1 /*
2 * Register related wintrust functions
3 *
4 * Copyright 2006 Paul Vriens
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
19 */
20
21 #include <stdarg.h>
22
23 #include "windef.h"
24 #include "winbase.h"
25 #include "winerror.h"
26 #include "winuser.h"
27 #include "winreg.h"
28 #include "winnls.h"
29 #include "objbase.h"
30
31 #include "guiddef.h"
32 #include "wintrust.h"
33 #include "softpub.h"
34 #include "mssip.h"
35 #include "wintrust_priv.h"
36 #include "wine/debug.h"
37
38 WINE_DEFAULT_DEBUG_CHANNEL(wintrust);
39
40 static CRYPT_TRUST_REG_ENTRY SoftpubInitialization;
41 static CRYPT_TRUST_REG_ENTRY SoftpubMessage;
42 static CRYPT_TRUST_REG_ENTRY SoftpubSignature;
43 static CRYPT_TRUST_REG_ENTRY SoftpubCertificate;
44 static CRYPT_TRUST_REG_ENTRY SoftpubCertCheck;
45 static CRYPT_TRUST_REG_ENTRY SoftpubFinalPolicy;
46 static CRYPT_TRUST_REG_ENTRY SoftpubCleanup;
47
48 static CRYPT_TRUST_REG_ENTRY SoftpubDefCertInit;
49
50 static CRYPT_TRUST_REG_ENTRY SoftpubDumpStructure;
51
52 static CRYPT_TRUST_REG_ENTRY HTTPSCertificateTrust;
53 static CRYPT_TRUST_REG_ENTRY HTTPSFinalProv;
54
55 static CRYPT_TRUST_REG_ENTRY OfficeInitializePolicy;
56 static CRYPT_TRUST_REG_ENTRY OfficeCleanupPolicy;
57
58 static CRYPT_TRUST_REG_ENTRY DriverInitializePolicy;
59 static CRYPT_TRUST_REG_ENTRY DriverFinalPolicy;
60 static CRYPT_TRUST_REG_ENTRY DriverCleanupPolicy;
61
62 static CRYPT_TRUST_REG_ENTRY GenericChainCertificateTrust;
63 static CRYPT_TRUST_REG_ENTRY GenericChainFinalProv;
64
65 static const CRYPT_TRUST_REG_ENTRY NullCTRE = { 0, NULL, NULL };
66
67 static const WCHAR Trust[] = {'S','o','f','t','w','a','r','e','\\',
68 'M','i','c','r','o','s','o','f','t','\\',
69 'C','r','y','p','t','o','g','r','a','p','h','y','\\',
70 'P','r','o','v','i','d','e','r','s','\\',
71 'T','r','u','s','t','\\', 0 };
72
73 static const WCHAR Initialization[] = {'I','n','i','t','i','a','l','i','z','a','t','i','o','n','\\', 0};
74 static const WCHAR Message[] = {'M','e','s','s','a','g','e','\\', 0};
75 static const WCHAR Signature[] = {'S','i','g','n','a','t','u','r','e','\\', 0};
76 static const WCHAR Certificate[] = {'C','e','r','t','i','f','i','c','a','t','e','\\', 0};
77 static const WCHAR CertCheck[] = {'C','e','r','t','C','h','e','c','k','\\', 0};
78 static const WCHAR FinalPolicy[] = {'F','i','n','a','l','P','o','l','i','c','y','\\', 0};
79 static const WCHAR DiagnosticPolicy[] = {'D','i','a','g','n','o','s','t','i','c','P','o','l','i','c','y','\\', 0};
80 static const WCHAR Cleanup[] = {'C','l','e','a','n','u','p','\\', 0};
81
82 static const WCHAR DefaultId[] = {'D','e','f','a','u','l','t','I','d', 0};
83 static const WCHAR Dll[] = {'$','D','L','L', 0};
84
85 /***********************************************************************
86 * WINTRUST_InitRegStructs
87 *
88 * Helper function to allocate and initialize the members of the
89 * CRYPT_TRUST_REG_ENTRY structs.
90 */
WINTRUST_InitRegStructs(void)91 static void WINTRUST_InitRegStructs(void)
92 {
93 #define WINTRUST_INITREGENTRY( action, dllname, functionname ) \
94 action.cbStruct = sizeof(CRYPT_TRUST_REG_ENTRY); \
95 action.pwszDLLName = WINTRUST_Alloc(sizeof(dllname)); \
96 lstrcpyW(action.pwszDLLName, dllname); \
97 action.pwszFunctionName = WINTRUST_Alloc(sizeof(functionname)); \
98 lstrcpyW(action.pwszFunctionName, functionname);
99
100 WINTRUST_INITREGENTRY(SoftpubInitialization, SP_POLICY_PROVIDER_DLL_NAME, SP_INIT_FUNCTION)
101 WINTRUST_INITREGENTRY(SoftpubMessage, SP_POLICY_PROVIDER_DLL_NAME, SP_OBJTRUST_FUNCTION)
102 WINTRUST_INITREGENTRY(SoftpubSignature, SP_POLICY_PROVIDER_DLL_NAME, SP_SIGTRUST_FUNCTION)
103 WINTRUST_INITREGENTRY(SoftpubCertificate, SP_POLICY_PROVIDER_DLL_NAME, WT_PROVIDER_CERTTRUST_FUNCTION)
104 WINTRUST_INITREGENTRY(SoftpubCertCheck, SP_POLICY_PROVIDER_DLL_NAME, SP_CHKCERT_FUNCTION)
105 WINTRUST_INITREGENTRY(SoftpubFinalPolicy, SP_POLICY_PROVIDER_DLL_NAME, SP_FINALPOLICY_FUNCTION)
106 WINTRUST_INITREGENTRY(SoftpubCleanup, SP_POLICY_PROVIDER_DLL_NAME, SP_CLEANUPPOLICY_FUNCTION)
107 WINTRUST_INITREGENTRY(SoftpubDefCertInit, SP_POLICY_PROVIDER_DLL_NAME, SP_GENERIC_CERT_INIT_FUNCTION)
108 WINTRUST_INITREGENTRY(SoftpubDumpStructure, SP_POLICY_PROVIDER_DLL_NAME, SP_TESTDUMPPOLICY_FUNCTION_TEST)
109 WINTRUST_INITREGENTRY(HTTPSCertificateTrust, SP_POLICY_PROVIDER_DLL_NAME, HTTPS_CERTTRUST_FUNCTION)
110 WINTRUST_INITREGENTRY(HTTPSFinalProv, SP_POLICY_PROVIDER_DLL_NAME, HTTPS_FINALPOLICY_FUNCTION)
111 WINTRUST_INITREGENTRY(OfficeInitializePolicy, OFFICE_POLICY_PROVIDER_DLL_NAME, OFFICE_INITPROV_FUNCTION)
112 WINTRUST_INITREGENTRY(OfficeCleanupPolicy, OFFICE_POLICY_PROVIDER_DLL_NAME, OFFICE_CLEANUPPOLICY_FUNCTION)
113 WINTRUST_INITREGENTRY(DriverInitializePolicy, SP_POLICY_PROVIDER_DLL_NAME, DRIVER_INITPROV_FUNCTION)
114 WINTRUST_INITREGENTRY(DriverFinalPolicy, SP_POLICY_PROVIDER_DLL_NAME, DRIVER_FINALPOLPROV_FUNCTION)
115 WINTRUST_INITREGENTRY(DriverCleanupPolicy, SP_POLICY_PROVIDER_DLL_NAME, DRIVER_CLEANUPPOLICY_FUNCTION)
116 WINTRUST_INITREGENTRY(GenericChainCertificateTrust, SP_POLICY_PROVIDER_DLL_NAME, GENERIC_CHAIN_CERTTRUST_FUNCTION)
117 WINTRUST_INITREGENTRY(GenericChainFinalProv, SP_POLICY_PROVIDER_DLL_NAME, GENERIC_CHAIN_FINALPOLICY_FUNCTION)
118
119 #undef WINTRUST_INITREGENTRY
120 }
121
122 /***********************************************************************
123 * WINTRUST_FreeRegStructs
124 *
125 * Helper function to free 2 members of the CRYPT_TRUST_REG_ENTRY
126 * structs.
127 */
WINTRUST_FreeRegStructs(void)128 static void WINTRUST_FreeRegStructs(void)
129 {
130 #define WINTRUST_FREEREGENTRY( action ) \
131 WINTRUST_Free(action.pwszDLLName); \
132 WINTRUST_Free(action.pwszFunctionName);
133
134 WINTRUST_FREEREGENTRY(SoftpubInitialization);
135 WINTRUST_FREEREGENTRY(SoftpubMessage);
136 WINTRUST_FREEREGENTRY(SoftpubSignature);
137 WINTRUST_FREEREGENTRY(SoftpubCertificate);
138 WINTRUST_FREEREGENTRY(SoftpubCertCheck);
139 WINTRUST_FREEREGENTRY(SoftpubFinalPolicy);
140 WINTRUST_FREEREGENTRY(SoftpubCleanup);
141 WINTRUST_FREEREGENTRY(SoftpubDefCertInit);
142 WINTRUST_FREEREGENTRY(SoftpubDumpStructure);
143 WINTRUST_FREEREGENTRY(HTTPSCertificateTrust);
144 WINTRUST_FREEREGENTRY(HTTPSFinalProv);
145 WINTRUST_FREEREGENTRY(OfficeInitializePolicy);
146 WINTRUST_FREEREGENTRY(OfficeCleanupPolicy);
147 WINTRUST_FREEREGENTRY(DriverInitializePolicy);
148 WINTRUST_FREEREGENTRY(DriverFinalPolicy);
149 WINTRUST_FREEREGENTRY(DriverCleanupPolicy);
150 WINTRUST_FREEREGENTRY(GenericChainCertificateTrust);
151 WINTRUST_FREEREGENTRY(GenericChainFinalProv);
152
153 #undef WINTRUST_FREEREGENTRY
154 }
155
156 /***********************************************************************
157 * WINTRUST_guid2wstr
158 *
159 * Create a wide-string from a GUID
160 *
161 */
WINTRUST_Guid2Wstr(const GUID * pgActionID,WCHAR * GuidString)162 static void WINTRUST_Guid2Wstr(const GUID* pgActionID, WCHAR* GuidString)
163 {
164 static const WCHAR wszFormat[] = {'{','%','0','8','l','X','-','%','0','4','X','-','%','0','4','X','-',
165 '%','0','2','X','%','0','2','X','-','%','0','2','X','%','0','2','X','%','0','2','X','%','0','2',
166 'X','%','0','2','X','%','0','2','X','}', 0};
167
168 wsprintfW(GuidString, wszFormat, pgActionID->Data1, pgActionID->Data2, pgActionID->Data3,
169 pgActionID->Data4[0], pgActionID->Data4[1], pgActionID->Data4[2], pgActionID->Data4[3],
170 pgActionID->Data4[4], pgActionID->Data4[5], pgActionID->Data4[6], pgActionID->Data4[7]);
171 }
172
173 /***********************************************************************
174 * WINTRUST_WriteProviderToReg
175 *
176 * Helper function for WintrustAddActionID
177 *
178 */
WINTRUST_WriteProviderToReg(WCHAR * GuidString,const WCHAR * FunctionType,CRYPT_TRUST_REG_ENTRY RegEntry)179 static LONG WINTRUST_WriteProviderToReg(WCHAR* GuidString,
180 const WCHAR* FunctionType,
181 CRYPT_TRUST_REG_ENTRY RegEntry)
182 {
183 static const WCHAR Function[] = {'$','F','u','n','c','t','i','o','n', 0};
184 WCHAR ProvKey[MAX_PATH];
185 HKEY Key;
186 LONG Res = ERROR_SUCCESS;
187
188 /* Create the needed key string */
189 ProvKey[0]='\0';
190 lstrcatW(ProvKey, Trust);
191 lstrcatW(ProvKey, FunctionType);
192 lstrcatW(ProvKey, GuidString);
193
194 if (!RegEntry.pwszDLLName || !RegEntry.pwszFunctionName)
195 return ERROR_INVALID_PARAMETER;
196
197 Res = RegCreateKeyExW(HKEY_LOCAL_MACHINE, ProvKey, 0, NULL, 0, KEY_WRITE, NULL, &Key, NULL);
198 if (Res != ERROR_SUCCESS) goto error_close_key;
199
200 /* Create the $DLL entry */
201 Res = RegSetValueExW(Key, Dll, 0, REG_SZ, (BYTE*)RegEntry.pwszDLLName,
202 (lstrlenW(RegEntry.pwszDLLName) + 1)*sizeof(WCHAR));
203 if (Res != ERROR_SUCCESS) goto error_close_key;
204
205 /* Create the $Function entry */
206 Res = RegSetValueExW(Key, Function, 0, REG_SZ, (BYTE*)RegEntry.pwszFunctionName,
207 (lstrlenW(RegEntry.pwszFunctionName) + 1)*sizeof(WCHAR));
208
209 error_close_key:
210 RegCloseKey(Key);
211
212 return Res;
213 }
214
215 /***********************************************************************
216 * WintrustAddActionID (WINTRUST.@)
217 *
218 * Add the definitions of the actions a Trust provider can perform to
219 * the registry.
220 *
221 * PARAMS
222 * pgActionID [I] Pointer to a GUID for the Trust provider.
223 * fdwFlags [I] Flag to indicate whether registry errors are passed on.
224 * psProvInfo [I] Pointer to a structure with information about DLL
225 * name and functions.
226 *
227 * RETURNS
228 * Success: TRUE.
229 * Failure: FALSE. (Use GetLastError() for more information)
230 *
231 * NOTES
232 * Adding definitions is basically only adding relevant information
233 * to the registry. No verification takes place whether a DLL or its
234 * entrypoints exist.
235 * Information in the registry will always be overwritten.
236 *
237 */
WintrustAddActionID(GUID * pgActionID,DWORD fdwFlags,CRYPT_REGISTER_ACTIONID * psProvInfo)238 BOOL WINAPI WintrustAddActionID( GUID* pgActionID, DWORD fdwFlags,
239 CRYPT_REGISTER_ACTIONID* psProvInfo)
240 {
241 WCHAR GuidString[39];
242 LONG Res;
243 LONG WriteActionError = ERROR_SUCCESS;
244
245 TRACE("%s %x %p\n", debugstr_guid(pgActionID), fdwFlags, psProvInfo);
246
247 /* Some sanity checks.
248 * We use the W2K3 last error as it makes more sense (W2K leaves the last error
249 * as is).
250 */
251 if (!pgActionID ||
252 !psProvInfo ||
253 (psProvInfo->cbStruct != sizeof(CRYPT_REGISTER_ACTIONID)))
254 {
255 SetLastError(ERROR_INVALID_PARAMETER);
256 return FALSE;
257 }
258
259 /* Create this string only once, instead of in the helper function */
260 WINTRUST_Guid2Wstr( pgActionID, GuidString);
261
262 /* Write the information to the registry */
263 Res = WINTRUST_WriteProviderToReg(GuidString, Initialization , psProvInfo->sInitProvider);
264 if (Res != ERROR_SUCCESS) WriteActionError = Res;
265 Res = WINTRUST_WriteProviderToReg(GuidString, Message , psProvInfo->sObjectProvider);
266 if (Res != ERROR_SUCCESS) WriteActionError = Res;
267 Res = WINTRUST_WriteProviderToReg(GuidString, Signature , psProvInfo->sSignatureProvider);
268 if (Res != ERROR_SUCCESS) WriteActionError = Res;
269 Res = WINTRUST_WriteProviderToReg(GuidString, Certificate , psProvInfo->sCertificateProvider);
270 if (Res != ERROR_SUCCESS) WriteActionError = Res;
271 Res = WINTRUST_WriteProviderToReg(GuidString, CertCheck , psProvInfo->sCertificatePolicyProvider);
272 if (Res != ERROR_SUCCESS) WriteActionError = Res;
273 Res = WINTRUST_WriteProviderToReg(GuidString, FinalPolicy , psProvInfo->sFinalPolicyProvider);
274 if (Res != ERROR_SUCCESS) WriteActionError = Res;
275 Res = WINTRUST_WriteProviderToReg(GuidString, DiagnosticPolicy, psProvInfo->sTestPolicyProvider);
276 if (Res != ERROR_SUCCESS) WriteActionError = Res;
277 Res = WINTRUST_WriteProviderToReg(GuidString, Cleanup , psProvInfo->sCleanupProvider);
278 if (Res != ERROR_SUCCESS) WriteActionError = Res;
279
280 /* Testing (by restricting access to the registry for some keys) shows that the last failing function
281 * will be used for last error.
282 * If the flag WT_ADD_ACTION_ID_RET_RESULT_FLAG is set and there are errors when adding the action
283 * we have to return FALSE. Errors includes both invalid entries as well as registry errors.
284 * Testing also showed that one error doesn't stop the registry writes. Every action will be dealt with.
285 */
286
287 if (WriteActionError != ERROR_SUCCESS)
288 {
289 SetLastError(WriteActionError);
290
291 if (fdwFlags == WT_ADD_ACTION_ID_RET_RESULT_FLAG)
292 return FALSE;
293 }
294
295 return TRUE;
296 }
297
298 /***********************************************************************
299 * WINTRUST_RemoveProviderFromReg
300 *
301 * Helper function for WintrustRemoveActionID
302 *
303 */
WINTRUST_RemoveProviderFromReg(WCHAR * GuidString,const WCHAR * FunctionType)304 static void WINTRUST_RemoveProviderFromReg(WCHAR* GuidString,
305 const WCHAR* FunctionType)
306 {
307 WCHAR ProvKey[MAX_PATH];
308
309 /* Create the needed key string */
310 ProvKey[0]='\0';
311 lstrcatW(ProvKey, Trust);
312 lstrcatW(ProvKey, FunctionType);
313 lstrcatW(ProvKey, GuidString);
314
315 /* We don't care about success or failure */
316 RegDeleteKeyW(HKEY_LOCAL_MACHINE, ProvKey);
317 }
318
319 /***********************************************************************
320 * WintrustRemoveActionID (WINTRUST.@)
321 *
322 * Remove the definitions of the actions a Trust provider can perform
323 * from the registry.
324 *
325 * PARAMS
326 * pgActionID [I] Pointer to a GUID for the Trust provider.
327 *
328 * RETURNS
329 * Success: TRUE. (Use GetLastError() for more information)
330 * Failure: FALSE. (Use GetLastError() for more information)
331 *
332 * NOTES
333 * Testing shows that WintrustRemoveActionID always returns TRUE and
334 * that a possible error should be retrieved via GetLastError().
335 * There are no checks if the definitions are in the registry.
336 */
WintrustRemoveActionID(GUID * pgActionID)337 BOOL WINAPI WintrustRemoveActionID( GUID* pgActionID )
338 {
339 WCHAR GuidString[39];
340
341 TRACE("(%s)\n", debugstr_guid(pgActionID));
342
343 if (!pgActionID)
344 {
345 SetLastError(ERROR_INVALID_PARAMETER);
346 return TRUE;
347 }
348
349 /* Create this string only once, instead of in the helper function */
350 WINTRUST_Guid2Wstr( pgActionID, GuidString);
351
352 /* We don't care about success or failure */
353 WINTRUST_RemoveProviderFromReg(GuidString, Initialization);
354 WINTRUST_RemoveProviderFromReg(GuidString, Message);
355 WINTRUST_RemoveProviderFromReg(GuidString, Signature);
356 WINTRUST_RemoveProviderFromReg(GuidString, Certificate);
357 WINTRUST_RemoveProviderFromReg(GuidString, CertCheck);
358 WINTRUST_RemoveProviderFromReg(GuidString, FinalPolicy);
359 WINTRUST_RemoveProviderFromReg(GuidString, DiagnosticPolicy);
360 WINTRUST_RemoveProviderFromReg(GuidString, Cleanup);
361
362 return TRUE;
363 }
364
365 /***********************************************************************
366 * WINTRUST_WriteSingleUsageEntry
367 *
368 * Helper for WintrustAddDefaultForUsage, writes a single value and its
369 * data to:
370 *
371 * HKLM\Software\Microsoft\Cryptography\Trust\Usages\<OID>
372 */
WINTRUST_WriteSingleUsageEntry(LPCSTR OID,const WCHAR * Value,WCHAR * Data)373 static LONG WINTRUST_WriteSingleUsageEntry(LPCSTR OID,
374 const WCHAR* Value,
375 WCHAR* Data)
376 {
377 static const WCHAR Usages[] = {'U','s','a','g','e','s','\\', 0};
378 WCHAR* UsageKey;
379 HKEY Key;
380 LONG Res = ERROR_SUCCESS;
381 WCHAR* OIDW;
382 DWORD Len;
383
384 /* Turn OID into a wide-character string */
385 Len = MultiByteToWideChar( CP_ACP, 0, OID, -1, NULL, 0 );
386 OIDW = WINTRUST_Alloc( Len * sizeof(WCHAR) );
387 MultiByteToWideChar( CP_ACP, 0, OID, -1, OIDW, Len );
388
389 /* Allocate the needed space for UsageKey */
390 UsageKey = WINTRUST_Alloc((lstrlenW(Trust) + lstrlenW(Usages) + Len) * sizeof(WCHAR));
391 /* Create the key string */
392 lstrcpyW(UsageKey, Trust);
393 lstrcatW(UsageKey, Usages);
394 lstrcatW(UsageKey, OIDW);
395
396 Res = RegCreateKeyExW(HKEY_LOCAL_MACHINE, UsageKey, 0, NULL, 0, KEY_WRITE, NULL, &Key, NULL);
397 if (Res == ERROR_SUCCESS)
398 {
399 /* Create the Value entry */
400 Res = RegSetValueExW(Key, Value, 0, REG_SZ, (BYTE*)Data,
401 (lstrlenW(Data) + 1)*sizeof(WCHAR));
402 }
403 RegCloseKey(Key);
404
405 WINTRUST_Free(OIDW);
406 WINTRUST_Free(UsageKey);
407
408 return Res;
409 }
410
411 /***************************************************************************
412 * WINTRUST_RegisterGenVerifyV2
413 *
414 * Register WINTRUST_ACTION_GENERIC_VERIFY_V2 actions and usages.
415 *
416 * NOTES
417 * WINTRUST_ACTION_GENERIC_VERIFY_V2 ({00AAC56B-CD44-11D0-8CC2-00C04FC295EE}
418 * is defined in softpub.h
419 */
WINTRUST_RegisterGenVerifyV2(void)420 static BOOL WINTRUST_RegisterGenVerifyV2(void)
421 {
422 BOOL RegisteredOK = TRUE;
423 static GUID ProvGUID = WINTRUST_ACTION_GENERIC_VERIFY_V2;
424 CRYPT_REGISTER_ACTIONID ProvInfo;
425 CRYPT_PROVIDER_REGDEFUSAGE DefUsage = { sizeof(CRYPT_PROVIDER_REGDEFUSAGE),
426 &ProvGUID,
427 NULL, /* No Dll provided */
428 NULL, /* No load callback function */
429 NULL }; /* No free callback function */
430
431 ProvInfo.cbStruct = sizeof(CRYPT_REGISTER_ACTIONID);
432 ProvInfo.sInitProvider = SoftpubInitialization;
433 ProvInfo.sObjectProvider = SoftpubMessage;
434 ProvInfo.sSignatureProvider = SoftpubSignature;
435 ProvInfo.sCertificateProvider = SoftpubCertificate;
436 ProvInfo.sCertificatePolicyProvider = SoftpubCertCheck;
437 ProvInfo.sFinalPolicyProvider = SoftpubFinalPolicy;
438 ProvInfo.sTestPolicyProvider = NullCTRE; /* No diagnostic policy */
439 ProvInfo.sCleanupProvider = SoftpubCleanup;
440
441 if (!WintrustAddDefaultForUsage(szOID_PKIX_KP_CODE_SIGNING, &DefUsage))
442 RegisteredOK = FALSE;
443
444 if (!WintrustAddActionID(&ProvGUID, 0, &ProvInfo))
445 RegisteredOK = FALSE;
446
447 return RegisteredOK;
448 }
449
450 /***************************************************************************
451 * WINTRUST_RegisterPublishedSoftware
452 *
453 * Register WIN_SPUB_ACTION_PUBLISHED_SOFTWARE actions and usages.
454 *
455 * NOTES
456 * WIN_SPUB_ACTION_PUBLISHED_SOFTWARE ({64B9D180-8DA2-11CF-8736-00AA00A485EB})
457 * is defined in wintrust.h
458 */
WINTRUST_RegisterPublishedSoftware(void)459 static BOOL WINTRUST_RegisterPublishedSoftware(void)
460 {
461 static GUID ProvGUID = WIN_SPUB_ACTION_PUBLISHED_SOFTWARE;
462 CRYPT_REGISTER_ACTIONID ProvInfo;
463
464 ProvInfo.cbStruct = sizeof(CRYPT_REGISTER_ACTIONID);
465 ProvInfo.sInitProvider = SoftpubInitialization;
466 ProvInfo.sObjectProvider = SoftpubMessage;
467 ProvInfo.sSignatureProvider = SoftpubSignature;
468 ProvInfo.sCertificateProvider = SoftpubCertificate;
469 ProvInfo.sCertificatePolicyProvider = SoftpubCertCheck;
470 ProvInfo.sFinalPolicyProvider = SoftpubFinalPolicy;
471 ProvInfo.sTestPolicyProvider = NullCTRE; /* No diagnostic policy */
472 ProvInfo.sCleanupProvider = SoftpubCleanup;
473
474 if (!WintrustAddActionID(&ProvGUID, 0, &ProvInfo))
475 return FALSE;
476
477 return TRUE;
478 }
479
480 #define WIN_SPUB_ACTION_PUBLISHED_SOFTWARE_NOBADUI { 0xc6b2e8d0, 0xe005, 0x11cf, { 0xa1,0x34,0x00,0xc0,0x4f,0xd7,0xbf,0x43 }}
481
482 /***************************************************************************
483 * WINTRUST_RegisterPublishedSoftwareNoBadUi
484 *
485 * Register WIN_SPUB_ACTION_PUBLISHED_SOFTWARE_NOBADUI actions and usages.
486 *
487 * NOTES
488 * WIN_SPUB_ACTION_PUBLISHED_SOFTWARE_NOBADUI ({C6B2E8D0-E005-11CF-A134-00C04FD7BF43})
489 * is not defined in any include file. (FIXME: Find out if the name is correct).
490 */
WINTRUST_RegisterPublishedSoftwareNoBadUi(void)491 static BOOL WINTRUST_RegisterPublishedSoftwareNoBadUi(void)
492 {
493 static GUID ProvGUID = WIN_SPUB_ACTION_PUBLISHED_SOFTWARE_NOBADUI;
494 CRYPT_REGISTER_ACTIONID ProvInfo;
495
496 ProvInfo.cbStruct = sizeof(CRYPT_REGISTER_ACTIONID);
497 ProvInfo.sInitProvider = SoftpubInitialization;
498 ProvInfo.sObjectProvider = SoftpubMessage;
499 ProvInfo.sSignatureProvider = SoftpubSignature;
500 ProvInfo.sCertificateProvider = SoftpubCertificate;
501 ProvInfo.sCertificatePolicyProvider = SoftpubCertCheck;
502 ProvInfo.sFinalPolicyProvider = SoftpubFinalPolicy;
503 ProvInfo.sTestPolicyProvider = NullCTRE; /* No diagnostic policy */
504 ProvInfo.sCleanupProvider = SoftpubCleanup;
505
506 if (!WintrustAddActionID(&ProvGUID, 0, &ProvInfo))
507 return FALSE;
508
509 return TRUE;
510 }
511
512 /***************************************************************************
513 * WINTRUST_RegisterGenCertVerify
514 *
515 * Register WINTRUST_ACTION_GENERIC_CERT_VERIFY actions and usages.
516 *
517 * NOTES
518 * WINTRUST_ACTION_GENERIC_CERT_VERIFY ({189A3842-3041-11D1-85E1-00C04FC295EE})
519 * is defined in softpub.h
520 */
WINTRUST_RegisterGenCertVerify(void)521 static BOOL WINTRUST_RegisterGenCertVerify(void)
522 {
523 static GUID ProvGUID = WINTRUST_ACTION_GENERIC_CERT_VERIFY;
524 CRYPT_REGISTER_ACTIONID ProvInfo;
525
526 ProvInfo.cbStruct = sizeof(CRYPT_REGISTER_ACTIONID);
527 ProvInfo.sInitProvider = SoftpubDefCertInit;
528 ProvInfo.sObjectProvider = SoftpubMessage;
529 ProvInfo.sSignatureProvider = SoftpubSignature;
530 ProvInfo.sCertificateProvider = SoftpubCertificate;
531 ProvInfo.sCertificatePolicyProvider = SoftpubCertCheck;
532 ProvInfo.sFinalPolicyProvider = SoftpubFinalPolicy;
533 ProvInfo.sTestPolicyProvider = NullCTRE; /* No diagnostic policy */
534 ProvInfo.sCleanupProvider = SoftpubCleanup;
535
536 if (!WintrustAddActionID(&ProvGUID, 0, &ProvInfo))
537 return FALSE;
538
539 return TRUE;
540 }
541
542 /***************************************************************************
543 * WINTRUST_RegisterTrustProviderTest
544 *
545 * Register WINTRUST_ACTION_TRUSTPROVIDER_TEST actions and usages.
546 *
547 * NOTES
548 * WINTRUST_ACTION_TRUSTPROVIDER_TEST ({573E31F8-DDBA-11D0-8CCB-00C04FC295EE})
549 * is defined in softpub.h
550 */
WINTRUST_RegisterTrustProviderTest(void)551 static BOOL WINTRUST_RegisterTrustProviderTest(void)
552 {
553 static GUID ProvGUID = WINTRUST_ACTION_TRUSTPROVIDER_TEST;
554 CRYPT_REGISTER_ACTIONID ProvInfo;
555
556 ProvInfo.cbStruct = sizeof(CRYPT_REGISTER_ACTIONID);
557 ProvInfo.sInitProvider = SoftpubInitialization;
558 ProvInfo.sObjectProvider = SoftpubMessage;
559 ProvInfo.sSignatureProvider = SoftpubSignature;
560 ProvInfo.sCertificateProvider = SoftpubCertificate;
561 ProvInfo.sCertificatePolicyProvider = SoftpubCertCheck;
562 ProvInfo.sFinalPolicyProvider = SoftpubFinalPolicy;
563 ProvInfo.sTestPolicyProvider = SoftpubDumpStructure;
564 ProvInfo.sCleanupProvider = SoftpubCleanup;
565
566 if (!WintrustAddActionID(&ProvGUID, 0, &ProvInfo))
567 return FALSE;
568
569 return TRUE;
570 }
571
572 /***************************************************************************
573 * WINTRUST_RegisterHttpsProv
574 *
575 * Register HTTPSPROV_ACTION actions and usages.
576 *
577 * NOTES
578 * HTTPSPROV_ACTION ({573E31F8-AABA-11D0-8CCB-00C04FC295EE})
579 * is defined in softpub.h
580 */
WINTRUST_RegisterHttpsProv(void)581 static BOOL WINTRUST_RegisterHttpsProv(void)
582 {
583 BOOL RegisteredOK = TRUE;
584 static CHAR SoftpubLoadUsage[] = "SoftpubLoadDefUsageCallData";
585 static CHAR SoftpubFreeUsage[] = "SoftpubFreeDefUsageCallData";
586 static GUID ProvGUID = HTTPSPROV_ACTION;
587 CRYPT_REGISTER_ACTIONID ProvInfo;
588 CRYPT_PROVIDER_REGDEFUSAGE DefUsage = { sizeof(CRYPT_PROVIDER_REGDEFUSAGE),
589 &ProvGUID,
590 NULL, /* Will be filled later */
591 SoftpubLoadUsage,
592 SoftpubFreeUsage };
593
594 ProvInfo.cbStruct = sizeof(CRYPT_REGISTER_ACTIONID);
595 ProvInfo.sInitProvider = SoftpubInitialization;
596 ProvInfo.sObjectProvider = SoftpubMessage;
597 ProvInfo.sSignatureProvider = SoftpubSignature;
598 ProvInfo.sCertificateProvider = HTTPSCertificateTrust;
599 ProvInfo.sCertificatePolicyProvider = SoftpubCertCheck;
600 ProvInfo.sFinalPolicyProvider = HTTPSFinalProv;
601 ProvInfo.sTestPolicyProvider = NullCTRE; /* No diagnostic policy */
602 ProvInfo.sCleanupProvider = SoftpubCleanup;
603
604 DefUsage.pwszDllName = WINTRUST_Alloc(sizeof(SP_POLICY_PROVIDER_DLL_NAME));
605 lstrcpyW(DefUsage.pwszDllName, SP_POLICY_PROVIDER_DLL_NAME);
606
607 if (!WintrustAddDefaultForUsage(szOID_PKIX_KP_SERVER_AUTH, &DefUsage))
608 RegisteredOK = FALSE;
609 if (!WintrustAddDefaultForUsage(szOID_PKIX_KP_CLIENT_AUTH, &DefUsage))
610 RegisteredOK = FALSE;
611 if (!WintrustAddDefaultForUsage(szOID_SERVER_GATED_CRYPTO, &DefUsage))
612 RegisteredOK = FALSE;
613 if (!WintrustAddDefaultForUsage(szOID_SGC_NETSCAPE, &DefUsage))
614 RegisteredOK = FALSE;
615
616 WINTRUST_Free(DefUsage.pwszDllName);
617
618 if (!WintrustAddActionID(&ProvGUID, 0, &ProvInfo))
619 RegisteredOK = FALSE;
620
621 return RegisteredOK;
622 }
623
624 /***************************************************************************
625 * WINTRUST_RegisterOfficeSignVerify
626 *
627 * Register OFFICESIGN_ACTION_VERIFY actions and usages.
628 *
629 * NOTES
630 * OFFICESIGN_ACTION_VERIFY ({5555C2CD-17FB-11D1-85C4-00C04FC295EE})
631 * is defined in softpub.h
632 */
WINTRUST_RegisterOfficeSignVerify(void)633 static BOOL WINTRUST_RegisterOfficeSignVerify(void)
634 {
635 static GUID ProvGUID = OFFICESIGN_ACTION_VERIFY;
636 CRYPT_REGISTER_ACTIONID ProvInfo;
637
638 ProvInfo.cbStruct = sizeof(CRYPT_REGISTER_ACTIONID);
639 ProvInfo.sInitProvider = OfficeInitializePolicy;
640 ProvInfo.sObjectProvider = SoftpubMessage;
641 ProvInfo.sSignatureProvider = SoftpubSignature;
642 ProvInfo.sCertificateProvider = SoftpubCertificate;
643 ProvInfo.sCertificatePolicyProvider = SoftpubCertCheck;
644 ProvInfo.sFinalPolicyProvider = SoftpubFinalPolicy;
645 ProvInfo.sTestPolicyProvider = NullCTRE; /* No diagnostic policy */
646 ProvInfo.sCleanupProvider = OfficeCleanupPolicy;
647
648
649 if (!WintrustAddActionID(&ProvGUID, 0, &ProvInfo))
650 return FALSE;
651
652 return TRUE;
653 }
654
655 /***************************************************************************
656 * WINTRUST_RegisterDriverVerify
657 *
658 * Register DRIVER_ACTION_VERIFY actions and usages.
659 *
660 * NOTES
661 * DRIVER_ACTION_VERIFY ({F750E6C3-38EE-11D1-85E5-00C04FC295EE})
662 * is defined in softpub.h
663 */
WINTRUST_RegisterDriverVerify(void)664 static BOOL WINTRUST_RegisterDriverVerify(void)
665 {
666 static GUID ProvGUID = DRIVER_ACTION_VERIFY;
667 CRYPT_REGISTER_ACTIONID ProvInfo;
668
669 ProvInfo.cbStruct = sizeof(CRYPT_REGISTER_ACTIONID);
670 ProvInfo.sInitProvider = DriverInitializePolicy;
671 ProvInfo.sObjectProvider = SoftpubMessage;
672 ProvInfo.sSignatureProvider = SoftpubSignature;
673 ProvInfo.sCertificateProvider = SoftpubCertificate;
674 ProvInfo.sCertificatePolicyProvider = SoftpubCertCheck;
675 ProvInfo.sFinalPolicyProvider = DriverFinalPolicy;
676 ProvInfo.sTestPolicyProvider = NullCTRE; /* No diagnostic policy */
677 ProvInfo.sCleanupProvider = DriverCleanupPolicy;
678
679
680 if (!WintrustAddActionID(&ProvGUID, 0, &ProvInfo))
681 return FALSE;
682
683 return TRUE;
684 }
685
686 /***************************************************************************
687 * WINTRUST_RegisterGenChainVerify
688 *
689 * Register WINTRUST_ACTION_GENERIC_CHAIN_VERIFY actions and usages.
690 *
691 * NOTES
692 * WINTRUST_ACTION_GENERIC_CHAIN_VERIFY ({FC451C16-AC75-11D1-B4B8-00C04FB66EA0})
693 * is defined in softpub.h
694 */
WINTRUST_RegisterGenChainVerify(void)695 static BOOL WINTRUST_RegisterGenChainVerify(void)
696 {
697 static GUID ProvGUID = WINTRUST_ACTION_GENERIC_CHAIN_VERIFY;
698 CRYPT_REGISTER_ACTIONID ProvInfo;
699
700 ProvInfo.cbStruct = sizeof(CRYPT_REGISTER_ACTIONID);
701 ProvInfo.sInitProvider = SoftpubInitialization;
702 ProvInfo.sObjectProvider = SoftpubMessage;
703 ProvInfo.sSignatureProvider = SoftpubSignature;
704 ProvInfo.sCertificateProvider = GenericChainCertificateTrust;
705 ProvInfo.sCertificatePolicyProvider = SoftpubCertCheck;
706 ProvInfo.sFinalPolicyProvider = GenericChainFinalProv;
707 ProvInfo.sTestPolicyProvider = NullCTRE; /* No diagnostic policy */
708 ProvInfo.sCleanupProvider = SoftpubCleanup;
709
710 if (!WintrustAddActionID(&ProvGUID, 0, &ProvInfo))
711 return FALSE;
712
713 return TRUE;
714 }
715
716 /***********************************************************************
717 * WintrustAddDefaultForUsage (WINTRUST.@)
718 *
719 * Write OID and callback functions to the registry.
720 *
721 * PARAMS
722 * pszUsageOID [I] Pointer to a GUID.
723 * psDefUsage [I] Pointer to a structure that specifies the callback functions.
724 *
725 * RETURNS
726 * Success: TRUE.
727 * Failure: FALSE.
728 *
729 * NOTES
730 * WintrustAddDefaultForUsage will only return TRUE or FALSE, no last
731 * error is set, not even when the registry cannot be written to.
732 */
WintrustAddDefaultForUsage(const char * pszUsageOID,CRYPT_PROVIDER_REGDEFUSAGE * psDefUsage)733 BOOL WINAPI WintrustAddDefaultForUsage(const char *pszUsageOID,
734 CRYPT_PROVIDER_REGDEFUSAGE *psDefUsage)
735 {
736 static const WCHAR CBAlloc[] = {'C','a','l','l','b','a','c','k','A','l','l','o','c','F','u','n','c','t','i','o','n', 0};
737 static const WCHAR CBFree[] = {'C','a','l','l','b','a','c','k','F','r','e','e','F','u','n','c','t','i','o','n', 0};
738 LONG Res = ERROR_SUCCESS;
739 LONG WriteUsageError = ERROR_SUCCESS;
740 DWORD Len;
741 WCHAR GuidString[39];
742
743 TRACE("(%s %p)\n", debugstr_a(pszUsageOID), psDefUsage);
744
745 /* Some sanity checks. */
746 if (!pszUsageOID ||
747 !psDefUsage ||
748 !psDefUsage->pgActionID ||
749 (psDefUsage->cbStruct != sizeof(CRYPT_PROVIDER_REGDEFUSAGE)))
750 {
751 SetLastError(ERROR_INVALID_PARAMETER);
752 return FALSE;
753 }
754
755 if (psDefUsage->pwszDllName)
756 {
757 Res = WINTRUST_WriteSingleUsageEntry(pszUsageOID, Dll, psDefUsage->pwszDllName);
758 if (Res != ERROR_SUCCESS) WriteUsageError = Res;
759 }
760 if (psDefUsage->pwszLoadCallbackDataFunctionName)
761 {
762 WCHAR* CallbackW;
763
764 Len = MultiByteToWideChar( CP_ACP, 0, psDefUsage->pwszLoadCallbackDataFunctionName, -1, NULL, 0 );
765 CallbackW = WINTRUST_Alloc( Len * sizeof(WCHAR) );
766 MultiByteToWideChar( CP_ACP, 0, psDefUsage->pwszLoadCallbackDataFunctionName, -1, CallbackW, Len );
767
768 Res = WINTRUST_WriteSingleUsageEntry(pszUsageOID, CBAlloc, CallbackW);
769 if (Res != ERROR_SUCCESS) WriteUsageError = Res;
770
771 WINTRUST_Free(CallbackW);
772 }
773 if (psDefUsage->pwszFreeCallbackDataFunctionName)
774 {
775 WCHAR* CallbackW;
776
777 Len = MultiByteToWideChar( CP_ACP, 0, psDefUsage->pwszFreeCallbackDataFunctionName, -1, NULL, 0 );
778 CallbackW = WINTRUST_Alloc( Len * sizeof(WCHAR) );
779 MultiByteToWideChar( CP_ACP, 0, psDefUsage->pwszFreeCallbackDataFunctionName, -1, CallbackW, Len );
780
781 Res = WINTRUST_WriteSingleUsageEntry(pszUsageOID, CBFree, CallbackW);
782 if (Res != ERROR_SUCCESS) WriteUsageError = Res;
783
784 WINTRUST_Free(CallbackW);
785 }
786
787 WINTRUST_Guid2Wstr(psDefUsage->pgActionID, GuidString);
788 Res = WINTRUST_WriteSingleUsageEntry(pszUsageOID, DefaultId, GuidString);
789 if (Res != ERROR_SUCCESS) WriteUsageError = Res;
790
791 if (WriteUsageError != ERROR_SUCCESS)
792 return FALSE;
793
794 return TRUE;
795 }
796
WINTRUST_ReadProviderFromReg(WCHAR * GuidString,const WCHAR * FunctionType)797 static FARPROC WINTRUST_ReadProviderFromReg(WCHAR *GuidString, const WCHAR *FunctionType)
798 {
799 WCHAR ProvKey[MAX_PATH], DllName[MAX_PATH];
800 char FunctionName[MAX_PATH];
801 HKEY Key;
802 LONG Res = ERROR_SUCCESS;
803 DWORD Size;
804 HMODULE Lib;
805 FARPROC Func = NULL;
806
807 /* Create the needed key string */
808 ProvKey[0]='\0';
809 lstrcatW(ProvKey, Trust);
810 lstrcatW(ProvKey, FunctionType);
811 lstrcatW(ProvKey, GuidString);
812
813 Res = RegOpenKeyExW(HKEY_LOCAL_MACHINE, ProvKey, 0, KEY_READ, &Key);
814 if (Res != ERROR_SUCCESS) return NULL;
815
816 /* Read the $DLL entry */
817 Size = sizeof(DllName);
818 Res = RegQueryValueExW(Key, Dll, NULL, NULL, (LPBYTE)DllName, &Size);
819 if (Res != ERROR_SUCCESS) goto error_close_key;
820
821 /* Read the $Function entry */
822 Size = sizeof(FunctionName);
823 Res = RegQueryValueExA(Key, "$Function", NULL, NULL, (LPBYTE)FunctionName, &Size);
824 if (Res != ERROR_SUCCESS) goto error_close_key;
825
826 /* Load the library - there appears to be no way to close a provider, so
827 * just leak the module handle.
828 */
829 Lib = LoadLibraryW(DllName);
830 Func = GetProcAddress(Lib, FunctionName);
831
832 error_close_key:
833 RegCloseKey(Key);
834
835 return Func;
836 }
837
838 /***********************************************************************
839 * WintrustLoadFunctionPointers (WINTRUST.@)
840 */
WintrustLoadFunctionPointers(GUID * pgActionID,CRYPT_PROVIDER_FUNCTIONS * pPfns)841 BOOL WINAPI WintrustLoadFunctionPointers( GUID* pgActionID,
842 CRYPT_PROVIDER_FUNCTIONS* pPfns )
843 {
844 WCHAR GuidString[39];
845
846 TRACE("(%s %p)\n", debugstr_guid(pgActionID), pPfns);
847
848 if (!pPfns) return FALSE;
849 if (!pgActionID)
850 {
851 SetLastError(ERROR_INVALID_PARAMETER);
852 return FALSE;
853 }
854 if (pPfns->cbStruct != sizeof(CRYPT_PROVIDER_FUNCTIONS)) return FALSE;
855
856 /* Create this string only once, instead of in the helper function */
857 WINTRUST_Guid2Wstr( pgActionID, GuidString);
858
859 /* Get the function pointers from the registry, where applicable */
860 pPfns->pfnAlloc = WINTRUST_Alloc;
861 pPfns->pfnFree = WINTRUST_Free;
862 pPfns->pfnAddStore2Chain = WINTRUST_AddStore;
863 pPfns->pfnAddSgnr2Chain = WINTRUST_AddSgnr;
864 pPfns->pfnAddCert2Chain = WINTRUST_AddCert;
865 pPfns->pfnAddPrivData2Chain = WINTRUST_AddPrivData;
866 pPfns->psUIpfns = NULL;
867 pPfns->pfnInitialize = (PFN_PROVIDER_INIT_CALL)WINTRUST_ReadProviderFromReg(GuidString, Initialization);
868 pPfns->pfnObjectTrust = (PFN_PROVIDER_OBJTRUST_CALL)WINTRUST_ReadProviderFromReg(GuidString, Message);
869 pPfns->pfnSignatureTrust = (PFN_PROVIDER_SIGTRUST_CALL)WINTRUST_ReadProviderFromReg(GuidString, Signature);
870 pPfns->pfnCertificateTrust = (PFN_PROVIDER_CERTTRUST_CALL)WINTRUST_ReadProviderFromReg(GuidString, Certificate);
871 pPfns->pfnCertCheckPolicy = (PFN_PROVIDER_CERTCHKPOLICY_CALL)WINTRUST_ReadProviderFromReg(GuidString, CertCheck);
872 pPfns->pfnFinalPolicy = (PFN_PROVIDER_FINALPOLICY_CALL)WINTRUST_ReadProviderFromReg(GuidString, FinalPolicy);
873 pPfns->pfnTestFinalPolicy = (PFN_PROVIDER_TESTFINALPOLICY_CALL)WINTRUST_ReadProviderFromReg(GuidString, DiagnosticPolicy);
874 pPfns->pfnCleanupPolicy = (PFN_PROVIDER_CLEANUP_CALL)WINTRUST_ReadProviderFromReg(GuidString, Cleanup);
875
876 return TRUE;
877 }
878
879 /***********************************************************************
880 * WINTRUST_SIPPAddProvider
881 *
882 * Helper for DllRegisterServer.
883 */
WINTRUST_SIPPAddProvider(GUID * Subject,WCHAR * MagicNumber)884 static BOOL WINTRUST_SIPPAddProvider(GUID* Subject, WCHAR* MagicNumber)
885 {
886 static WCHAR CryptSIPGetSignedDataMsg[] =
887 {'C','r','y','p','t','S','I','P','G','e','t','S','i','g','n','e','d','D','a','t','a','M','s','g', 0};
888 static WCHAR CryptSIPPutSignedDataMsg[] =
889 {'C','r','y','p','t','S','I','P','P','u','t','S','i','g','n','e','d','D','a','t','a','M','s','g', 0};
890 static WCHAR CryptSIPCreateIndirectData[] =
891 {'C','r','y','p','t','S','I','P','C','r','e','a','t','e','I','n','d','i','r','e','c','t','D','a','t','a', 0};
892 static WCHAR CryptSIPVerifyIndirectData[] =
893 {'C','r','y','p','t','S','I','P','V','e','r','i','f','y','I','n','d','i','r','e','c','t','D','a','t','a', 0};
894 static WCHAR CryptSIPRemoveSignedDataMsg[] =
895 {'C','r','y','p','t','S','I','P','R','e','m','o','v','e','S','i','g','n','e','d','D','a','t','a','M','s','g', 0};
896 SIP_ADD_NEWPROVIDER NewProv;
897 BOOL Ret;
898
899 /* Clear and initialize the structure */
900 memset(&NewProv, 0, sizeof(SIP_ADD_NEWPROVIDER));
901 NewProv.cbStruct = sizeof(SIP_ADD_NEWPROVIDER);
902 NewProv.pwszDLLFileName = WINTRUST_Alloc(sizeof(SP_POLICY_PROVIDER_DLL_NAME));
903 /* Fill the structure */
904 NewProv.pgSubject = Subject;
905 lstrcpyW(NewProv.pwszDLLFileName, SP_POLICY_PROVIDER_DLL_NAME);
906 NewProv.pwszMagicNumber = MagicNumber;
907 NewProv.pwszIsFunctionName = NULL;
908 NewProv.pwszGetFuncName = CryptSIPGetSignedDataMsg;
909 NewProv.pwszPutFuncName = CryptSIPPutSignedDataMsg;
910 NewProv.pwszCreateFuncName = CryptSIPCreateIndirectData;
911 NewProv.pwszVerifyFuncName = CryptSIPVerifyIndirectData;
912 NewProv.pwszRemoveFuncName = CryptSIPRemoveSignedDataMsg;
913 NewProv.pwszIsFunctionNameFmt2 = NULL;
914 NewProv.pwszGetCapFuncName = NULL;
915
916 Ret = CryptSIPAddProvider(&NewProv);
917
918 WINTRUST_Free(NewProv.pwszDLLFileName);
919
920 return Ret;
921 }
922
923 /***********************************************************************
924 * DllRegisterServer (WINTRUST.@)
925 */
DllRegisterServer(void)926 HRESULT WINAPI DllRegisterServer(void)
927 {
928 static const CHAR SpcPeImageDataEncode[] = "WVTAsn1SpcPeImageDataEncode";
929 static const CHAR SpcPeImageDataDecode[] = "WVTAsn1SpcPeImageDataDecode";
930 static const CHAR SpcLinkEncode[] = "WVTAsn1SpcLinkEncode";
931 static const CHAR SpcLinkDecode[] = "WVTAsn1SpcLinkDecode";
932 static const CHAR SpcSigInfoEncode[] = "WVTAsn1SpcSigInfoEncode";
933 static const CHAR SpcSigInfoDecode[] = "WVTAsn1SpcSigInfoDecode";
934 static const CHAR SpcIndirectDataContentEncode[] = "WVTAsn1SpcIndirectDataContentEncode";
935 static const CHAR SpcIndirectDataContentDecode[] = "WVTAsn1SpcIndirectDataContentDecode";
936 static const CHAR SpcSpAgencyInfoEncode[] = "WVTAsn1SpcSpAgencyInfoEncode";
937 static const CHAR SpcSpAgencyInfoDecode[] = "WVTAsn1SpcSpAgencyInfoDecode";
938 static const CHAR SpcMinimalCriteriaInfoEncode[] = "WVTAsn1SpcMinimalCriteriaInfoEncode";
939 static const CHAR SpcMinimalCriteriaInfoDecode[] = "WVTAsn1SpcMinimalCriteriaInfoDecode";
940 static const CHAR SpcFinancialCriteriaInfoEncode[] = "WVTAsn1SpcFinancialCriteriaInfoEncode";
941 static const CHAR SpcFinancialCriteriaInfoDecode[] = "WVTAsn1SpcFinancialCriteriaInfoDecode";
942 static const CHAR SpcStatementTypeEncode[] = "WVTAsn1SpcStatementTypeEncode";
943 static const CHAR SpcStatementTypeDecode[] = "WVTAsn1SpcStatementTypeDecode";
944 static const CHAR CatNameValueEncode[] = "WVTAsn1CatNameValueEncode";
945 static const CHAR CatNameValueDecode[] = "WVTAsn1CatNameValueDecode";
946 static const CHAR CatMemberInfoEncode[] = "WVTAsn1CatMemberInfoEncode";
947 static const CHAR CatMemberInfoDecode[] = "WVTAsn1CatMemberInfoDecode";
948 static const CHAR SpcSpOpusInfoEncode[] = "WVTAsn1SpcSpOpusInfoEncode";
949 static const CHAR SpcSpOpusInfoDecode[] = "WVTAsn1SpcSpOpusInfoDecode";
950 static GUID Unknown1 = { 0xDE351A42, 0x8E59, 0x11D0, { 0x8C,0x47,0x00,0xC0,0x4F,0xC2,0x95,0xEE }};
951 static GUID Unknown2 = { 0xC689AABA, 0x8E78, 0x11D0, { 0x8C,0x47,0x00,0xC0,0x4F,0xC2,0x95,0xEE }};
952 static GUID Unknown3 = { 0xC689AAB8, 0x8E78, 0x11D0, { 0x8C,0x47,0x00,0xC0,0x4F,0xC2,0x95,0xEE }};
953 static GUID Unknown4 = { 0xC689AAB9, 0x8E78, 0x11D0, { 0x8C,0x47,0x00,0xC0,0x4F,0xC2,0x95,0xEE }};
954 static GUID Unknown5 = { 0xDE351A43, 0x8E59, 0x11D0, { 0x8C,0x47,0x00,0xC0,0x4F,0xC2,0x95,0xEE }};
955 static GUID Unknown6 = { 0x9BA61D3F, 0xE73A, 0x11D0, { 0x8C,0xD2,0x00,0xC0,0x4F,0xC2,0x95,0xEE }};
956 static WCHAR MagicNumber2[] = {'M','S','C','F', 0};
957 static WCHAR MagicNumber3[] = {'0','x','0','0','0','0','4','5','5','0', 0};
958 static WCHAR CafeBabe[] = {'0','x','c','a','f','e','b','a','b','e', 0};
959
960 HRESULT CryptRegisterRes = S_OK;
961 HRESULT TrustProviderRes = S_OK;
962 HRESULT SIPAddProviderRes = S_OK;
963 HCRYPTPROV crypt_provider;
964 BOOL ret;
965
966 TRACE("\n");
967
968 /* Testing on native shows that when an error is encountered in one of the CryptRegisterOIDFunction calls
969 * the rest of these calls are skipped. Registering is however continued for the trust providers.
970 *
971 * We are not totally in line with native as all decoding functions are registered after all encoding
972 * functions there.
973 */
974 #define WINTRUST_REGISTEROID( oid, encode_funcname, decode_funcname ) \
975 do { \
976 if (!CryptRegisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_ENCODE_OBJECT_FUNC, oid, SP_POLICY_PROVIDER_DLL_NAME, encode_funcname)) \
977 { \
978 CryptRegisterRes = HRESULT_FROM_WIN32(GetLastError()); \
979 goto add_trust_providers; \
980 } \
981 if (!CryptRegisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_DECODE_OBJECT_FUNC, oid, SP_POLICY_PROVIDER_DLL_NAME, decode_funcname)) \
982 { \
983 CryptRegisterRes = HRESULT_FROM_WIN32(GetLastError()); \
984 goto add_trust_providers; \
985 } \
986 } while (0)
987
988 WINTRUST_REGISTEROID(SPC_PE_IMAGE_DATA_OBJID, SpcPeImageDataEncode, SpcPeImageDataDecode);
989 WINTRUST_REGISTEROID(SPC_PE_IMAGE_DATA_STRUCT, SpcPeImageDataEncode, SpcPeImageDataDecode);
990 WINTRUST_REGISTEROID(SPC_CAB_DATA_OBJID, SpcLinkEncode, SpcLinkDecode);
991 WINTRUST_REGISTEROID(SPC_CAB_DATA_STRUCT, SpcLinkEncode, SpcLinkDecode);
992 WINTRUST_REGISTEROID(SPC_JAVA_CLASS_DATA_OBJID, SpcLinkEncode, SpcLinkDecode);
993 WINTRUST_REGISTEROID(SPC_JAVA_CLASS_DATA_STRUCT, SpcLinkEncode, SpcLinkDecode);
994 WINTRUST_REGISTEROID(SPC_LINK_OBJID, SpcLinkEncode, SpcLinkDecode);
995 WINTRUST_REGISTEROID(SPC_LINK_STRUCT, SpcLinkEncode, SpcLinkDecode);
996 WINTRUST_REGISTEROID(SPC_SIGINFO_OBJID, SpcSigInfoEncode, SpcSigInfoDecode);
997 WINTRUST_REGISTEROID(SPC_SIGINFO_STRUCT, SpcSigInfoEncode, SpcSigInfoDecode);
998 WINTRUST_REGISTEROID(SPC_INDIRECT_DATA_OBJID, SpcIndirectDataContentEncode, SpcIndirectDataContentDecode);
999 WINTRUST_REGISTEROID(SPC_INDIRECT_DATA_CONTENT_STRUCT, SpcIndirectDataContentEncode, SpcIndirectDataContentDecode);
1000 WINTRUST_REGISTEROID(SPC_SP_AGENCY_INFO_OBJID, SpcSpAgencyInfoEncode, SpcSpAgencyInfoDecode);
1001 WINTRUST_REGISTEROID(SPC_SP_AGENCY_INFO_STRUCT, SpcSpAgencyInfoEncode, SpcSpAgencyInfoDecode);
1002 WINTRUST_REGISTEROID(SPC_MINIMAL_CRITERIA_OBJID, SpcMinimalCriteriaInfoEncode, SpcMinimalCriteriaInfoDecode);
1003 WINTRUST_REGISTEROID(SPC_MINIMAL_CRITERIA_STRUCT, SpcMinimalCriteriaInfoEncode, SpcMinimalCriteriaInfoDecode);
1004 WINTRUST_REGISTEROID(SPC_FINANCIAL_CRITERIA_OBJID, SpcFinancialCriteriaInfoEncode, SpcFinancialCriteriaInfoDecode);
1005 WINTRUST_REGISTEROID(SPC_FINANCIAL_CRITERIA_STRUCT, SpcFinancialCriteriaInfoEncode, SpcFinancialCriteriaInfoDecode);
1006 WINTRUST_REGISTEROID(SPC_STATEMENT_TYPE_OBJID, SpcStatementTypeEncode, SpcStatementTypeDecode);
1007 WINTRUST_REGISTEROID(SPC_STATEMENT_TYPE_STRUCT, SpcStatementTypeEncode, SpcStatementTypeDecode);
1008 WINTRUST_REGISTEROID(CAT_NAMEVALUE_OBJID, CatNameValueEncode, CatNameValueDecode);
1009 WINTRUST_REGISTEROID(CAT_NAMEVALUE_STRUCT, CatNameValueEncode, CatNameValueDecode);
1010 WINTRUST_REGISTEROID(CAT_MEMBERINFO_OBJID, CatMemberInfoEncode, CatMemberInfoDecode);
1011 WINTRUST_REGISTEROID(CAT_MEMBERINFO_STRUCT, CatMemberInfoEncode, CatMemberInfoDecode);
1012 WINTRUST_REGISTEROID(SPC_SP_OPUS_INFO_OBJID, SpcSpOpusInfoEncode, SpcSpOpusInfoDecode);
1013 WINTRUST_REGISTEROID(SPC_SP_OPUS_INFO_STRUCT, SpcSpOpusInfoEncode, SpcSpOpusInfoDecode);
1014
1015 #undef WINTRUST_REGISTEROID
1016
1017 add_trust_providers:
1018
1019 /* Testing on W2K3 shows:
1020 * All registry writes are tried. If one fails this part will return S_FALSE.
1021 *
1022 * Last error is set to the last error encountered, regardless if the first
1023 * part failed or not.
1024 */
1025
1026 /* Create the necessary action registry structures */
1027 WINTRUST_InitRegStructs();
1028
1029 /* Register several Trust Provider actions */
1030 if (!WINTRUST_RegisterGenVerifyV2())
1031 TrustProviderRes = S_FALSE;
1032 if (!WINTRUST_RegisterPublishedSoftware())
1033 TrustProviderRes = S_FALSE;
1034 if (!WINTRUST_RegisterPublishedSoftwareNoBadUi())
1035 TrustProviderRes = S_FALSE;
1036 if (!WINTRUST_RegisterGenCertVerify())
1037 TrustProviderRes = S_FALSE;
1038 if (!WINTRUST_RegisterTrustProviderTest())
1039 TrustProviderRes = S_FALSE;
1040 if (!WINTRUST_RegisterHttpsProv())
1041 TrustProviderRes = S_FALSE;
1042 if (!WINTRUST_RegisterOfficeSignVerify())
1043 TrustProviderRes = S_FALSE;
1044 if (!WINTRUST_RegisterDriverVerify())
1045 TrustProviderRes = S_FALSE;
1046 if (!WINTRUST_RegisterGenChainVerify())
1047 TrustProviderRes = S_FALSE;
1048
1049 /* Free the registry structures */
1050 WINTRUST_FreeRegStructs();
1051
1052 /* Testing on W2K3 shows:
1053 * All registry writes are tried. If one fails this part will return S_FALSE.
1054 *
1055 * Last error is set to the last error encountered, regardless if the previous
1056 * parts failed or not.
1057 */
1058
1059 if (!WINTRUST_SIPPAddProvider(&Unknown1, NULL))
1060 SIPAddProviderRes = S_FALSE;
1061 if (!WINTRUST_SIPPAddProvider(&Unknown2, MagicNumber2))
1062 SIPAddProviderRes = S_FALSE;
1063 if (!WINTRUST_SIPPAddProvider(&Unknown3, MagicNumber3))
1064 SIPAddProviderRes = S_FALSE;
1065 if (!WINTRUST_SIPPAddProvider(&Unknown4, CafeBabe))
1066 SIPAddProviderRes = S_FALSE;
1067 if (!WINTRUST_SIPPAddProvider(&Unknown5, CafeBabe))
1068 SIPAddProviderRes = S_FALSE;
1069 if (!WINTRUST_SIPPAddProvider(&Unknown6, CafeBabe))
1070 SIPAddProviderRes = S_FALSE;
1071
1072 /* Native does a CryptSIPRemoveProvider here for {941C2937-1292-11D1-85BE-00C04FC295EE}.
1073 * This SIP Provider is however not found on up-to-date window install and native will
1074 * set the last error to ERROR_FILE_NOT_FOUND.
1075 * Wine has the last error set to ERROR_INVALID_PARAMETER. There shouldn't be an app
1076 * depending on this last error though so there is no need to imitate native to the full extent.
1077 *
1078 * (The ERROR_INVALID_PARAMETER for Wine it totally valid as we (and native) do register
1079 * a trust provider without a diagnostic policy).
1080 */
1081
1082 /* Create a dummy context to force creation of the MachineGuid registry key. */
1083 ret = CryptAcquireContextW(&crypt_provider, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT);
1084 if (ret) CryptReleaseContext(crypt_provider, 0);
1085 else ERR("Failed to acquire cryptographic context: %u\n", GetLastError());
1086
1087 /* If CryptRegisterRes is not S_OK it will always overrule the return value. */
1088 if (CryptRegisterRes != S_OK)
1089 return CryptRegisterRes;
1090 else if (SIPAddProviderRes == S_OK)
1091 return TrustProviderRes;
1092 else
1093 return SIPAddProviderRes;
1094 }
1095
1096 /***********************************************************************
1097 * DllUnregisterServer (WINTRUST.@)
1098 */
DllUnregisterServer(void)1099 HRESULT WINAPI DllUnregisterServer(void)
1100 {
1101 FIXME("stub\n");
1102 return S_OK;
1103 }
1104
1105 /***********************************************************************
1106 * SoftpubDllRegisterServer (WINTRUST.@)
1107 *
1108 * Registers softpub.dll
1109 *
1110 * PARAMS
1111 *
1112 * RETURNS
1113 * Success: S_OK.
1114 * Failure: S_FALSE. (See also GetLastError()).
1115 *
1116 * NOTES
1117 * DllRegisterServer in softpub.dll will call this function.
1118 * See comments in DllRegisterServer.
1119 */
SoftpubDllRegisterServer(void)1120 HRESULT WINAPI SoftpubDllRegisterServer(void)
1121 {
1122 HRESULT TrustProviderRes = S_OK;
1123
1124 TRACE("\n");
1125
1126 /* Create the necessary action registry structures */
1127 WINTRUST_InitRegStructs();
1128
1129 /* Register several Trust Provider actions */
1130 if (!WINTRUST_RegisterGenVerifyV2())
1131 TrustProviderRes = S_FALSE;
1132 if (!WINTRUST_RegisterPublishedSoftware())
1133 TrustProviderRes = S_FALSE;
1134 if (!WINTRUST_RegisterPublishedSoftwareNoBadUi())
1135 TrustProviderRes = S_FALSE;
1136 if (!WINTRUST_RegisterGenCertVerify())
1137 TrustProviderRes = S_FALSE;
1138 if (!WINTRUST_RegisterTrustProviderTest())
1139 TrustProviderRes = S_FALSE;
1140 if (!WINTRUST_RegisterHttpsProv())
1141 TrustProviderRes = S_FALSE;
1142 if (!WINTRUST_RegisterOfficeSignVerify())
1143 TrustProviderRes = S_FALSE;
1144 if (!WINTRUST_RegisterDriverVerify())
1145 TrustProviderRes = S_FALSE;
1146 if (!WINTRUST_RegisterGenChainVerify())
1147 TrustProviderRes = S_FALSE;
1148
1149 /* Free the registry structures */
1150 WINTRUST_FreeRegStructs();
1151
1152 return TrustProviderRes;
1153 }
1154
1155 /***********************************************************************
1156 * SoftpubDllUnregisterServer (WINTRUST.@)
1157 */
SoftpubDllUnregisterServer(void)1158 HRESULT WINAPI SoftpubDllUnregisterServer(void)
1159 {
1160 FIXME("stub\n");
1161 return S_OK;
1162 }
1163
1164 /***********************************************************************
1165 * mscat32DllRegisterServer (WINTRUST.@)
1166 */
mscat32DllRegisterServer(void)1167 HRESULT WINAPI mscat32DllRegisterServer(void)
1168 {
1169 FIXME("stub\n");
1170 return S_OK;
1171 }
1172
1173 /***********************************************************************
1174 * mscat32DllUnregisterServer (WINTRUST.@)
1175 */
mscat32DllUnregisterServer(void)1176 HRESULT WINAPI mscat32DllUnregisterServer(void)
1177 {
1178 FIXME("stub\n");
1179 return S_OK;
1180 }
1181
1182 /***********************************************************************
1183 * mssip32DllRegisterServer (WINTRUST.@)
1184 */
mssip32DllRegisterServer(void)1185 HRESULT WINAPI mssip32DllRegisterServer(void)
1186 {
1187 FIXME("stub\n");
1188 return S_OK;
1189 }
1190
1191 /***********************************************************************
1192 * mssip32DllUnregisterServer (WINTRUST.@)
1193 */
mssip32DllUnregisterServer(void)1194 HRESULT WINAPI mssip32DllUnregisterServer(void)
1195 {
1196 FIXME("stub\n");
1197 return S_OK;
1198 }
1199