ReactOS 0.4.16-dev-340-g0540c21
softpub.c File Reference
#include <stdarg.h>
#include "windef.h"
#include "winbase.h"
#include "winternl.h"
#include "wintrust.h"
#include "mssip.h"
#include "softpub.h"
#include "winnls.h"
#include "wine/debug.h"
Include dependency graph for softpub.c:

Go to the source code of this file.

Macros

#define NONAMELESSUNION
 

Functions

 WINE_DEFAULT_DEBUG_CHANNEL (wintrust)
 
HRESULT WINAPI SoftpubDefCertInit (CRYPT_PROVIDER_DATA *data)
 
HRESULT WINAPI SoftpubInitialize (CRYPT_PROVIDER_DATA *data)
 
HRESULT WINAPI DriverInitializePolicy (CRYPT_PROVIDER_DATA *data)
 
HRESULT WINAPI DriverCleanupPolicy (CRYPT_PROVIDER_DATA *data)
 
HRESULT WINAPI DriverFinalPolicy (CRYPT_PROVIDER_DATA *data)
 
static DWORD SOFTPUB_OpenFile (CRYPT_PROVIDER_DATA *data)
 
static DWORD SOFTPUB_GetFileSubject (CRYPT_PROVIDER_DATA *data)
 
static DWORD SOFTPUB_GetSIP (CRYPT_PROVIDER_DATA *data)
 
static DWORD SOFTPUB_GetMessageFromFile (CRYPT_PROVIDER_DATA *data, HANDLE file, LPCWSTR filePath)
 
static BOOL hash_file_data (HANDLE file, DWORD start, DWORD end, HCRYPTHASH hash)
 
static BOOL SOFTPUB_HashPEFile (HANDLE file, HCRYPTHASH hash)
 
static DWORD SOFTPUB_VerifyImageHash (CRYPT_PROVIDER_DATA *data, HANDLE file)
 
static DWORD SOFTPUB_CreateStoreFromMessage (CRYPT_PROVIDER_DATA *data)
 
static DWORD SOFTPUB_DecodeInnerContent (CRYPT_PROVIDER_DATA *data)
 
static DWORD SOFTPUB_LoadCertMessage (CRYPT_PROVIDER_DATA *data)
 
static DWORD SOFTPUB_LoadFileMessage (CRYPT_PROVIDER_DATA *data)
 
static DWORD SOFTPUB_LoadCatalogMessage (CRYPT_PROVIDER_DATA *data)
 
HRESULT WINAPI SoftpubLoadMessage (CRYPT_PROVIDER_DATA *data)
 
static CMSG_SIGNER_INFOWINTRUST_GetSigner (CRYPT_PROVIDER_DATA *data, DWORD signerIdx)
 
static BOOL WINTRUST_GetTimeFromCounterSigner (const CMSG_CMS_SIGNER_INFO *counterSignerInfo, FILETIME *time)
 
static LPCSTR filetime_to_str (const FILETIME *time)
 
static FILETIME WINTRUST_GetTimeFromSigner (const CRYPT_PROVIDER_DATA *data, const CMSG_SIGNER_INFO *signerInfo)
 
static DWORD WINTRUST_SaveSigner (CRYPT_PROVIDER_DATA *data, DWORD signerIdx)
 
static CERT_INFOWINTRUST_GetSignerCertInfo (CRYPT_PROVIDER_DATA *data, DWORD signerIdx)
 
static DWORD WINTRUST_VerifySigner (CRYPT_PROVIDER_DATA *data, DWORD signerIdx)
 
HRESULT WINAPI SoftpubLoadSignature (CRYPT_PROVIDER_DATA *data)
 
static DWORD WINTRUST_TrustStatusToConfidence (DWORD errorStatus)
 
BOOL WINAPI SoftpubCheckCert (CRYPT_PROVIDER_DATA *data, DWORD idxSigner, BOOL fCounterSignerChain, DWORD idxCounterSigner)
 
static DWORD WINTRUST_TrustStatusToError (DWORD errorStatus)
 
static DWORD WINTRUST_CopyChain (CRYPT_PROVIDER_DATA *data, DWORD signerIdx)
 
static void WINTRUST_CreateChainPolicyCreateInfo (const CRYPT_PROVIDER_DATA *data, PWTD_GENERIC_CHAIN_POLICY_CREATE_INFO info, PCERT_CHAIN_PARA chainPara)
 
static DWORD WINTRUST_CreateChainForSigner (CRYPT_PROVIDER_DATA *data, DWORD signer, PWTD_GENERIC_CHAIN_POLICY_CREATE_INFO createInfo, PCERT_CHAIN_PARA chainPara)
 
HRESULT WINAPI WintrustCertificateTrust (CRYPT_PROVIDER_DATA *data)
 
HRESULT WINAPI GenericChainCertificateTrust (CRYPT_PROVIDER_DATA *data)
 
HRESULT WINAPI SoftpubAuthenticode (CRYPT_PROVIDER_DATA *data)
 
static HRESULT WINAPI WINTRUST_DefaultPolicy (CRYPT_PROVIDER_DATA *pProvData, DWORD dwStepError, DWORD dwRegPolicySettings, DWORD cSigner, PWTD_GENERIC_CHAIN_POLICY_SIGNER_INFO rgpSigner, void *pvPolicyArg)
 
HRESULT WINAPI GenericChainFinalProv (CRYPT_PROVIDER_DATA *data)
 
HRESULT WINAPI SoftpubCleanup (CRYPT_PROVIDER_DATA *data)
 
HRESULT WINAPI HTTPSCertificateTrust (CRYPT_PROVIDER_DATA *data)
 
HRESULT WINAPI HTTPSFinalProv (CRYPT_PROVIDER_DATA *data)
 

Macro Definition Documentation

◆ NONAMELESSUNION

#define NONAMELESSUNION

Definition at line 21 of file softpub.c.

Function Documentation

◆ DriverCleanupPolicy()

HRESULT WINAPI DriverCleanupPolicy ( CRYPT_PROVIDER_DATA data)

Definition at line 66 of file softpub.c.

67{
68 FIXME("stub\n");
69 return S_OK;
70}
#define FIXME(fmt,...)
Definition: precomp.h:53
#define S_OK
Definition: intsafe.h:52

◆ DriverFinalPolicy()

HRESULT WINAPI DriverFinalPolicy ( CRYPT_PROVIDER_DATA data)

Definition at line 72 of file softpub.c.

73{
74 FIXME("stub\n");
75 return S_OK;
76}

◆ DriverInitializePolicy()

HRESULT WINAPI DriverInitializePolicy ( CRYPT_PROVIDER_DATA data)

Definition at line 60 of file softpub.c.

61{
62 FIXME("stub\n");
63 return S_OK;
64}

◆ filetime_to_str()

static LPCSTR filetime_to_str ( const FILETIME time)
static

Definition at line 690 of file softpub.c.

691{
692 static char date[80];
693 char dateFmt[80]; /* sufficient for all versions of LOCALE_SSHORTDATE */
694 SYSTEMTIME sysTime;
695
696 if (!time) return NULL;
697
699 FileTimeToSystemTime(time, &sysTime);
700 GetDateFormatA(LOCALE_SYSTEM_DEFAULT, 0, &sysTime, dateFmt, date, ARRAY_SIZE(date));
701 return date;
702}
#define ARRAY_SIZE(A)
Definition: main.h:20
#define NULL
Definition: types.h:112
BOOL WINAPI FileTimeToSystemTime(IN CONST FILETIME *lpFileTime, OUT LPSYSTEMTIME lpSystemTime)
Definition: time.c:188
INT WINAPI GetLocaleInfoA(LCID lcid, LCTYPE lctype, LPSTR buffer, INT len)
Definition: locale.c:1600
INT WINAPI GetDateFormatA(LCID lcid, DWORD dwFlags, const SYSTEMTIME *lpTime, LPCSTR lpFormat, LPSTR lpDateStr, INT cchOut)
Definition: lcformat.c:936
__u16 date
Definition: mkdosfs.c:8
__u16 time
Definition: mkdosfs.c:8
#define LOCALE_SYSTEM_DEFAULT
#define LOCALE_SSHORTDATE
Definition: winnls.h:62

Referenced by WINTRUST_GetTimeFromSigner().

◆ GenericChainCertificateTrust()

HRESULT WINAPI GenericChainCertificateTrust ( CRYPT_PROVIDER_DATA data)

Definition at line 1123 of file softpub.c.

1124{
1125 DWORD err;
1126 WTD_GENERIC_CHAIN_POLICY_DATA *policyData =
1127 data->pWintrustData->pPolicyCallbackData;
1128
1129 TRACE("(%p)\n", data);
1130
1131 if (policyData && policyData->u.cbSize !=
1133 {
1135 goto end;
1136 }
1137 if (!data->csSigners)
1139 else
1140 {
1141 DWORD i;
1142 WTD_GENERIC_CHAIN_POLICY_CREATE_INFO createInfo, *pCreateInfo;
1143 CERT_CHAIN_PARA chainPara, *pChainPara;
1144
1145 if (policyData)
1146 {
1147 pCreateInfo = policyData->pSignerChainInfo;
1148 pChainPara = pCreateInfo->pChainPara;
1149 }
1150 else
1151 {
1152 WINTRUST_CreateChainPolicyCreateInfo(data, &createInfo, &chainPara);
1153 pChainPara = &chainPara;
1154 pCreateInfo = &createInfo;
1155 }
1157 for (i = 0; !err && i < data->csSigners; i++)
1158 err = WINTRUST_CreateChainForSigner(data, i, pCreateInfo,
1159 pChainPara);
1160 }
1161
1162end:
1163 if (err)
1164 data->padwTrustStepErrors[TRUSTERROR_STEP_FINAL_CERTPROV] = err;
1165 TRACE("returning %d (%08x)\n", !err ? S_OK : S_FALSE,
1166 data->padwTrustStepErrors[TRUSTERROR_STEP_FINAL_CERTPROV]);
1167 return !err ? S_OK : S_FALSE;
1168}
#define ERROR_SUCCESS
Definition: deptool.c:10
#define ERROR_INVALID_PARAMETER
Definition: compat.h:101
static DWORD WINTRUST_CreateChainForSigner(CRYPT_PROVIDER_DATA *data, DWORD signer, PWTD_GENERIC_CHAIN_POLICY_CREATE_INFO createInfo, PCERT_CHAIN_PARA chainPara)
Definition: softpub.c:1028
static void WINTRUST_CreateChainPolicyCreateInfo(const CRYPT_PROVIDER_DATA *data, PWTD_GENERIC_CHAIN_POLICY_CREATE_INFO info, PCERT_CHAIN_PARA chainPara)
Definition: softpub.c:1002
unsigned long DWORD
Definition: ntddk_ex.h:95
GLuint GLuint end
Definition: gl.h:1545
GLint GLenum GLsizei GLsizei GLsizei GLint GLsizei const GLvoid * data
Definition: gl.h:1950
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
#define err(...)
#define TRACE(s)
Definition: solgame.cpp:4
PWTD_GENERIC_CHAIN_POLICY_CREATE_INFO pSignerChainInfo
Definition: softpub.h:92
_In_ PCCERT_CONTEXT _In_opt_ LPFILETIME _In_opt_ HCERTSTORE _In_ PCERT_CHAIN_PARA pChainPara
Definition: wincrypt.h:4839
#define S_FALSE
Definition: winerror.h:2357
#define TRUST_E_NOSIGNATURE
Definition: winerror.h:3116
#define TRUSTERROR_STEP_FINAL_CERTPROV
Definition: wintrust.h:277

◆ GenericChainFinalProv()

HRESULT WINAPI GenericChainFinalProv ( CRYPT_PROVIDER_DATA data)

Definition at line 1284 of file softpub.c.

1285{
1286 HRESULT err = NO_ERROR; /* not a typo, MS confused the types */
1287 WTD_GENERIC_CHAIN_POLICY_DATA *policyData =
1288 data->pWintrustData->pPolicyCallbackData;
1289
1290 TRACE("(%p)\n", data);
1291
1292 if (data->pWintrustData->dwUIChoice != WTD_UI_NONE)
1293 FIXME("unimplemented for UI choice %d\n",
1294 data->pWintrustData->dwUIChoice);
1295 if (!data->csSigners)
1297 else
1298 {
1300 void *policyArg;
1302
1303 if (policyData)
1304 {
1305 policyCallback = policyData->pfnPolicyCallback;
1306 policyArg = policyData->pvPolicyArg;
1307 }
1308 else
1309 {
1310 policyCallback = WINTRUST_DefaultPolicy;
1311 policyArg = NULL;
1312 }
1313 if (data->csSigners)
1314 {
1315 DWORD i;
1316
1317 signers = data->psPfns->pfnAlloc(
1318 data->csSigners * sizeof(WTD_GENERIC_CHAIN_POLICY_SIGNER_INFO));
1319 if (signers)
1320 {
1321 for (i = 0; i < data->csSigners; i++)
1322 {
1323 signers[i].u.cbSize =
1325 signers[i].pChainContext =
1326 data->pasSigners[i].pChainContext;
1327 signers[i].dwSignerType = data->pasSigners[i].dwSignerType;
1328 signers[i].pMsgSignerInfo = data->pasSigners[i].psSigner;
1329 signers[i].dwError = data->pasSigners[i].dwError;
1330 if (data->pasSigners[i].csCounterSigners)
1331 FIXME("unimplemented for counter signers\n");
1332 signers[i].cCounterSigner = 0;
1333 signers[i].rgpCounterSigner = NULL;
1334 }
1335 }
1336 else
1338 }
1339 if (err == NO_ERROR)
1340 err = policyCallback(data, TRUSTERROR_STEP_FINAL_POLICYPROV,
1341 data->dwRegPolicySettings, data->csSigners, signers, policyArg);
1342 data->psPfns->pfnFree(signers);
1343 }
1344 if (err != NO_ERROR)
1345 data->padwTrustStepErrors[TRUSTERROR_STEP_FINAL_POLICYPROV] = err;
1346 TRACE("returning %d (%08x)\n", err == NO_ERROR ? S_OK : S_FALSE,
1347 data->padwTrustStepErrors[TRUSTERROR_STEP_FINAL_POLICYPROV]);
1348 return err == NO_ERROR ? S_OK : S_FALSE;
1349}
#define NO_ERROR
Definition: dderror.h:5
#define ERROR_OUTOFMEMORY
Definition: deptool.c:13
static HRESULT WINAPI WINTRUST_DefaultPolicy(CRYPT_PROVIDER_DATA *pProvData, DWORD dwStepError, DWORD dwRegPolicySettings, DWORD cSigner, PWTD_GENERIC_CHAIN_POLICY_SIGNER_INFO rgpSigner, void *pvPolicyArg)
Definition: softpub.c:1256
HRESULT(WINAPI * PFN_WTD_GENERIC_CHAIN_POLICY_CALLBACK)(PCRYPT_PROVIDER_DATA pProvData, DWORD dwStepError, DWORD dwRegPolicySettings, DWORD cSigner, PWTD_GENERIC_CHAIN_POLICY_SIGNER_INFO rgpSigner, void *pvPolicyArg)
Definition: softpub.h:69
struct _WTD_GENERIC_CHAIN_POLICY_SIGNER_INFO WTD_GENERIC_CHAIN_POLICY_SIGNER_INFO
PFN_WTD_GENERIC_CHAIN_POLICY_CALLBACK pfnPolicyCallback
Definition: softpub.h:94
PCMSG_SIGNER_INFO pMsgSignerInfo
Definition: softpub.h:63
PCCERT_CHAIN_CONTEXT pChainContext
Definition: softpub.h:61
struct _WTD_GENERIC_CHAIN_POLICY_SIGNER_INFO * rgpCounterSigner
Definition: softpub.h:66
#define TRUSTERROR_STEP_FINAL_POLICYPROV
Definition: wintrust.h:279
#define WTD_UI_NONE
Definition: wintrust.h:84

◆ hash_file_data()

static BOOL hash_file_data ( HANDLE  file,
DWORD  start,
DWORD  end,
HCRYPTHASH  hash 
)
static

Definition at line 213 of file softpub.c.

214{
215 DWORD bytes_read, size = end - start;
216 DWORD buffer_size = min( size, 1024*1024 );
218
219 if (!buffer) return FALSE;
221 while (size)
222 {
223 if (!ReadFile( file, buffer, min( buffer_size, size ), &bytes_read, NULL )) break;
224 if (!bytes_read) break;
225 if (!CryptHashData( hash, buffer, bytes_read, 0 )) break;
226 size -= bytes_read;
227 }
229 return !size;
230}
#define FALSE
Definition: types.h:117
BOOL WINAPI CryptHashData(HCRYPTHASH hHash, const BYTE *pbData, DWORD dwDataLen, DWORD dwFlags)
Definition: crypt.c:1771
#define GetProcessHeap()
Definition: compat.h:736
#define FILE_BEGIN
Definition: compat.h:761
#define ReadFile(a, b, c, d, e)
Definition: compat.h:742
#define SetFilePointer
Definition: compat.h:743
#define HeapAlloc
Definition: compat.h:733
#define HeapFree(x, y, z)
Definition: compat.h:735
GLuint start
Definition: gl.h:1545
GLsizeiptr size
Definition: glext.h:5919
GLuint buffer
Definition: glext.h:5915
#define min(a, b)
Definition: monoChain.cc:55
Definition: fci.c:127
Definition: _hash_fun.h:40
static void buffer_size(GLcontext *ctx, GLuint *width, GLuint *height)
Definition: swimpl.c:888
unsigned char BYTE
Definition: xxhash.c:193

Referenced by SOFTPUB_HashPEFile().

◆ HTTPSCertificateTrust()

HRESULT WINAPI HTTPSCertificateTrust ( CRYPT_PROVIDER_DATA data)

Definition at line 1392 of file softpub.c.

1393{
1394 FIXME("(%p)\n", data);
1395 return S_OK;
1396}

◆ HTTPSFinalProv()

HRESULT WINAPI HTTPSFinalProv ( CRYPT_PROVIDER_DATA data)

Definition at line 1398 of file softpub.c.

1399{
1400 FIXME("(%p)\n", data);
1401 return S_OK;
1402}

◆ SOFTPUB_CreateStoreFromMessage()

static DWORD SOFTPUB_CreateStoreFromMessage ( CRYPT_PROVIDER_DATA data)
static

Definition at line 381 of file softpub.c.

382{
384 HCERTSTORE store;
385
386 store = CertOpenStore(CERT_STORE_PROV_MSG, data->dwEncoding,
388 if (store)
389 {
390 if (!data->psPfns->pfnAddStore2Chain(data, store))
391 err = GetLastError();
392 CertCloseStore(store, 0);
393 }
394 else
395 err = GetLastError();
396 TRACE("returning %d\n", err);
397 return err;
398}
HCERTSTORE WINAPI CertOpenStore(LPCSTR lpszStoreProvider, DWORD dwMsgAndCertEncodingType, HCRYPTPROV_LEGACY hCryptProv, DWORD dwFlags, const void *pvPara)
Definition: store.c:815
BOOL WINAPI CertCloseStore(HCERTSTORE hCertStore, DWORD dwFlags)
Definition: store.c:1127
DWORD WINAPI GetLastError(void)
Definition: except.c:1042
#define CERT_STORE_PROV_MSG
Definition: wincrypt.h:2250
#define CERT_STORE_NO_CRYPT_RELEASE_FLAG
Definition: wincrypt.h:2452

Referenced by SOFTPUB_LoadCatalogMessage(), and SOFTPUB_LoadFileMessage().

◆ SOFTPUB_DecodeInnerContent()

static DWORD SOFTPUB_DecodeInnerContent ( CRYPT_PROVIDER_DATA data)
static

Definition at line 400 of file softpub.c.

401{
402 BOOL ret;
404 LPSTR oid = NULL;
405 LPBYTE buf = NULL;
406
408 &size);
409 if (!ret)
410 {
411 err = GetLastError();
412 goto error;
413 }
414 oid = data->psPfns->pfnAlloc(size);
415 if (!oid)
416 {
418 goto error;
419 }
421 &size);
422 if (!ret)
423 {
424 err = GetLastError();
425 goto error;
426 }
428 if (!ret)
429 {
430 err = GetLastError();
431 goto error;
432 }
433 buf = data->psPfns->pfnAlloc(size);
434 if (!buf)
435 {
437 goto error;
438 }
440 if (!ret)
441 {
442 err = GetLastError();
443 goto error;
444 }
445 ret = CryptDecodeObject(data->dwEncoding, oid, buf, size, 0, NULL, &size);
446 if (!ret)
447 {
448 err = GetLastError();
449 goto error;
450 }
451 data->u.pPDSip->psIndirectData = data->psPfns->pfnAlloc(size);
452 if (!data->u.pPDSip->psIndirectData)
453 {
455 goto error;
456 }
457 ret = CryptDecodeObject(data->dwEncoding, oid, buf, size, 0,
458 data->u.pPDSip->psIndirectData, &size);
459 if (!ret)
460 err = GetLastError();
461
462error:
463 TRACE("returning %d\n", err);
464 data->psPfns->pfnFree(oid);
465 data->psPfns->pfnFree(buf);
466 return err;
467}
BOOL WINAPI CryptDecodeObject(DWORD dwCertEncodingType, LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags, void *pvStructInfo, DWORD *pcbStructInfo)
Definition: decode.c:6278
BOOL WINAPI CryptMsgGetParam(HCRYPTMSG hCryptMsg, DWORD dwParamType, DWORD dwIndex, void *pvData, DWORD *pcbData)
Definition: msg.c:3626
unsigned int BOOL
Definition: ntddk_ex.h:94
GLenum GLuint GLenum GLsizei const GLchar * buf
Definition: glext.h:7751
#define error(str)
Definition: mkdosfs.c:1605
unsigned char * LPBYTE
Definition: typedefs.h:53
int ret
#define CMSG_INNER_CONTENT_TYPE_PARAM
Definition: wincrypt.h:3928
#define CMSG_CONTENT_PARAM
Definition: wincrypt.h:3926
char * LPSTR
Definition: xmlstorage.h:182

Referenced by SOFTPUB_LoadCatalogMessage(), and SOFTPUB_LoadFileMessage().

◆ SOFTPUB_GetFileSubject()

static DWORD SOFTPUB_GetFileSubject ( CRYPT_PROVIDER_DATA data)
static

Definition at line 110 of file softpub.c.

111{
113
115 data->pWintrustData->u.pFile->cbStruct, pgKnownSubject) ||
116 !data->pWintrustData->u.pFile->pgKnownSubject)
117 {
119 data->pWintrustData->u.pFile->pcwszFilePath,
120 data->pWintrustData->u.pFile->hFile,
121 &data->u.pPDSip->gSubject))
122 {
123 LARGE_INTEGER fileSize;
124 DWORD sipError = GetLastError();
125
126 /* Special case for empty files: the error is expected to be
127 * TRUST_E_SUBJECT_FORM_UNKNOWN, rather than whatever
128 * CryptSIPRetrieveSubjectGuid returns.
129 */
130 if (GetFileSizeEx(data->pWintrustData->u.pFile->hFile, &fileSize)
131 && !fileSize.QuadPart)
133 else
134 err = sipError;
135 }
136 }
137 else
138 data->u.pPDSip->gSubject = *data->pWintrustData->u.pFile->pgKnownSubject;
139 TRACE("returning %d\n", err);
140 return err;
141}
BOOL WINAPI CryptSIPRetrieveSubjectGuid(LPCWSTR FileName, HANDLE hFileIn, GUID *pgSubject)
Definition: sip.c:310
#define GetFileSizeEx
Definition: compat.h:757
LONGLONG QuadPart
Definition: typedefs.h:114
#define TRUST_E_SUBJECT_FORM_UNKNOWN
Definition: winerror.h:3114
#define WVT_ISINSTRUCT(t, s, f)
Definition: wintrust.h:433

Referenced by SOFTPUB_LoadFileMessage().

◆ SOFTPUB_GetMessageFromFile()

static DWORD SOFTPUB_GetMessageFromFile ( CRYPT_PROVIDER_DATA data,
HANDLE  file,
LPCWSTR  filePath 
)
static

Definition at line 165 of file softpub.c.

167{
169 BOOL ret;
170 LPBYTE buf = NULL;
171 DWORD size = 0;
172
173 data->u.pPDSip->psSipSubjectInfo =
174 data->psPfns->pfnAlloc(sizeof(SIP_SUBJECTINFO));
175 if (!data->u.pPDSip->psSipSubjectInfo)
176 return ERROR_OUTOFMEMORY;
177
178 data->u.pPDSip->psSipSubjectInfo->cbSize = sizeof(SIP_SUBJECTINFO);
179 data->u.pPDSip->psSipSubjectInfo->pgSubjectType = &data->u.pPDSip->gSubject;
180 data->u.pPDSip->psSipSubjectInfo->hFile = file;
181 data->u.pPDSip->psSipSubjectInfo->pwsFileName = filePath;
182 data->u.pPDSip->psSipSubjectInfo->hProv = data->hProv;
183 ret = data->u.pPDSip->pSip->pfGet(data->u.pPDSip->psSipSubjectInfo,
184 &data->dwEncoding, 0, &size, 0);
185 if (!ret)
186 return TRUST_E_NOSIGNATURE;
187
188 buf = data->psPfns->pfnAlloc(size);
189 if (!buf)
190 return ERROR_OUTOFMEMORY;
191
192 ret = data->u.pPDSip->pSip->pfGet(data->u.pPDSip->psSipSubjectInfo,
193 &data->dwEncoding, 0, &size, buf);
194 if (ret)
195 {
196 data->hMsg = CryptMsgOpenToDecode(data->dwEncoding, 0, 0, data->hProv,
197 NULL, NULL);
198 if (data->hMsg)
199 {
200 ret = CryptMsgUpdate(data->hMsg, buf, size, TRUE);
201 if (!ret)
202 err = GetLastError();
203 }
204 }
205 else
206 err = GetLastError();
207
208 data->psPfns->pfnFree(buf);
209 TRACE("returning %d\n", err);
210 return err;
211}
#define TRUE
Definition: types.h:120
HCRYPTMSG WINAPI CryptMsgOpenToDecode(DWORD dwMsgEncodingType, DWORD dwFlags, DWORD dwMsgType, HCRYPTPROV_LEGACY hCryptProv, PCERT_INFO pRecipientInfo, PCMSG_STREAM_INFO pStreamInfo)
Definition: msg.c:3552
BOOL WINAPI CryptMsgUpdate(HCRYPTMSG hCryptMsg, const BYTE *pbData, DWORD cbData, BOOL fFinal)
Definition: msg.c:3616
struct SIP_SUBJECTINFO_ SIP_SUBJECTINFO

Referenced by SOFTPUB_LoadCatalogMessage(), and SOFTPUB_LoadFileMessage().

◆ SOFTPUB_GetSIP()

static DWORD SOFTPUB_GetSIP ( CRYPT_PROVIDER_DATA data)
static

Definition at line 146 of file softpub.c.

147{
149
150 data->u.pPDSip->pSip = data->psPfns->pfnAlloc(sizeof(SIP_DISPATCH_INFO));
151 if (data->u.pPDSip->pSip)
152 {
153 if (!CryptSIPLoad(&data->u.pPDSip->gSubject, 0, data->u.pPDSip->pSip))
154 err = GetLastError();
155 }
156 else
158 TRACE("returning %d\n", err);
159 return err;
160}
BOOL WINAPI CryptSIPLoad(const GUID *pgSubject, DWORD dwFlags, SIP_DISPATCH_INFO *pSipDispatch)
Definition: sip.c:690

Referenced by SOFTPUB_LoadCatalogMessage(), and SOFTPUB_LoadFileMessage().

◆ SOFTPUB_HashPEFile()

static BOOL SOFTPUB_HashPEFile ( HANDLE  file,
HCRYPTHASH  hash 
)
static

Definition at line 235 of file softpub.c.

236{
237 DWORD checksum, security_dir;
239 union
240 {
243 } nt_header;
246 DWORD bytes_read;
247 BOOL ret;
248
250 return FALSE;
251
253 ret = ReadFile(file, &dos_header, sizeof(dos_header), &bytes_read, NULL);
254 if (!ret || bytes_read != sizeof(dos_header))
255 return FALSE;
256
258 return FALSE;
259 if (dos_header.e_lfanew >= 256 * 1024 * 1024) /* see RtlImageNtHeaderEx */
260 return FALSE;
261 if (dos_header.e_lfanew + FIELD_OFFSET(IMAGE_NT_HEADERS, OptionalHeader.MajorLinkerVersion) > file_size.QuadPart)
262 return FALSE;
263
265 ret = ReadFile(file, &nt_header, sizeof(nt_header), &bytes_read, NULL);
266 if (!ret || bytes_read < FIELD_OFFSET(IMAGE_NT_HEADERS32, OptionalHeader.Magic) +
267 sizeof(nt_header.nt32.OptionalHeader.Magic))
268 return FALSE;
269
271 return FALSE;
272
274 {
275 if (bytes_read < sizeof(nt_header.nt32))
276 return FALSE;
277
278 checksum = dos_header.e_lfanew + FIELD_OFFSET(IMAGE_NT_HEADERS32, OptionalHeader.CheckSum);
279 security_dir = dos_header.e_lfanew + FIELD_OFFSET(IMAGE_NT_HEADERS32, OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_SECURITY]);
281 }
283 {
284 if (bytes_read < sizeof(nt_header.nt64))
285 return FALSE;
286
287 checksum = dos_header.e_lfanew + FIELD_OFFSET(IMAGE_NT_HEADERS64, OptionalHeader.CheckSum);
288 security_dir = dos_header.e_lfanew + FIELD_OFFSET(IMAGE_NT_HEADERS64, OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_SECURITY]);
290 }
291 else
292 return FALSE;
293
294 if (secdir.VirtualAddress < security_dir + sizeof(IMAGE_DATA_DIRECTORY))
295 return FALSE;
296 if (secdir.VirtualAddress > file_size.QuadPart)
297 return FALSE;
298 if (secdir.VirtualAddress + secdir.Size != file_size.QuadPart)
299 return FALSE;
300
301 if (!hash_file_data( file, 0, checksum, hash )) return FALSE;
302 if (!hash_file_data( file, checksum + sizeof(DWORD), security_dir, hash )) return FALSE;
303 if (!hash_file_data( file, security_dir + sizeof(IMAGE_DATA_DIRECTORY), secdir.VirtualAddress, hash ))
304 return FALSE;
305
306 return TRUE;
307}
static cab_ULONG checksum(const cab_UBYTE *data, cab_UWORD bytes, cab_ULONG csum)
Definition: fdi.c:353
static BOOL hash_file_data(HANDLE file, DWORD start, DWORD end, HCRYPTHASH hash)
Definition: softpub.c:213
static IMAGE_DOS_HEADER dos_header
Definition: data.c:13
static IMAGE_NT_HEADERS32 nt_header
Definition: data.c:36
#define IMAGE_NT_OPTIONAL_HDR32_MAGIC
Definition: ntimage.h:376
#define IMAGE_NT_OPTIONAL_HDR64_MAGIC
Definition: ntimage.h:377
#define IMAGE_NT_SIGNATURE
Definition: pedump.c:93
#define IMAGE_DIRECTORY_ENTRY_SECURITY
Definition: pedump.c:263
#define IMAGE_DOS_SIGNATURE
Definition: pedump.c:89
static unsigned int file_size
Definition: regtests2xml.c:47
IMAGE_OPTIONAL_HEADER32 OptionalHeader
Definition: ntddk_ex.h:184
IMAGE_DATA_DIRECTORY DataDirectory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES]
Definition: ntddk_ex.h:178
#define FIELD_OFFSET(t, f)
Definition: typedefs.h:255

Referenced by SOFTPUB_VerifyImageHash().

◆ SOFTPUB_LoadCatalogMessage()

static DWORD SOFTPUB_LoadCatalogMessage ( CRYPT_PROVIDER_DATA data)
static

Definition at line 560 of file softpub.c.

561{
562 DWORD err;
564
565 if (!data->pWintrustData->u.pCatalog)
566 {
568 return FALSE;
569 }
570 catalog = CreateFileW(data->pWintrustData->u.pCatalog->pcwszCatalogFilePath,
572 NULL);
573 if (catalog == INVALID_HANDLE_VALUE)
574 return GetLastError();
576 data->pWintrustData->u.pCatalog->pcwszCatalogFilePath, catalog,
577 &data->u.pPDSip->gSubject))
578 {
579 err = GetLastError();
580 goto error;
581 }
583 if (err)
584 goto error;
586 data->pWintrustData->u.pCatalog->pcwszCatalogFilePath);
587 if (err)
588 goto error;
590 if (err)
591 goto error;
593 /* FIXME: this loads the catalog file, but doesn't validate the member. */
594error:
595 CloseHandle(catalog);
596 return err;
597}
#define CloseHandle
Definition: compat.h:739
#define OPEN_EXISTING
Definition: compat.h:775
#define SetLastError(x)
Definition: compat.h:752
#define INVALID_HANDLE_VALUE
Definition: compat.h:731
#define GENERIC_READ
Definition: compat.h:135
#define CreateFileW
Definition: compat.h:741
#define FILE_ATTRIBUTE_NORMAL
Definition: compat.h:137
#define FILE_SHARE_READ
Definition: compat.h:136
static DWORD SOFTPUB_GetMessageFromFile(CRYPT_PROVIDER_DATA *data, HANDLE file, LPCWSTR filePath)
Definition: softpub.c:165
static DWORD SOFTPUB_GetSIP(CRYPT_PROVIDER_DATA *data)
Definition: softpub.c:146
static DWORD SOFTPUB_DecodeInnerContent(CRYPT_PROVIDER_DATA *data)
Definition: softpub.c:400
static DWORD SOFTPUB_CreateStoreFromMessage(CRYPT_PROVIDER_DATA *data)
Definition: softpub.c:381

Referenced by SoftpubLoadMessage().

◆ SOFTPUB_LoadCertMessage()

static DWORD SOFTPUB_LoadCertMessage ( CRYPT_PROVIDER_DATA data)
static

Definition at line 469 of file softpub.c.

470{
472
473 if (data->pWintrustData->u.pCert &&
475 data->pWintrustData->u.pCert->cbStruct, psCertContext))
476 {
477 if (data->psPfns)
478 {
479 CRYPT_PROVIDER_SGNR signer = { sizeof(signer), { 0 } };
480 DWORD i;
481 BOOL ret;
482
483 /* Add a signer with nothing but the time to verify, so we can
484 * add a cert to it
485 */
487 data->pWintrustData->u.pCert->cbStruct, psftVerifyAsOf) &&
488 data->pWintrustData->u.pCert->psftVerifyAsOf)
489 data->sftSystemTime = signer.sftVerifyAsOf;
490 else
491 {
492 SYSTEMTIME sysTime;
493
494 GetSystemTime(&sysTime);
495 SystemTimeToFileTime(&sysTime, &signer.sftVerifyAsOf);
496 }
497 ret = data->psPfns->pfnAddSgnr2Chain(data, FALSE, 0, &signer);
498 if (ret)
499 {
500 ret = data->psPfns->pfnAddCert2Chain(data, 0, FALSE, 0,
501 data->pWintrustData->u.pCert->psCertContext);
503 data->pWintrustData->u.pCert->cbStruct, pahStores))
504 for (i = 0;
505 ret && i < data->pWintrustData->u.pCert->chStores; i++)
506 ret = data->psPfns->pfnAddStore2Chain(data,
507 data->pWintrustData->u.pCert->pahStores[i]);
508 }
509 if (!ret)
510 err = GetLastError();
511 }
512 }
513 else
515 return err;
516}
BOOL WINAPI SystemTimeToFileTime(IN CONST SYSTEMTIME *lpSystemTime, OUT LPFILETIME lpFileTime)
Definition: time.c:158
VOID WINAPI GetSystemTime(OUT LPSYSTEMTIME lpSystemTime)
Definition: time.c:327
FILETIME sftVerifyAsOf
Definition: wintrust.h:233
#define WVT_IS_CBSTRUCT_GT_MEMBEROFFSET(t, s, f)
Definition: wintrust.h:434

Referenced by SoftpubLoadMessage().

◆ SOFTPUB_LoadFileMessage()

static DWORD SOFTPUB_LoadFileMessage ( CRYPT_PROVIDER_DATA data)
static

Definition at line 518 of file softpub.c.

519{
521
522 if (!data->pWintrustData->u.pFile)
523 {
525 goto error;
526 }
528 if (err)
529 goto error;
531 if (err)
532 goto error;
534 if (err)
535 goto error;
536 err = SOFTPUB_GetMessageFromFile(data, data->pWintrustData->u.pFile->hFile,
537 data->pWintrustData->u.pFile->pcwszFilePath);
538 if (err)
539 goto error;
541 if (err)
542 goto error;
544 if (err)
545 goto error;
546 err = SOFTPUB_VerifyImageHash(data, data->pWintrustData->u.pFile->hFile);
547
548error:
549 if (err && data->fOpenedFile && data->pWintrustData->u.pFile)
550 {
551 /* The caller won't expect the file to be open on failure, so close it.
552 */
553 CloseHandle(data->pWintrustData->u.pFile->hFile);
554 data->pWintrustData->u.pFile->hFile = INVALID_HANDLE_VALUE;
555 data->fOpenedFile = FALSE;
556 }
557 return err;
558}
static DWORD SOFTPUB_GetFileSubject(CRYPT_PROVIDER_DATA *data)
Definition: softpub.c:110
static DWORD SOFTPUB_VerifyImageHash(CRYPT_PROVIDER_DATA *data, HANDLE file)
Definition: softpub.c:309
static DWORD SOFTPUB_OpenFile(CRYPT_PROVIDER_DATA *data)
Definition: softpub.c:81

Referenced by SoftpubLoadMessage().

◆ SOFTPUB_OpenFile()

static DWORD SOFTPUB_OpenFile ( CRYPT_PROVIDER_DATA data)
static

Definition at line 81 of file softpub.c.

82{
84
85 /* PSDK implies that all values should be initialized to NULL, so callers
86 * typically have hFile as NULL rather than INVALID_HANDLE_VALUE. Check
87 * for both.
88 */
89 if (!data->pWintrustData->u.pFile->hFile ||
90 data->pWintrustData->u.pFile->hFile == INVALID_HANDLE_VALUE)
91 {
92 data->pWintrustData->u.pFile->hFile =
93 CreateFileW(data->pWintrustData->u.pFile->pcwszFilePath, GENERIC_READ,
95 if (data->pWintrustData->u.pFile->hFile != INVALID_HANDLE_VALUE)
96 data->fOpenedFile = TRUE;
97 else
98 err = GetLastError();
99 }
100 if (!err)
101 GetFileTime(data->pWintrustData->u.pFile->hFile, &data->sftSystemTime,
102 NULL, NULL);
103 TRACE("returning %d\n", err);
104 return err;
105}
BOOL WINAPI GetFileTime(IN HANDLE hFile, OUT LPFILETIME lpCreationTime OPTIONAL, OUT LPFILETIME lpLastAccessTime OPTIONAL, OUT LPFILETIME lpLastWriteTime OPTIONAL)
Definition: fileinfo.c:896

Referenced by SOFTPUB_LoadFileMessage().

◆ SOFTPUB_VerifyImageHash()

static DWORD SOFTPUB_VerifyImageHash ( CRYPT_PROVIDER_DATA data,
HANDLE  file 
)
static

Definition at line 309 of file softpub.c.

310{
312 DWORD err, hash_size, length;
314 BOOL release_prov = FALSE;
315 HCRYPTPROV prov = data->hProv;
316 HCRYPTHASH hash = 0;
317 ALG_ID algID;
318
319 if (((ULONG_PTR)indirect->Data.pszObjId >> 16) == 0 ||
320 strcmp(indirect->Data.pszObjId, SPC_PE_IMAGE_DATA_OBJID))
321 {
322 FIXME("Cannot verify hash for pszObjId=%s\n", debugstr_a(indirect->Data.pszObjId));
323 return ERROR_SUCCESS;
324 }
325
326 if (!(algID = CertOIDToAlgId(indirect->DigestAlgorithm.pszObjId)))
327 return TRUST_E_SYSTEM_ERROR; /* FIXME */
328
329 if (!prov)
330 {
332 return GetLastError();
333 release_prov = TRUE;
334 }
335
336 if (!CryptCreateHash(prov, algID, 0, 0, &hash))
337 {
338 err = GetLastError();
339 goto done;
340 }
341
343 {
345 goto done;
346 }
347
348 length = sizeof(hash_size);
349 if (!CryptGetHashParam(hash, HP_HASHSIZE, (BYTE *)&hash_size, &length, 0))
350 {
351 err = GetLastError();
352 goto done;
353 }
354
355 if (!(hash_data = data->psPfns->pfnAlloc(hash_size)))
356 {
358 goto done;
359 }
360
361 if (!CryptGetHashParam(hash, HP_HASHVAL, hash_data, &hash_size, 0))
362 {
363 err = GetLastError();
364 data->psPfns->pfnFree(hash_data);
365 goto done;
366 }
367
368 err = (hash_size == indirect->Digest.cbData &&
369 !memcmp(hash_data, indirect->Digest.pbData, hash_size)) ? S_OK : TRUST_E_BAD_DIGEST;
370 data->psPfns->pfnFree(hash_data);
371
372done:
373 if (hash)
375 if (release_prov)
376 CryptReleaseContext(prov, 0);
377 return err;
378}
int strcmp(const char *String1, const char *String2)
Definition: utclib.c:469
int memcmp(void *Buffer1, void *Buffer2, ACPI_SIZE Count)
Definition: utclib.c:112
BOOL WINAPI CryptCreateHash(HCRYPTPROV hProv, ALG_ID Algid, HCRYPTKEY hKey, DWORD dwFlags, HCRYPTHASH *phHash)
Definition: crypt.c:740
BOOL WINAPI CryptGetHashParam(HCRYPTHASH hHash, DWORD dwParam, BYTE *pbData, DWORD *pdwDataLen, DWORD dwFlags)
Definition: crypt.c:1610
BOOL WINAPI CryptDestroyHash(HCRYPTHASH hHash)
Definition: crypt.c:890
BOOL WINAPI CryptReleaseContext(HCRYPTPROV hProv, DWORD dwFlags)
Definition: crypt.c:648
BOOL WINAPI CryptAcquireContextW(HCRYPTPROV *phProv, LPCWSTR pszContainer, LPCWSTR pszProvider, DWORD dwProvType, DWORD dwFlags)
Definition: crypt.c:358
DWORD WINAPI CertOIDToAlgId(LPCSTR pszObjId)
Definition: oid.c:1901
static BOOL SOFTPUB_HashPEFile(HANDLE file, HCRYPTHASH hash)
Definition: softpub.c:235
GLuint GLsizei GLsizei * length
Definition: glext.h:6040
#define debugstr_a
Definition: kernel32.h:31
if(dx< 0)
Definition: linetemp.h:194
static const struct @1687 hash_data[]
uint32_t ULONG_PTR
Definition: typedefs.h:65
#define HP_HASHSIZE
Definition: wincrypt.h:2184
#define CRYPT_VERIFYCONTEXT
Definition: wincrypt.h:2069
ULONG_PTR HCRYPTPROV
Definition: wincrypt.h:46
#define PROV_RSA_AES
Definition: wincrypt.h:2056
ULONG_PTR HCRYPTHASH
Definition: wincrypt.h:50
#define HP_HASHVAL
Definition: wincrypt.h:2183
static const WCHAR MS_ENH_RSA_AES_PROV_W[]
Definition: wincrypt.h:2012
unsigned int ALG_ID
Definition: wincrypt.h:45
#define TRUST_E_BAD_DIGEST
Definition: winerror.h:3109
#define TRUST_E_SYSTEM_ERROR
Definition: winerror.h:3104
#define SPC_PE_IMAGE_DATA_OBJID
Definition: wintrust.h:486

Referenced by SOFTPUB_LoadFileMessage().

◆ SoftpubAuthenticode()

HRESULT WINAPI SoftpubAuthenticode ( CRYPT_PROVIDER_DATA data)

Definition at line 1170 of file softpub.c.

1171{
1172 BOOL ret;
1173 CERT_CHAIN_POLICY_STATUS policyStatus = { sizeof(policyStatus), 0 };
1174
1175 TRACE("(%p)\n", data);
1176
1177 if (data->pWintrustData->dwUIChoice != WTD_UI_NONE)
1178 FIXME("unimplemented for UI choice %d\n",
1179 data->pWintrustData->dwUIChoice);
1180 if (!data->csSigners)
1181 {
1182 ret = FALSE;
1183 policyStatus.dwError = TRUST_E_NOSIGNATURE;
1184 }
1185 else
1186 {
1187 DWORD i;
1188
1189 ret = TRUE;
1190 for (i = 0; ret && i < data->csSigners; i++)
1191 {
1192 BYTE hash[20];
1193 DWORD size = sizeof(hash);
1194
1195 /* First make sure cert isn't disallowed */
1197 data->pasSigners[i].pasCertChain[0].pCert,
1199 {
1200 static const WCHAR disallowedW[] =
1201 { 'D','i','s','a','l','l','o','w','e','d',0 };
1204 disallowedW);
1205
1206 if (disallowed)
1207 {
1210 hash, NULL);
1211
1212 if (found)
1213 {
1214 /* Disallowed! Can't verify it. */
1215 policyStatus.dwError = TRUST_E_SUBJECT_NOT_TRUSTED;
1216 ret = FALSE;
1218 }
1220 }
1221 }
1222 if (ret)
1223 {
1224 CERT_CHAIN_POLICY_PARA policyPara = { sizeof(policyPara), 0 };
1225
1226 if (data->dwRegPolicySettings & WTPF_TRUSTTEST)
1228 if (data->dwRegPolicySettings & WTPF_TESTCANBEVALID)
1230 if (data->dwRegPolicySettings & WTPF_IGNOREEXPIRATION)
1231 policyPara.dwFlags |=
1235 if (data->dwRegPolicySettings & WTPF_IGNOREREVOKATION)
1236 policyPara.dwFlags |=
1242 data->pasSigners[i].pChainContext, &policyPara, &policyStatus);
1243 if (policyStatus.dwError != NO_ERROR)
1244 ret = FALSE;
1245 }
1246 }
1247 }
1248 if (!ret)
1249 data->padwTrustStepErrors[TRUSTERROR_STEP_FINAL_POLICYPROV] =
1250 policyStatus.dwError;
1251 TRACE("returning %d (%08x)\n", ret ? S_OK : S_FALSE,
1252 data->padwTrustStepErrors[TRUSTERROR_STEP_FINAL_POLICYPROV]);
1253 return ret ? S_OK : S_FALSE;
1254}
BOOL WINAPI CertFreeCertificateContext(PCCERT_CONTEXT pCertContext)
Definition: cert.c:371
PCCERT_CONTEXT WINAPI CertFindCertificateInStore(HCERTSTORE hCertStore, DWORD dwCertEncodingType, DWORD dwFlags, DWORD dwType, const void *pvPara, PCCERT_CONTEXT pPrevCertContext)
Definition: cert.c:1765
BOOL WINAPI CertGetCertificateContextProperty(PCCERT_CONTEXT pCertContext, DWORD dwPropId, void *pvData, DWORD *pcbData)
Definition: cert.c:551
BOOL WINAPI CertVerifyCertificateChainPolicy(LPCSTR szPolicyOID, PCCERT_CHAIN_CONTEXT pChainContext, PCERT_CHAIN_POLICY_PARA pPolicyPara, PCERT_CHAIN_POLICY_STATUS pPolicyStatus)
Definition: chain.c:3716
static const WCHAR disallowed[]
Definition: main.c:459
#define CERT_CHAIN_POLICY_TRUST_TESTROOT_FLAG
Definition: wincrypt.h:998
#define CERT_CHAIN_POLICY_IGNORE_ROOT_REV_UNKNOWN_FLAG
Definition: wincrypt.h:988
#define CERT_CHAIN_POLICY_IGNORE_CTL_NOT_TIME_VALID_FLAG
Definition: wincrypt.h:971
#define X509_ASN_ENCODING
Definition: wincrypt.h:2297
#define CERT_CHAIN_POLICY_ALLOW_TESTROOT_FLAG
Definition: wincrypt.h:999
#define CERT_CHAIN_POLICY_AUTHENTICODE
Definition: wincrypt.h:963
#define CERT_CHAIN_POLICY_IGNORE_CA_REV_UNKNOWN_FLAG
Definition: wincrypt.h:987
#define CERT_CHAIN_POLICY_IGNORE_NOT_TIME_NESTED_FLAG
Definition: wincrypt.h:972
#define CERT_CHAIN_POLICY_IGNORE_END_REV_UNKNOWN_FLAG
Definition: wincrypt.h:985
#define CERT_STORE_PROV_SYSTEM_W
Definition: wincrypt.h:2259
#define CERT_FIND_SIGNATURE_HASH
Definition: wincrypt.h:2869
#define CERT_CHAIN_POLICY_IGNORE_CTL_SIGNER_REV_UNKNOWN_FLAG
Definition: wincrypt.h:986
#define CERT_SIGNATURE_HASH_PROP_ID
Definition: wincrypt.h:2701
#define CERT_SYSTEM_STORE_CURRENT_USER
Definition: wincrypt.h:2324
#define CERT_CHAIN_POLICY_IGNORE_NOT_TIME_VALID_FLAG
Definition: wincrypt.h:970
#define TRUST_E_SUBJECT_NOT_TRUSTED
Definition: winerror.h:3115
#define WTPF_TESTCANBEVALID
Definition: wintrust.h:437
#define WTPF_TRUSTTEST
Definition: wintrust.h:436
#define WTPF_IGNOREEXPIRATION
Definition: wintrust.h:438
#define WTPF_IGNOREREVOKATION
Definition: wintrust.h:439
__wchar_t WCHAR
Definition: xmlstorage.h:180

◆ SoftpubCheckCert()

BOOL WINAPI SoftpubCheckCert ( CRYPT_PROVIDER_DATA data,
DWORD  idxSigner,
BOOL  fCounterSignerChain,
DWORD  idxCounterSigner 
)

Definition at line 883 of file softpub.c.

885{
886 BOOL ret;
887
888 TRACE("(%p, %d, %d, %d)\n", data, idxSigner, fCounterSignerChain,
889 idxCounterSigner);
890
891 if (fCounterSignerChain)
892 {
893 FIXME("unimplemented for counter signers\n");
894 ret = FALSE;
895 }
896 else
897 {
898 PCERT_SIMPLE_CHAIN simpleChain =
899 data->pasSigners[idxSigner].pChainContext->rgpChain[0];
900 DWORD i;
901
902 ret = TRUE;
903 for (i = 0; i < simpleChain->cElement; i++)
904 {
905 /* Set confidence */
906 data->pasSigners[idxSigner].pasCertChain[i].dwConfidence =
908 simpleChain->rgpElement[i]->TrustStatus.dwErrorStatus);
909 /* Set additional flags */
910 if (!(simpleChain->rgpElement[i]->TrustStatus.dwErrorStatus &
912 data->pasSigners[idxSigner].pasCertChain[i].fTrustedRoot = TRUE;
913 if (simpleChain->rgpElement[i]->TrustStatus.dwInfoStatus &
915 data->pasSigners[idxSigner].pasCertChain[i].fSelfSigned = TRUE;
916 if (simpleChain->rgpElement[i]->TrustStatus.dwErrorStatus &
918 data->pasSigners[idxSigner].pasCertChain[i].fIsCyclic = TRUE;
919 }
920 }
921 return ret;
922}
static DWORD WINTRUST_TrustStatusToConfidence(DWORD errorStatus)
Definition: softpub.c:869
CERT_TRUST_STATUS TrustStatus
Definition: wincrypt.h:917
PCERT_CHAIN_ELEMENT * rgpElement
Definition: wincrypt.h:928
#define CERT_TRUST_IS_CYCLIC
Definition: wincrypt.h:877
#define CERT_TRUST_IS_SELF_SIGNED
Definition: wincrypt.h:899
#define CERT_TRUST_IS_UNTRUSTED_ROOT
Definition: wincrypt.h:875

◆ SoftpubCleanup()

HRESULT WINAPI SoftpubCleanup ( CRYPT_PROVIDER_DATA data)

Definition at line 1351 of file softpub.c.

1352{
1353 DWORD i, j;
1354
1355 for (i = 0; i < data->csSigners; i++)
1356 {
1357 for (j = 0; j < data->pasSigners[i].csCertChain; j++)
1358 CertFreeCertificateContext(data->pasSigners[i].pasCertChain[j].pCert);
1359 data->psPfns->pfnFree(data->pasSigners[i].pasCertChain);
1360 data->psPfns->pfnFree(data->pasSigners[i].psSigner);
1361 CertFreeCertificateChain(data->pasSigners[i].pChainContext);
1362 }
1363 data->psPfns->pfnFree(data->pasSigners);
1364
1365 for (i = 0; i < data->chStores; i++)
1366 CertCloseStore(data->pahStores[i], 0);
1367 data->psPfns->pfnFree(data->pahStores);
1368
1369 if (data->u.pPDSip)
1370 {
1371 data->psPfns->pfnFree(data->u.pPDSip->pSip);
1372 data->psPfns->pfnFree(data->u.pPDSip->pCATSip);
1373 data->psPfns->pfnFree(data->u.pPDSip->psSipSubjectInfo);
1374 data->psPfns->pfnFree(data->u.pPDSip->psSipCATSubjectInfo);
1375 data->psPfns->pfnFree(data->u.pPDSip->psIndirectData);
1376 }
1377
1378 CryptMsgClose(data->hMsg);
1379
1380 if (data->fOpenedFile &&
1381 data->pWintrustData->dwUnionChoice == WTD_CHOICE_FILE &&
1382 data->pWintrustData->u.pFile)
1383 {
1384 CloseHandle(data->pWintrustData->u.pFile->hFile);
1385 data->pWintrustData->u.pFile->hFile = INVALID_HANDLE_VALUE;
1386 data->fOpenedFile = FALSE;
1387 }
1388
1389 return S_OK;
1390}
VOID WINAPI CertFreeCertificateChain(PCCERT_CHAIN_CONTEXT pChainContext)
Definition: chain.c:2960
BOOL WINAPI CryptMsgClose(HCRYPTMSG hCryptMsg)
Definition: msg.c:3597
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint GLint GLint j
Definition: glfuncs.h:250
#define WTD_CHOICE_FILE
Definition: wintrust.h:91

◆ SoftpubDefCertInit()

HRESULT WINAPI SoftpubDefCertInit ( CRYPT_PROVIDER_DATA data)

Definition at line 34 of file softpub.c.

35{
37
38 TRACE("(%p)\n", data);
39
40 if (data->padwTrustStepErrors &&
41 !data->padwTrustStepErrors[TRUSTERROR_STEP_FINAL_WVTINIT])
42 ret = S_OK;
43 TRACE("returning %08x\n", ret);
44 return ret;
45}
#define TRUSTERROR_STEP_FINAL_WVTINIT
Definition: wintrust.h:273

◆ SoftpubInitialize()

HRESULT WINAPI SoftpubInitialize ( CRYPT_PROVIDER_DATA data)

Definition at line 47 of file softpub.c.

48{
50
51 TRACE("(%p)\n", data);
52
53 if (data->padwTrustStepErrors &&
54 !data->padwTrustStepErrors[TRUSTERROR_STEP_FINAL_WVTINIT])
55 ret = S_OK;
56 TRACE("returning %08x\n", ret);
57 return ret;
58}

◆ SoftpubLoadMessage()

HRESULT WINAPI SoftpubLoadMessage ( CRYPT_PROVIDER_DATA data)

Definition at line 599 of file softpub.c.

600{
602
603 TRACE("(%p)\n", data);
604
605 if (!data->padwTrustStepErrors)
606 return S_FALSE;
607
608 switch (data->pWintrustData->dwUnionChoice)
609 {
610 case WTD_CHOICE_CERT:
612 break;
613 case WTD_CHOICE_FILE:
615 break;
618 break;
619 default:
620 FIXME("unimplemented for %d\n", data->pWintrustData->dwUnionChoice);
622 }
623
624 if (err)
625 data->padwTrustStepErrors[TRUSTERROR_STEP_FINAL_OBJPROV] = err;
626 TRACE("returning %d (%08x)\n", !err ? S_OK : S_FALSE,
627 data->padwTrustStepErrors[TRUSTERROR_STEP_FINAL_OBJPROV]);
628 return !err ? S_OK : S_FALSE;
629}
static DWORD SOFTPUB_LoadFileMessage(CRYPT_PROVIDER_DATA *data)
Definition: softpub.c:518
static DWORD SOFTPUB_LoadCatalogMessage(CRYPT_PROVIDER_DATA *data)
Definition: softpub.c:560
static DWORD SOFTPUB_LoadCertMessage(CRYPT_PROVIDER_DATA *data)
Definition: softpub.c:469
#define WTD_CHOICE_CATALOG
Definition: wintrust.h:92
#define TRUSTERROR_STEP_FINAL_OBJPROV
Definition: wintrust.h:275
#define WTD_CHOICE_CERT
Definition: wintrust.h:95

◆ SoftpubLoadSignature()

HRESULT WINAPI SoftpubLoadSignature ( CRYPT_PROVIDER_DATA data)

Definition at line 833 of file softpub.c.

834{
835 DWORD err;
836
837 TRACE("(%p)\n", data);
838
839 if (!data->padwTrustStepErrors)
840 return S_FALSE;
841
842 if (data->hMsg)
843 {
844 DWORD signerCount, size;
845
846 size = sizeof(signerCount);
848 &signerCount, &size))
849 {
850 DWORD i;
851
853 for (i = 0; !err && i < signerCount; i++)
854 {
855 if (!(err = WINTRUST_SaveSigner(data, i)))
857 }
858 }
859 else
861 }
862 else
864 if (err)
865 data->padwTrustStepErrors[TRUSTERROR_STEP_FINAL_SIGPROV] = err;
866 return !err ? S_OK : S_FALSE;
867}
static DWORD WINTRUST_SaveSigner(CRYPT_PROVIDER_DATA *data, DWORD signerIdx)
Definition: softpub.c:749
static DWORD WINTRUST_VerifySigner(CRYPT_PROVIDER_DATA *data, DWORD signerIdx)
Definition: softpub.c:798
#define CMSG_SIGNER_COUNT_PARAM
Definition: wincrypt.h:3929
#define TRUSTERROR_STEP_FINAL_SIGPROV
Definition: wintrust.h:276

◆ WINE_DEFAULT_DEBUG_CHANNEL()

WINE_DEFAULT_DEBUG_CHANNEL ( wintrust  )

◆ WINTRUST_CopyChain()

static DWORD WINTRUST_CopyChain ( CRYPT_PROVIDER_DATA data,
DWORD  signerIdx 
)
static

Definition at line 969 of file softpub.c.

970{
971 DWORD err, i;
972 PCERT_SIMPLE_CHAIN simpleChain =
973 data->pasSigners[signerIdx].pChainContext->rgpChain[0];
974
975 data->pasSigners[signerIdx].pasCertChain[0].dwConfidence =
977 simpleChain->rgpElement[0]->TrustStatus.dwErrorStatus);
978 data->pasSigners[signerIdx].pasCertChain[0].pChainElement =
979 simpleChain->rgpElement[0];
981 for (i = 1; !err && i < simpleChain->cElement; i++)
982 {
983 if (data->psPfns->pfnAddCert2Chain(data, signerIdx, FALSE, 0,
984 simpleChain->rgpElement[i]->pCertContext))
985 {
986 data->pasSigners[signerIdx].pasCertChain[i].pChainElement =
987 simpleChain->rgpElement[i];
988 data->pasSigners[signerIdx].pasCertChain[i].dwConfidence =
990 simpleChain->rgpElement[i]->TrustStatus.dwErrorStatus);
991 }
992 else
993 err = GetLastError();
994 }
995 data->pasSigners[signerIdx].pasCertChain[simpleChain->cElement - 1].dwError
997 simpleChain->rgpElement[simpleChain->cElement - 1]->
998 TrustStatus.dwErrorStatus);
999 return err;
1000}
static DWORD WINTRUST_TrustStatusToError(DWORD errorStatus)
Definition: softpub.c:924
PCCERT_CONTEXT pCertContext
Definition: wincrypt.h:916

Referenced by WINTRUST_CreateChainForSigner().

◆ WINTRUST_CreateChainForSigner()

static DWORD WINTRUST_CreateChainForSigner ( CRYPT_PROVIDER_DATA data,
DWORD  signer,
PWTD_GENERIC_CHAIN_POLICY_CREATE_INFO  createInfo,
PCERT_CHAIN_PARA  chainPara 
)
static

Definition at line 1028 of file softpub.c.

1031{
1033 HCERTSTORE store = NULL;
1034
1035 if (data->chStores)
1036 {
1039 if (store)
1040 {
1041 DWORD i;
1042
1043 for (i = 0; i < data->chStores; i++)
1044 CertAddStoreToCollection(store, data->pahStores[i], 0, 0);
1045 }
1046 else
1047 err = GetLastError();
1048 }
1049 if (!err)
1050 {
1051 /* Expect the end certificate for each signer to be the only cert in
1052 * the chain:
1053 */
1054 if (data->pasSigners[signer].csCertChain)
1055 {
1056 BOOL ret;
1057
1058 /* Create a certificate chain for each signer */
1060 data->pasSigners[signer].pasCertChain[0].pCert,
1061 &data->pasSigners[signer].sftVerifyAsOf, store,
1062 chainPara, createInfo->dwFlags, createInfo->pvReserved,
1063 &data->pasSigners[signer].pChainContext);
1064 if (ret)
1065 {
1066 if (data->pasSigners[signer].pChainContext->cChain != 1)
1067 {
1068 FIXME("unimplemented for more than 1 simple chain\n");
1069 err = E_NOTIMPL;
1070 }
1071 else
1072 {
1073 if (!(err = WINTRUST_CopyChain(data, signer)))
1074 {
1075 if (data->psPfns->pfnCertCheckPolicy)
1076 {
1077 ret = data->psPfns->pfnCertCheckPolicy(data, signer,
1078 FALSE, 0);
1079 if (!ret)
1080 err = GetLastError();
1081 }
1082 else
1083 TRACE(
1084 "no cert check policy, skipping policy check\n");
1085 }
1086 }
1087 }
1088 else
1089 err = GetLastError();
1090 }
1091 CertCloseStore(store, 0);
1092 }
1093 return err;
1094}
BOOL WINAPI CertAddStoreToCollection(HCERTSTORE hCollectionStore, HCERTSTORE hSiblingStore, DWORD dwUpdateFlags, DWORD dwPriority)
#define E_NOTIMPL
Definition: ddrawi.h:99
BOOL WINAPI CertGetCertificateChain(HCERTCHAINENGINE hChainEngine, PCCERT_CONTEXT pCertContext, LPFILETIME pTime, HCERTSTORE hAdditionalStore, PCERT_CHAIN_PARA pChainPara, DWORD dwFlags, LPVOID pvReserved, PCCERT_CHAIN_CONTEXT *ppChainContext)
Definition: chain.c:2879
static DWORD WINTRUST_CopyChain(CRYPT_PROVIDER_DATA *data, DWORD signerIdx)
Definition: softpub.c:969
#define CERT_STORE_PROV_COLLECTION
Definition: wincrypt.h:2261
#define CERT_STORE_CREATE_NEW_FLAG
Definition: wincrypt.h:2464

Referenced by GenericChainCertificateTrust(), and WintrustCertificateTrust().

◆ WINTRUST_CreateChainPolicyCreateInfo()

static void WINTRUST_CreateChainPolicyCreateInfo ( const CRYPT_PROVIDER_DATA data,
PWTD_GENERIC_CHAIN_POLICY_CREATE_INFO  info,
PCERT_CHAIN_PARA  chainPara 
)
static

Definition at line 1002 of file softpub.c.

1005{
1006 chainPara->cbSize = sizeof(CERT_CHAIN_PARA);
1007 if (data->pRequestUsage)
1008 chainPara->RequestedUsage = *data->pRequestUsage;
1009 else
1010 {
1011 chainPara->RequestedUsage.dwType = 0;
1012 chainPara->RequestedUsage.Usage.cUsageIdentifier = 0;
1013 }
1014 info->u.cbSize = sizeof(WTD_GENERIC_CHAIN_POLICY_CREATE_INFO);
1015 info->hChainEngine = NULL;
1016 info->pChainPara = chainPara;
1017 if (data->dwProvFlags & CPD_REVOCATION_CHECK_END_CERT)
1019 else if (data->dwProvFlags & CPD_REVOCATION_CHECK_CHAIN)
1021 else if (data->dwProvFlags & CPD_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT)
1023 else
1024 info->dwFlags = 0;
1025 info->pvReserved = NULL;
1026}
struct _WTD_GENERIC_CHAIN_POLICY_CREATE_INFO WTD_GENERIC_CHAIN_POLICY_CREATE_INFO
CERT_USAGE_MATCH RequestedUsage
Definition: wincrypt.h:1070
CERT_ENHKEY_USAGE Usage
Definition: wincrypt.h:1048
DWORD cUsageIdentifier
Definition: wincrypt.h:719
struct _CERT_CHAIN_PARA CERT_CHAIN_PARA
#define CERT_CHAIN_REVOCATION_CHECK_CHAIN
Definition: wincrypt.h:1057
#define CERT_CHAIN_REVOCATION_CHECK_END_CERT
Definition: wincrypt.h:1056
#define CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT
Definition: wincrypt.h:1058
#define CPD_REVOCATION_CHECK_CHAIN
Definition: wintrust.h:389
#define CPD_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT
Definition: wintrust.h:390
#define CPD_REVOCATION_CHECK_END_CERT
Definition: wintrust.h:388

Referenced by GenericChainCertificateTrust(), and WintrustCertificateTrust().

◆ WINTRUST_DefaultPolicy()

static HRESULT WINAPI WINTRUST_DefaultPolicy ( CRYPT_PROVIDER_DATA pProvData,
DWORD  dwStepError,
DWORD  dwRegPolicySettings,
DWORD  cSigner,
PWTD_GENERIC_CHAIN_POLICY_SIGNER_INFO  rgpSigner,
void pvPolicyArg 
)
static

Definition at line 1256 of file softpub.c.

1259{
1260 DWORD i;
1261 CERT_CHAIN_POLICY_STATUS policyStatus = { sizeof(policyStatus), 0 };
1262
1263 for (i = 0; !policyStatus.dwError && i < cSigner; i++)
1264 {
1265 CERT_CHAIN_POLICY_PARA policyPara = { sizeof(policyPara), 0 };
1266
1267 if (dwRegPolicySettings & WTPF_IGNOREEXPIRATION)
1268 policyPara.dwFlags |=
1272 if (dwRegPolicySettings & WTPF_IGNOREREVOKATION)
1273 policyPara.dwFlags |=
1279 rgpSigner[i].pChainContext, &policyPara, &policyStatus);
1280 }
1281 return policyStatus.dwError;
1282}
#define CERT_CHAIN_POLICY_BASE
Definition: wincrypt.h:962

Referenced by GenericChainFinalProv().

◆ WINTRUST_GetSigner()

static CMSG_SIGNER_INFO * WINTRUST_GetSigner ( CRYPT_PROVIDER_DATA data,
DWORD  signerIdx 
)
static

Definition at line 631 of file softpub.c.

633{
634 BOOL ret;
635 CMSG_SIGNER_INFO *signerInfo = NULL;
636 DWORD size;
637
639 NULL, &size);
640 if (ret)
641 {
642 signerInfo = data->psPfns->pfnAlloc(size);
643 if (signerInfo)
644 {
646 signerIdx, signerInfo, &size);
647 if (!ret)
648 {
649 data->psPfns->pfnFree(signerInfo);
650 signerInfo = NULL;
651 }
652 }
653 else
655 }
656 return signerInfo;
657}
#define CMSG_SIGNER_INFO_PARAM
Definition: wincrypt.h:3930

Referenced by WINTRUST_SaveSigner().

◆ WINTRUST_GetSignerCertInfo()

static CERT_INFO * WINTRUST_GetSignerCertInfo ( CRYPT_PROVIDER_DATA data,
DWORD  signerIdx 
)
static

Definition at line 770 of file softpub.c.

772{
773 BOOL ret;
774 CERT_INFO *certInfo = NULL;
775 DWORD size;
776
778 NULL, &size);
779 if (ret)
780 {
781 certInfo = data->psPfns->pfnAlloc(size);
782 if (certInfo)
783 {
785 signerIdx, certInfo, &size);
786 if (!ret)
787 {
788 data->psPfns->pfnFree(certInfo);
789 certInfo = NULL;
790 }
791 }
792 else
794 }
795 return certInfo;
796}
#define CMSG_SIGNER_CERT_INFO_PARAM
Definition: wincrypt.h:3931

Referenced by WINTRUST_VerifySigner().

◆ WINTRUST_GetTimeFromCounterSigner()

static BOOL WINTRUST_GetTimeFromCounterSigner ( const CMSG_CMS_SIGNER_INFO counterSignerInfo,
FILETIME time 
)
static

Definition at line 659 of file softpub.c.

661{
662 DWORD i;
663 BOOL foundTimeStamp = FALSE;
664
665 for (i = 0; !foundTimeStamp && i < counterSignerInfo->AuthAttrs.cAttr; i++)
666 {
667 if (!strcmp(counterSignerInfo->AuthAttrs.rgAttr[i].pszObjId,
669 {
670 const CRYPT_ATTRIBUTE *attr =
671 &counterSignerInfo->AuthAttrs.rgAttr[i];
672 DWORD j;
673
674 for (j = 0; !foundTimeStamp && j < attr->cValue; j++)
675 {
676 static const DWORD encoding = X509_ASN_ENCODING |
678 DWORD size = sizeof(FILETIME);
679
680 foundTimeStamp = CryptDecodeObjectEx(encoding,
682 attr->rgValue[j].pbData, attr->rgValue[j].cbData, 0, NULL,
683 time, &size);
684 }
685 }
686 }
687 return foundTimeStamp;
688}
BOOL WINAPI CryptDecodeObjectEx(DWORD dwCertEncodingType, LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, DWORD dwFlags, PCRYPT_DECODE_PARA pDecodePara, void *pvStructInfo, DWORD *pcbStructInfo)
Definition: decode.c:6286
struct _FILETIME FILETIME
CRYPT_ATTRIBUTES AuthAttrs
Definition: wincrypt.h:3967
PCRYPT_ATTRIBUTE rgAttr
Definition: wincrypt.h:595
Definition: cookie.c:202
#define X509_CHOICE_OF_TIME
Definition: wincrypt.h:3397
#define szOID_RSA_signingTime
Definition: wincrypt.h:3039
#define PKCS_7_ASN_ENCODING
Definition: wincrypt.h:2299
static char * encoding
Definition: xmllint.c:155

Referenced by WINTRUST_GetTimeFromSigner().

◆ WINTRUST_GetTimeFromSigner()

static FILETIME WINTRUST_GetTimeFromSigner ( const CRYPT_PROVIDER_DATA data,
const CMSG_SIGNER_INFO signerInfo 
)
static

Definition at line 704 of file softpub.c.

706{
707 DWORD i;
709 BOOL foundTimeStamp = FALSE;
710
711 for (i = 0; !foundTimeStamp && i < signerInfo->UnauthAttrs.cAttr; i++)
712 {
713 if (!strcmp(signerInfo->UnauthAttrs.rgAttr[i].pszObjId,
715 {
716 const CRYPT_ATTRIBUTE *attr = &signerInfo->UnauthAttrs.rgAttr[i];
717 DWORD j;
718
719 for (j = 0; j < attr->cValue; j++)
720 {
721 static const DWORD encoding = X509_ASN_ENCODING |
723 CMSG_CMS_SIGNER_INFO *counterSignerInfo;
724 DWORD size;
726 attr->rgValue[j].pbData, attr->rgValue[j].cbData,
727 CRYPT_DECODE_ALLOC_FLAG, NULL, &counterSignerInfo, &size);
728 if (ret)
729 {
730 /* FIXME: need to verify countersigner signature too */
731 foundTimeStamp = WINTRUST_GetTimeFromCounterSigner(
732 counterSignerInfo, &time);
733 LocalFree(counterSignerInfo);
734 }
735 }
736 }
737 }
738 if (!foundTimeStamp)
739 {
740 TRACE("returning system time %s\n",
741 filetime_to_str(&data->sftSystemTime));
742 time = data->sftSystemTime;
743 }
744 else
745 TRACE("returning time from message %s\n", filetime_to_str(&time));
746 return time;
747}
static BOOL WINTRUST_GetTimeFromCounterSigner(const CMSG_CMS_SIGNER_INFO *counterSignerInfo, FILETIME *time)
Definition: softpub.c:659
static LPCSTR filetime_to_str(const FILETIME *time)
Definition: softpub.c:690
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1594
CRYPT_ATTRIBUTES UnauthAttrs
Definition: wincrypt.h:776
#define CRYPT_DECODE_ALLOC_FLAG
Definition: wincrypt.h:3454
#define CMS_SIGNER_INFO
Definition: wincrypt.h:3437
#define szOID_RSA_counterSign
Definition: wincrypt.h:3040

Referenced by WINTRUST_SaveSigner().

◆ WINTRUST_SaveSigner()

static DWORD WINTRUST_SaveSigner ( CRYPT_PROVIDER_DATA data,
DWORD  signerIdx 
)
static

Definition at line 749 of file softpub.c.

750{
751 DWORD err;
752 CMSG_SIGNER_INFO *signerInfo = WINTRUST_GetSigner(data, signerIdx);
753
754 if (signerInfo)
755 {
756 CRYPT_PROVIDER_SGNR sgnr = { sizeof(sgnr), { 0 } };
757
758 sgnr.psSigner = signerInfo;
760 if (!data->psPfns->pfnAddSgnr2Chain(data, FALSE, signerIdx, &sgnr))
761 err = GetLastError();
762 else
764 }
765 else
766 err = GetLastError();
767 return err;
768}
static FILETIME WINTRUST_GetTimeFromSigner(const CRYPT_PROVIDER_DATA *data, const CMSG_SIGNER_INFO *signerInfo)
Definition: softpub.c:704
static CMSG_SIGNER_INFO * WINTRUST_GetSigner(CRYPT_PROVIDER_DATA *data, DWORD signerIdx)
Definition: softpub.c:631
CMSG_SIGNER_INFO * psSigner
Definition: wintrust.h:237

Referenced by SoftpubLoadSignature().

◆ WINTRUST_TrustStatusToConfidence()

static DWORD WINTRUST_TrustStatusToConfidence ( DWORD  errorStatus)
static

Definition at line 869 of file softpub.c.

870{
871 DWORD confidence = 0;
872
873 confidence = 0;
874 if (!(errorStatus & CERT_TRUST_IS_NOT_SIGNATURE_VALID))
875 confidence |= CERT_CONFIDENCE_SIG;
876 if (!(errorStatus & CERT_TRUST_IS_NOT_TIME_VALID))
877 confidence |= CERT_CONFIDENCE_TIME;
878 if (!(errorStatus & CERT_TRUST_IS_NOT_TIME_NESTED))
879 confidence |= CERT_CONFIDENCE_TIMENEST;
880 return confidence;
881}
#define CERT_TRUST_IS_NOT_TIME_NESTED
Definition: wincrypt.h:871
#define CERT_TRUST_IS_NOT_SIGNATURE_VALID
Definition: wincrypt.h:873
#define CERT_TRUST_IS_NOT_TIME_VALID
Definition: wincrypt.h:870
#define CERT_CONFIDENCE_TIME
Definition: wintrust.h:225
#define CERT_CONFIDENCE_TIMENEST
Definition: wintrust.h:226
#define CERT_CONFIDENCE_SIG
Definition: wintrust.h:224

Referenced by SoftpubCheckCert(), and WINTRUST_CopyChain().

◆ WINTRUST_TrustStatusToError()

static DWORD WINTRUST_TrustStatusToError ( DWORD  errorStatus)
static

Definition at line 924 of file softpub.c.

925{
926 DWORD error;
927
928 if (errorStatus & CERT_TRUST_IS_NOT_SIGNATURE_VALID)
930 else if (errorStatus & CERT_TRUST_IS_UNTRUSTED_ROOT)
932 else if (errorStatus & CERT_TRUST_IS_NOT_TIME_VALID)
934 else if (errorStatus & CERT_TRUST_IS_NOT_TIME_NESTED)
936 else if (errorStatus & CERT_TRUST_IS_REVOKED)
938 else if (errorStatus & CERT_TRUST_IS_OFFLINE_REVOCATION ||
941 else if (errorStatus & CERT_TRUST_IS_NOT_VALID_FOR_USAGE)
943 else if (errorStatus & CERT_TRUST_IS_CYCLIC)
945 else if (errorStatus & CERT_TRUST_INVALID_EXTENSION)
947 else if (errorStatus & CERT_TRUST_INVALID_POLICY_CONSTRAINTS)
949 else if (errorStatus & CERT_TRUST_INVALID_BASIC_CONSTRAINTS)
951 else if (errorStatus & CERT_TRUST_INVALID_NAME_CONSTRAINTS ||
957 else if (errorStatus & CERT_TRUST_NO_ISSUANCE_CHAIN_POLICY)
959 else if (errorStatus)
960 {
961 FIXME("unknown error status %08x\n", errorStatus);
963 }
964 else
965 error = S_OK;
966 return error;
967}
#define CERT_TRUST_IS_REVOKED
Definition: wincrypt.h:872
#define CERT_TRUST_INVALID_POLICY_CONSTRAINTS
Definition: wincrypt.h:879
#define CERT_TRUST_REVOCATION_STATUS_UNKNOWN
Definition: wincrypt.h:876
#define CERT_TRUST_INVALID_EXTENSION
Definition: wincrypt.h:878
#define CERT_TRUST_INVALID_BASIC_CONSTRAINTS
Definition: wincrypt.h:880
#define CERT_TRUST_IS_OFFLINE_REVOCATION
Definition: wincrypt.h:886
#define CERT_TRUST_NO_ISSUANCE_CHAIN_POLICY
Definition: wincrypt.h:887
#define CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT
Definition: wincrypt.h:884
#define CERT_TRUST_INVALID_NAME_CONSTRAINTS
Definition: wincrypt.h:881
#define CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT
Definition: wincrypt.h:883
#define CERT_TRUST_HAS_EXCLUDED_NAME_CONSTRAINT
Definition: wincrypt.h:885
#define CERT_TRUST_IS_NOT_VALID_FOR_USAGE
Definition: wincrypt.h:874
#define CERT_TRUST_HAS_NOT_SUPPORTED_NAME_CONSTRAINT
Definition: wincrypt.h:882
#define CERT_E_REVOCATION_FAILURE
Definition: winerror.h:3130
#define CERT_E_CHAINING
Definition: winerror.h:3126
#define CERT_E_UNTRUSTEDROOT
Definition: winerror.h:3125
#define CERT_E_INVALID_POLICY
Definition: winerror.h:3135
#define CERT_E_REVOKED
Definition: winerror.h:3128
#define CERT_E_WRONG_USAGE
Definition: winerror.h:3132
#define TRUST_E_CERT_SIGNATURE
Definition: winerror.h:3107
#define CERT_E_VALIDITYPERIODNESTING
Definition: winerror.h:3118
#define CERT_E_CRITICAL
Definition: winerror.h:3121
#define TRUST_E_BASIC_CONSTRAINTS
Definition: winerror.h:3110
#define CERT_E_EXPIRED
Definition: winerror.h:3117
#define CERT_E_INVALID_NAME
Definition: winerror.h:3136

Referenced by WINTRUST_CopyChain().

◆ WINTRUST_VerifySigner()

static DWORD WINTRUST_VerifySigner ( CRYPT_PROVIDER_DATA data,
DWORD  signerIdx 
)
static

Definition at line 798 of file softpub.c.

799{
800 DWORD err;
801 CERT_INFO *certInfo = WINTRUST_GetSignerCertInfo(data, signerIdx);
802
803 if (certInfo)
804 {
806 data->pahStores[0], data->dwEncoding, certInfo);
807
808 if (subject)
809 {
810 CMSG_CTRL_VERIFY_SIGNATURE_EX_PARA para = { sizeof(para), 0,
811 signerIdx, CMSG_VERIFY_SIGNER_CERT, (LPVOID)subject };
812
814 &para))
816 else
817 {
818 data->psPfns->pfnAddCert2Chain(data, signerIdx, FALSE, 0,
819 subject);
821 }
823 }
824 else
826 data->psPfns->pfnFree(certInfo);
827 }
828 else
829 err = GetLastError();
830 return err;
831}
PCCERT_CONTEXT WINAPI CertGetSubjectCertificateFromStore(HCERTSTORE hCertStore, DWORD dwCertEncodingType, PCERT_INFO pCertId)
Definition: cert.c:1831
BOOL WINAPI CryptMsgControl(HCRYPTMSG hCryptMsg, DWORD dwFlags, DWORD dwCtrlType, const void *pvCtrlPara)
Definition: msg.c:3636
static CERT_INFO * WINTRUST_GetSignerCertInfo(CRYPT_PROVIDER_DATA *data, DWORD signerIdx)
Definition: softpub.c:770
#define CMSG_CTRL_VERIFY_SIGNATURE_EX
Definition: wincrypt.h:3885
#define CMSG_VERIFY_SIGNER_CERT
Definition: wincrypt.h:3921
#define TRUST_E_NO_SIGNER_CERT
Definition: winerror.h:3105

Referenced by SoftpubLoadSignature().

◆ WintrustCertificateTrust()

HRESULT WINAPI WintrustCertificateTrust ( CRYPT_PROVIDER_DATA data)

Definition at line 1096 of file softpub.c.

1097{
1098 DWORD err;
1099
1100 TRACE("(%p)\n", data);
1101
1102 if (!data->csSigners)
1104 else
1105 {
1106 DWORD i;
1108 CERT_CHAIN_PARA chainPara;
1109
1110 WINTRUST_CreateChainPolicyCreateInfo(data, &createInfo, &chainPara);
1112 for (i = 0; !err && i < data->csSigners; i++)
1113 err = WINTRUST_CreateChainForSigner(data, i, &createInfo,
1114 &chainPara);
1115 }
1116 if (err)
1117 data->padwTrustStepErrors[TRUSTERROR_STEP_FINAL_CERTPROV] = err;
1118 TRACE("returning %d (%08x)\n", !err ? S_OK : S_FALSE,
1119 data->padwTrustStepErrors[TRUSTERROR_STEP_FINAL_CERTPROV]);
1120 return !err ? S_OK : S_FALSE;
1121}