e','r','i','f','y','I','n','d','i','r','e','c','t','D','a','t','a', 0};
static WCHAR CryptSIPRemoveSignedDataMsg[] =
{'C','r','y','p','t','S','I','P','R','e','m','o','v','e','S','i','g','n','e','d','D','a','t','a','M','s','g', 0};
SIP_ADD_NEWPROVIDER NewProv;
BOOL Ret;
/* Clear and initialize the structure */
memset(&NewProv, 0, sizeof(SIP_ADD_NEWPROVIDER));
NewProv.cbStruct = sizeof(SIP_ADD_NEWPROVIDER);
NewProv.pwszDLLFileName = WINTRUST_Alloc(sizeof(SP_POLICY_PROVIDER_DLL_NAME));
/* Fill the structure */
NewProv.pgSubject = Subject;
lstrcpyW(NewProv.pwszDLLFileName, SP_POLICY_PROVIDER_DLL_NAME);
NewProv.pwszMagicNumber = MagicNumber;
NewProv.pwszIsFunctionName = NULL;
NewProv.pwszGetFuncName = CryptSIPGetSignedDataMsg;
NewProv.pwszPutFuncName = CryptSIPPutSignedDataMsg;
NewProv.pwszCreateFuncName = CryptSIPCreateIndirectData;
NewProv.pwszVerifyFuncName = CryptSIPVerifyIndirectData;
NewProv.pwszRemoveFuncName = CryptSIPRemoveSignedDataMsg;
NewProv.pwszIsFunctionNameFmt2 = NULL;
NewProv.pwszGetCapFuncName = NULL;
Ret = CryptSIPAddProvider(&NewProv);
WINTRUST_Free(NewProv.pwszDLLFileName);
return Ret;
}
/***********************************************************************
* DllRegisterServer (WINTRUST.@)
*/
HRESULT WINAPI DllRegisterServer(void)
{
static const CHAR SpcPeImageDataEncode[] = "WVTAsn1SpcPeImageDataEncode";
static const CHAR SpcPeImageDataDecode[] = "WVTAsn1SpcPeImageDataDecode";
static const CHAR SpcLinkEncode[] = "WVTAsn1SpcLinkEncode";
static const CHAR SpcLinkDecode[] = "WVTAsn1SpcLinkDecode";
static const CHAR SpcSigInfoEncode[] = "WVTAsn1SpcSigInfoEncode";
static const CHAR SpcSigInfoDecode[] = "WVTAsn1SpcSigInfoDecode";
static const CHAR SpcIndirectDataContentEncode[] = "WVTAsn1SpcIndirectDataContentEncode";
static const CHAR SpcIndirectDataContentDecode[] = "WVTAsn1SpcIndirectDataContentDecode";
static const CHAR SpcSpAgencyInfoEncode[] = "WVTAsn1SpcSpAgencyInfoEncode";
static const CHAR SpcSpAgencyInfoDecode[] = "WVTAsn1SpcSpAgencyInfoDecode";
static const CHAR SpcMinimalCriteriaInfoEncode[] = "WVTAsn1SpcMinimalCriteriaInfoEncode";
static const CHAR SpcMinimalCriteriaInfoDecode[] = "WVTAsn1SpcMinimalCriteriaInfoDecode";
static const CHAR SpcFinancialCriteriaInfoEncode[] = "WVTAsn1SpcFinancialCriteriaInfoEncode";
static const CHAR SpcFinancialCriteriaInfoDecode[] = "WVTAsn1SpcFinancialCriteriaInfoDecode";
static const CHAR SpcStatementTypeEncode[] = "WVTAsn1SpcStatementTypeEncode";
static const CHAR SpcStatementTypeDecode[] = "WVTAsn1SpcStatementTypeDecode";
static const CHAR CatNameValueEncode[] = "WVTAsn1CatNameValueEncode";
static const CHAR CatNameValueDecode[] = "WVTAsn1CatNameValueDecode";
static const CHAR CatMemberInfoEncode[] = "WVTAsn1CatMemberInfoEncode";
static const CHAR CatMemberInfoDecode[] = "WVTAsn1CatMemberInfoDecode";
static const CHAR SpcSpOpusInfoEncode[] = "WVTAsn1SpcSpOpusInfoEncode";
static const CHAR SpcSpOpusInfoDecode[] = "WVTAsn1SpcSpOpusInfoDecode";
static GUID Unknown1 = { 0xDE351A42, 0x8E59, 0x11D0, { 0x8C,0x47,0x00,0xC0,0x4F,0xC2,0x95,0xEE }};
static GUID Unknown2 = { 0xC689AABA, 0x8E78, 0x11D0, { 0x8C,0x47,0x00,0xC0,0x4F,0xC2,0x95,0xEE }};
static GUID Unknown3 = { 0xC689AAB8, 0x8E78, 0x11D0, { 0x8C,0x47,0x00,0xC0,0x4F,0xC2,0x95,0xEE }};
static GUID Unknown4 = { 0xC689AAB9, 0x8E78, 0x11D0, { 0x8C,0x47,0x00,0xC0,0x4F,0xC2,0x95,0xEE }};
static GUID Unknown5 = { 0xDE351A43, 0x8E59, 0x11D0, { 0x8C,0x47,0x00,0xC0,0x4F,0xC2,0x95,0xEE }};
static GUID Unknown6 = { 0x9BA61D3F, 0xE73A, 0x11D0, { 0x8C,0xD2,0x00,0xC0,0x4F,0xC2,0x95,0xEE }};
static WCHAR MagicNumber2[] = {'M','S','C','F', 0};
static WCHAR MagicNumber3[] = {'0','x','0','0','0','0','4','5','5','0', 0};
static WCHAR CafeBabe[] = {'0','x','c','a','f','e','b','a','b','e', 0};
HRESULT CryptRegisterRes = S_OK;
HRESULT TrustProviderRes = S_OK;
HRESULT SIPAddProviderRes = S_OK;
HCRYPTPROV crypt_provider;
BOOL ret;
TRACE("\n");
/* Testing on native shows that when an error is encountered in one of the CryptRegisterOIDFunction calls
* the rest of these calls are skipped. Registering is however continued for the trust providers.
*
* We are not totally in line with native as all decoding functions are registered after all encoding
* functions there.
*/
#define WINTRUST_REGISTEROID( oid, encode_funcname, decode_funcname ) \
do { \
if (!CryptRegisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_ENCODE_OBJECT_FUNC, oid, SP_POLICY_PROVIDER_DLL_NAME, encode_funcname)) \
{ \
CryptRegisterRes = HRESULT_FROM_WIN32(GetLastError()); \
goto add_trust_providers; \
} \
if (!CryptRegisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_DECODE_OBJECT_FUNC, oid, SP_POLICY_PROVIDER_DLL_NAME, decode_funcname)) \
{ \
CryptRegisterRes = HRESULT_FROM_WIN32(GetLastError()); \
goto add_trust_providers; \
} \
} while (0)
WINTRUST_REGISTEROID(SPC_PE_IMAGE_DATA_OBJID, SpcPeImageDataEncode, SpcPeImageDataDecode);
WINTRUST_REGISTEROID(SPC_PE_IMAGE_DATA_STRUCT, SpcPeImageDataEncode, SpcPeImageDataDecode);
WINTRUST_REGISTEROID(SPC_CAB_DATA_OBJID, SpcLinkEncode, SpcLinkDecode);
WINTRUST_REGISTEROID(SPC_CAB_DATA_STRUCT, SpcLinkEncode, SpcLinkDecode);
WINTRUST_REGISTEROID(SPC_JAVA_CLASS_DATA_OBJID, SpcLinkEncode, SpcLinkDecode);
WINTRUST_REGISTEROID(SPC_JAVA_CLASS_DATA_STRUCT, SpcLinkEncode, SpcLinkDecode);
WINTRUST_REGISTEROID(SPC_LINK_OBJID, SpcLinkEncode, SpcLinkDecode);
WINTRUST_REGISTEROID(SPC_LINK_STRUCT, SpcLinkEncode, SpcLinkDecode);
WINTRUST_REGISTEROID(SPC_SIGINFO_OBJID, SpcSigInfoEncode, SpcSigInfoDecode);
WINTRUST_REGISTEROID(SPC_SIGINFO_STRUCT, SpcSigInfoEncode, SpcSigInfoDecode);
WINTRUST_REGISTEROID(SPC_INDIRECT_DATA_OBJID, SpcIndirectDataContentEncode, SpcIndirectDataContentDecode);
WINTRUST_REGISTEROID(SPC_INDIRECT_DATA_CONTENT_STRUCT, SpcIndirectDataContentEncode, SpcIndirectDataContentDecode);
WINTRUST_REGISTEROID(SPC_SP_AGENCY_INFO_OBJID, SpcSpAgencyInfoEncode, SpcSpAgencyInfoDecode);
WINTRUST_REGISTEROID(SPC_SP_AGENCY_INFO_STRUCT, SpcSpAgencyInfoEncode, SpcSpAgencyInfoDecode);
WINTRUST_REGISTEROID(SPC_MINIMAL_CRITERIA_OBJID, SpcMinimalCriteriaInfoEncode, SpcMinimalCriteriaInfoDecode);
WINTRUST_REGISTEROID(SPC_MINIMAL_CRITERIA_STRUCT, SpcMinimalCriteriaInfoEncode, SpcMinimalCriteriaInfoDecode);
WINTRUST_REGISTEROID(SPC_FINANCIAL_CRITERIA_OBJID, SpcFinancialCriteriaInfoEncode, SpcFinancialCriteriaInfoDecode);
WINTRUST_REGISTEROID(SPC_FINANCIAL_CRITERIA_STRUCT, SpcFinancialCriteriaInfoEncode, SpcFinancialCriteriaInfoDecode);
WINTRUST_REGISTEROID(SPC_STATEMENT_TYPE_OBJID, SpcStatementTypeEncode, SpcStatementTypeDecode);
WINTRUST_REGISTEROID(SPC_STATEMENT_TYPE_STRUCT, SpcStatementTypeEncode, SpcStatementTypeDecode);
WINTRUST_REGISTEROID(CAT_NAMEVALUE_OBJID, CatNameValueEncode, CatNameValueDecode);
WINTRUST_REGISTEROID(CAT_NAMEVALUE_STRUCT, CatNameValueEncode, CatNameValueDecode);
WINTRUST_REGISTEROID(CAT_MEMBERINFO_OBJID, CatMemberInfoEncode, CatMemberInfoDecode);
WINTRUST_REGISTEROID(CAT_MEMBERINFO_STRUCT, CatMemberInfoEncode, CatMemberInfoDecode);
WINTRUST_REGISTEROID(SPC_SP_OPUS_INFO_OBJID, SpcSpOpusInfoEncode, SpcSpOpusInfoDecode);
WINTRUST_REGISTEROID(SPC_SP_OPUS_INFO_STRUCT, SpcSpOpusInfoEncode, SpcSpOpusInfoDecode);
#undef WINTRUST_REGISTEROID
add_trust_providers:
/* Testing on W2K3 shows:
* All registry writes are tried. If one fails this part will return S_FALSE.
*
* Last error is set to the last error encountered, regardless if the first
* part failed or not.
*/
/* Create the necessary action registry structures */
WINTRUST_InitRegStructs();
/* Register several Trust Provider actions */
if (!WINTRUST_RegisterGenVerifyV2())
TrustProviderRes = S_FALSE;
if (!WINTRUST_RegisterPublishedSoftware())
TrustProviderRes = S_FALSE;
if (!WINTRUST_RegisterPublishedSoftwareNoBadUi())
TrustProviderRes = S_FALSE;
if (!WINTRUST_RegisterGenCertVerify())
TrustProviderRes = S_FALSE;
if (!WINTRUST_RegisterTrustProviderTest())
TrustProviderRes = S_FALSE;
if (!WINTRUST_RegisterHttpsProv())
TrustProviderRes = S_FALSE;
if (!WINTRUST_RegisterOfficeSignVerify())
TrustProviderRes = S_FALSE;
if (!WINTRUST_RegisterDriverVerify())
TrustProviderRes = S_FALSE;
if (!WINTRUST_RegisterGenChainVerify())
TrustProviderRes = S_FALSE;
/* Free the registry structures */
WINTRUST_FreeRegStructs();
/* Testing on W2K3 shows:
* All registry writes are tried. If one fails this part will return S_FALSE.
*
* Last error is set to the last error encountered, regardless if the previous
* parts failed or not.
*/
if (!WINTRUST_SIPPAddProvider(&Unknown1, NULL))
SIPAddProviderRes = S_FALSE;
if (!WINTRUST_SIPPAddProvider(&Unknown2, MagicNumber2))
SIPAddProviderRes = S_FALSE;
if (!WINTRUST_SIPPAddProvider(&Unknown3, MagicNumber3))
SIPAddProviderRes = S_FALSE;
if (!WINTRUST_SIPPAddProvider(&Unknown4, CafeBabe))
SIPAddProviderRes = S_FALSE;
if (!WINTRUST_SIPPAddProvider(&Unknown5, CafeBabe))
SIPAddProviderRes = S_FALSE;
if (!WINTRUST_SIPPAddProvider(&Unknown6, CafeBabe))
SIPAddProviderRes = S_FALSE;
/* Native does a CryptSIPRemoveProvider here for {941C2937-1292-11D1-85BE-00C04FC295EE}.
* This SIP Provider is however not found on up-to-date window install and native will
* set the last error to ERROR_FILE_NOT_FOUND.
* Wine has the last error set to ERROR_INVALID_PARAMETER. There shouldn't be an app
* depending on this last error though so there is no need to imitate native to the full extent.
*
* (The ERROR_INVALID_PARAMETER for Wine it totally valid as we (and native) do register
* a trust provider without a diagnostic policy).
*/
/* Create a dummy context to force creation of the MachineGuid registry key. */
ret = CryptAcquireContextW(&crypt_provider, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT);
if (ret) CryptReleaseContext(crypt_provider, 0);
else ERR("Failed to acquire cryptographic context: %lu\n", GetLastError());
/* If CryptRegisterRes is not S_OK it will always overrule the return value. */
if (CryptRegisterRes != S_OK)
return CryptRegisterRes;
else if (SIPAddProviderRes == S_OK)
return TrustProviderRes;
else
return SIPAddProviderRes;
}
/***********************************************************************
* DllUnregisterServer (WINTRUST.@)
*/
HRESULT WINAPI DllUnregisterServer(void)
{
FIXME("stub\n");
return S_OK;
}
/***********************************************************************
* SoftpubDllRegisterServer (WINTRUST.@)
*
* Registers softpub.dll
*
* PARAMS
*
* RETURNS
* Success: S_OK.
* Failure: S_FALSE. (See also GetLastError()).
*
* NOTES
* DllRegisterServer in softpub.dll will call this function.
* See comments in DllRegisterServer.
*/
HRESULT WINAPI SoftpubDllRegisterServer(void)
{
HRESULT TrustProviderRes = S_OK;
TRACE("\n");
/* Create the necessary action registry structures */
WINTRUST_InitRegStructs();
/* Register several Trust Provider actions */
if (!WINTRUST_RegisterGenVerifyV2())
TrustProviderRes = S_FALSE;
if (!WINTRUST_RegisterPublishedSoftware())
TrustProviderRes = S_FALSE;
if (!WINTRUST_RegisterPublishedSoftwareNoBadUi())
TrustProviderRes = S_FALSE;
if (!WINTRUST_RegisterGenCertVerify())
TrustProviderRes = S_FALSE;
if (!WINTRUST_RegisterTrustProviderTest())
TrustProviderRes = S_FALSE;
if (!WINTRUST_RegisterHttpsProv())
TrustProviderRes = S_FALSE;
if (!WINTRUST_RegisterOfficeSignVerify())
TrustProviderRes = S_FALSE;
if (!WINTRUST_RegisterDriverVerify())
TrustProviderRes = S_FALSE;
if (!WINTRUST_RegisterGenChainVerify())
TrustProviderRes = S_FALSE;
/* Free the registry structures */
WINTRUST_FreeRegStructs();
return TrustProviderRes;
}
/***********************************************************************
* SoftpubDllUnregisterServer (WINTRUST.@)
*/
HRESULT WINAPI SoftpubDllUnregisterServer(void)
{
FIXME("stub\n");
return S_OK;
}
/***********************************************************************
* mscat32DllRegisterServer (WINTRUST.@)
*/
HRESULT WINAPI mscat32DllRegisterServer(void)
{
FIXME("stub\n");
return S_OK;
}
/***********************************************************************
* mscat32DllUnregisterServer (WINTRUST.@)
*/
HRESULT WINAPI mscat32DllUnregisterServer(void)
{
FIXME("stub\n");
return S_OK;
}
/***********************************************************************
* mssip32DllRegisterServer (WINTRUST.@)
*/
HRESULT WINAPI mssip32DllRegisterServer(void)
{
FIXME("stub\n");
return S_OK;
}
/***********************************************************************
* mssip32DllUnregisterServer (WINTRUST.@)
*/
HRESULT WINAPI mssip32DllUnregisterServer(void)
{
FIXME("stub\n");
return S_OK;
}