2 * Register related wintrust functions
4 * Copyright 2006 Paul Vriens
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
34 #include "wine/debug.h"
36 WINE_DEFAULT_DEBUG_CHANNEL(wintrust);
38 static CRYPT_TRUST_REG_ENTRY SoftpubInitialization;
39 static CRYPT_TRUST_REG_ENTRY SoftpubMessage;
40 static CRYPT_TRUST_REG_ENTRY SoftpubSignature;
41 static CRYPT_TRUST_REG_ENTRY SoftpubCertficate;
42 static CRYPT_TRUST_REG_ENTRY SoftpubCertCheck;
43 static CRYPT_TRUST_REG_ENTRY SoftpubFinalPolicy;
44 static CRYPT_TRUST_REG_ENTRY SoftpubCleanup;
46 static CRYPT_TRUST_REG_ENTRY SoftpubDefCertInit;
48 static CRYPT_TRUST_REG_ENTRY SoftpubDumpStructure;
50 static CRYPT_TRUST_REG_ENTRY HTTPSCertificateTrust;
51 static CRYPT_TRUST_REG_ENTRY HTTPSFinalProv;
53 static CRYPT_TRUST_REG_ENTRY OfficeInitializePolicy;
54 static CRYPT_TRUST_REG_ENTRY OfficeCleanupPolicy;
56 static CRYPT_TRUST_REG_ENTRY DriverInitializePolicy;
57 static CRYPT_TRUST_REG_ENTRY DriverFinalPolicy;
58 static CRYPT_TRUST_REG_ENTRY DriverCleanupPolicy;
60 static CRYPT_TRUST_REG_ENTRY GenericChainCertificateTrust;
61 static CRYPT_TRUST_REG_ENTRY GenericChainFinalProv;
63 static const WCHAR Trust[] = {'S','o','f','t','w','a','r','e','\\',
64 'M','i','c','r','o','s','o','f','t','\\',
65 'C','r','y','p','t','o','g','r','a','p','h','y','\\',
66 'P','r','o','v','i','d','e','r','s','\\',
67 'T','r','u','s','t','\\', 0 };
69 static const WCHAR Initialization[] = {'I','n','i','t','i','a','l','i','z','a','t','i','o','n','\\', 0};
70 static const WCHAR Message[] = {'M','e','s','s','a','g','e','\\', 0};
71 static const WCHAR Signature[] = {'S','i','g','n','a','t','u','r','e','\\', 0};
72 static const WCHAR Certificate[] = {'C','e','r','t','i','f','i','c','a','t','e','\\', 0};
73 static const WCHAR CertCheck[] = {'C','e','r','t','C','h','e','c','k','\\', 0};
74 static const WCHAR FinalPolicy[] = {'F','i','n','a','l','P','o','l','i','c','y','\\', 0};
75 static const WCHAR DiagnosticPolicy[] = {'D','i','a','g','n','o','s','t','i','c','P','o','l','i','c','y','\\', 0};
76 static const WCHAR Cleanup[] = {'C','l','e','a','n','u','p','\\', 0};
78 static const WCHAR DefaultId[] = {'D','e','f','a','u','l','t','I','d', 0};
79 static const WCHAR Dll[] = {'$','D','L','L', 0};
81 /***********************************************************************
82 * WINTRUST_InitRegStructs
84 * Helper function to allocate and initialize the members of the
85 * CRYPT_TRUST_REG_ENTRY structs.
87 static void WINTRUST_InitRegStructs(void)
89 #define WINTRUST_INITREGENTRY( action, dllname, functionname ) \
90 action.cbStruct = sizeof(CRYPT_TRUST_REG_ENTRY); \
91 action.pwszDLLName = HeapAlloc(GetProcessHeap(), 0, sizeof(dllname)); \
92 lstrcpyW(action.pwszDLLName, dllname); \
93 action.pwszFunctionName = HeapAlloc(GetProcessHeap(), 0, sizeof(functionname)); \
94 lstrcpyW(action.pwszFunctionName, functionname);
96 WINTRUST_INITREGENTRY(SoftpubInitialization, SP_POLICY_PROVIDER_DLL_NAME, SP_INIT_FUNCTION)
97 WINTRUST_INITREGENTRY(SoftpubMessage, SP_POLICY_PROVIDER_DLL_NAME, SP_OBJTRUST_FUNCTION)
98 WINTRUST_INITREGENTRY(SoftpubSignature, SP_POLICY_PROVIDER_DLL_NAME, SP_SIGTRUST_FUNCTION)
99 WINTRUST_INITREGENTRY(SoftpubCertficate, SP_POLICY_PROVIDER_DLL_NAME, WT_PROVIDER_CERTTRUST_FUNCTION)
100 WINTRUST_INITREGENTRY(SoftpubCertCheck, SP_POLICY_PROVIDER_DLL_NAME, SP_CHKCERT_FUNCTION)
101 WINTRUST_INITREGENTRY(SoftpubFinalPolicy, SP_POLICY_PROVIDER_DLL_NAME, SP_FINALPOLICY_FUNCTION)
102 WINTRUST_INITREGENTRY(SoftpubCleanup, SP_POLICY_PROVIDER_DLL_NAME, SP_CLEANUPPOLICY_FUNCTION)
103 WINTRUST_INITREGENTRY(SoftpubDefCertInit, SP_POLICY_PROVIDER_DLL_NAME, SP_GENERIC_CERT_INIT_FUNCTION)
104 WINTRUST_INITREGENTRY(SoftpubDumpStructure, SP_POLICY_PROVIDER_DLL_NAME, SP_TESTDUMPPOLICY_FUNCTION_TEST)
105 WINTRUST_INITREGENTRY(HTTPSCertificateTrust, SP_POLICY_PROVIDER_DLL_NAME, HTTPS_CERTTRUST_FUNCTION)
106 WINTRUST_INITREGENTRY(HTTPSFinalProv, SP_POLICY_PROVIDER_DLL_NAME, HTTPS_FINALPOLICY_FUNCTION)
107 WINTRUST_INITREGENTRY(OfficeInitializePolicy, OFFICE_POLICY_PROVIDER_DLL_NAME, OFFICE_INITPROV_FUNCTION)
108 WINTRUST_INITREGENTRY(OfficeCleanupPolicy, OFFICE_POLICY_PROVIDER_DLL_NAME, OFFICE_CLEANUPPOLICY_FUNCTION)
109 WINTRUST_INITREGENTRY(DriverInitializePolicy, SP_POLICY_PROVIDER_DLL_NAME, DRIVER_INITPROV_FUNCTION)
110 WINTRUST_INITREGENTRY(DriverFinalPolicy, SP_POLICY_PROVIDER_DLL_NAME, DRIVER_FINALPOLPROV_FUNCTION)
111 WINTRUST_INITREGENTRY(DriverCleanupPolicy, SP_POLICY_PROVIDER_DLL_NAME, DRIVER_CLEANUPPOLICY_FUNCTION)
112 WINTRUST_INITREGENTRY(GenericChainCertificateTrust, SP_POLICY_PROVIDER_DLL_NAME, GENERIC_CHAIN_CERTTRUST_FUNCTION)
113 WINTRUST_INITREGENTRY(GenericChainFinalProv, SP_POLICY_PROVIDER_DLL_NAME, GENERIC_CHAIN_FINALPOLICY_FUNCTION)
115 #undef WINTRUST_INITREGENTRY
118 /***********************************************************************
119 * WINTRUST_FreeRegStructs
121 * Helper function to free 2 members of the CRYPT_TRUST_REG_ENTRY
124 static void WINTRUST_FreeRegStructs(void)
126 #define WINTRUST_FREEREGENTRY( action ) \
127 HeapFree(GetProcessHeap(), 0, action.pwszDLLName); \
128 HeapFree(GetProcessHeap(), 0, action.pwszFunctionName);
130 WINTRUST_FREEREGENTRY(SoftpubInitialization);
131 WINTRUST_FREEREGENTRY(SoftpubMessage);
132 WINTRUST_FREEREGENTRY(SoftpubSignature);
133 WINTRUST_FREEREGENTRY(SoftpubCertficate);
134 WINTRUST_FREEREGENTRY(SoftpubCertCheck);
135 WINTRUST_FREEREGENTRY(SoftpubFinalPolicy);
136 WINTRUST_FREEREGENTRY(SoftpubCleanup);
137 WINTRUST_FREEREGENTRY(SoftpubDefCertInit);
138 WINTRUST_FREEREGENTRY(SoftpubDumpStructure);
139 WINTRUST_FREEREGENTRY(HTTPSCertificateTrust);
140 WINTRUST_FREEREGENTRY(HTTPSFinalProv);
141 WINTRUST_FREEREGENTRY(OfficeInitializePolicy);
142 WINTRUST_FREEREGENTRY(OfficeCleanupPolicy);
143 WINTRUST_FREEREGENTRY(DriverInitializePolicy);
144 WINTRUST_FREEREGENTRY(DriverFinalPolicy);
145 WINTRUST_FREEREGENTRY(DriverCleanupPolicy);
146 WINTRUST_FREEREGENTRY(GenericChainCertificateTrust);
147 WINTRUST_FREEREGENTRY(GenericChainFinalProv);
149 #undef WINTRUST_FREEREGENTRY
152 /***********************************************************************
155 * Create a wide-string from a GUID
158 static void WINTRUST_Guid2Wstr(const GUID* pgActionID, WCHAR* GuidString)
160 static const WCHAR wszFormat[] = {'{','%','0','8','l','X','-','%','0','4','X','-','%','0','4','X','-',
161 '%','0','2','X','%','0','2','X','-','%','0','2','X','%','0','2','X','%','0','2','X','%','0','2',
162 'X','%','0','2','X','%','0','2','X','}', 0};
164 wsprintfW(GuidString, wszFormat, pgActionID->Data1, pgActionID->Data2, pgActionID->Data3,
165 pgActionID->Data4[0], pgActionID->Data4[1], pgActionID->Data4[2], pgActionID->Data4[3],
166 pgActionID->Data4[4], pgActionID->Data4[5], pgActionID->Data4[6], pgActionID->Data4[7]);
169 /***********************************************************************
170 * WINTRUST_WriteProviderToReg
172 * Helper function for WintrustAddActionID
175 static LONG WINTRUST_WriteProviderToReg(WCHAR* GuidString,
176 const WCHAR* FunctionType,
177 CRYPT_TRUST_REG_ENTRY RegEntry)
179 static const WCHAR Function[] = {'$','F','u','n','c','t','i','o','n', 0};
180 WCHAR ProvKey[MAX_PATH];
182 LONG Res = ERROR_SUCCESS;
184 /* Create the needed key string */
186 lstrcatW(ProvKey, Trust);
187 lstrcatW(ProvKey, FunctionType);
188 lstrcatW(ProvKey, GuidString);
190 if (!RegEntry.pwszDLLName || !RegEntry.pwszFunctionName)
191 return ERROR_INVALID_PARAMETER;
193 Res = RegCreateKeyExW(HKEY_LOCAL_MACHINE, ProvKey, 0, NULL, 0, KEY_WRITE, NULL, &Key, NULL);
194 if (Res != ERROR_SUCCESS) goto error_close_key;
196 /* Create the $DLL entry */
197 Res = RegSetValueExW(Key, Dll, 0, REG_SZ, (BYTE*)RegEntry.pwszDLLName,
198 (lstrlenW(RegEntry.pwszDLLName) + 1)*sizeof(WCHAR));
199 if (Res != ERROR_SUCCESS) goto error_close_key;
201 /* Create the $Function entry */
202 Res = RegSetValueExW(Key, Function, 0, REG_SZ, (BYTE*)RegEntry.pwszFunctionName,
203 (lstrlenW(RegEntry.pwszFunctionName) + 1)*sizeof(WCHAR));
211 /***********************************************************************
212 * WintrustAddActionID (WINTRUST.@)
214 * Add the definitions of the actions a Trust provider can perform to
218 * pgActionID [I] Pointer to a GUID for the Trust provider.
219 * fdwFlags [I] Flag to indicate whether registry errors are passed on.
220 * psProvInfo [I] Pointer to a structure with information about DLL
221 * name and functions.
225 * Failure: FALSE. (Use GetLastError() for more information)
228 * Adding definitions is basically only adding relevant information
229 * to the registry. No verification takes place whether a DLL or it's
231 * Information in the registry will always be overwritten.
234 BOOL WINAPI WintrustAddActionID( GUID* pgActionID, DWORD fdwFlags,
235 CRYPT_REGISTER_ACTIONID* psProvInfo)
237 WCHAR GuidString[39];
239 LONG WriteActionError = ERROR_SUCCESS;
241 TRACE("%s %lx %p\n", debugstr_guid(pgActionID), fdwFlags, psProvInfo);
243 /* Some sanity checks.
244 * We use the W2K3 last error as it makes more sense (W2K leaves the last error
249 (psProvInfo->cbStruct != sizeof(CRYPT_REGISTER_ACTIONID)))
251 SetLastError(ERROR_INVALID_PARAMETER);
255 /* Create this string only once, instead of in the helper function */
256 WINTRUST_Guid2Wstr( pgActionID, GuidString);
258 /* Write the information to the registry */
259 Res = WINTRUST_WriteProviderToReg(GuidString, Initialization , psProvInfo->sInitProvider);
260 if (Res != ERROR_SUCCESS) WriteActionError = Res;
261 Res = WINTRUST_WriteProviderToReg(GuidString, Message , psProvInfo->sObjectProvider);
262 if (Res != ERROR_SUCCESS) WriteActionError = Res;
263 Res = WINTRUST_WriteProviderToReg(GuidString, Signature , psProvInfo->sSignatureProvider);
264 if (Res != ERROR_SUCCESS) WriteActionError = Res;
265 Res = WINTRUST_WriteProviderToReg(GuidString, Certificate , psProvInfo->sCertificateProvider);
266 if (Res != ERROR_SUCCESS) WriteActionError = Res;
267 Res = WINTRUST_WriteProviderToReg(GuidString, CertCheck , psProvInfo->sCertificatePolicyProvider);
268 if (Res != ERROR_SUCCESS) WriteActionError = Res;
269 Res = WINTRUST_WriteProviderToReg(GuidString, FinalPolicy , psProvInfo->sFinalPolicyProvider);
270 if (Res != ERROR_SUCCESS) WriteActionError = Res;
271 Res = WINTRUST_WriteProviderToReg(GuidString, DiagnosticPolicy, psProvInfo->sTestPolicyProvider);
272 if (Res != ERROR_SUCCESS) WriteActionError = Res;
273 Res = WINTRUST_WriteProviderToReg(GuidString, Cleanup , psProvInfo->sCleanupProvider);
274 if (Res != ERROR_SUCCESS) WriteActionError = Res;
276 /* Testing (by restricting access to the registry for some keys) shows that the last failing function
277 * will be used for last error.
278 * If the flag WT_ADD_ACTION_ID_RET_RESULT_FLAG is set and there are errors when adding the action
279 * we have to return FALSE. Errors includes both invalid entries as well as registry errors.
280 * Testing also showed that one error doesn't stop the registry writes. Every action will be dealt with.
283 if (WriteActionError != ERROR_SUCCESS)
285 SetLastError(WriteActionError);
287 if (fdwFlags == WT_ADD_ACTION_ID_RET_RESULT_FLAG)
294 /***********************************************************************
295 * WINTRUST_RemoveProviderFromReg
297 * Helper function for WintrustRemoveActionID
300 static void WINTRUST_RemoveProviderFromReg(WCHAR* GuidString,
301 const WCHAR* FunctionType)
303 WCHAR ProvKey[MAX_PATH];
305 /* Create the needed key string */
307 lstrcatW(ProvKey, Trust);
308 lstrcatW(ProvKey, FunctionType);
309 lstrcatW(ProvKey, GuidString);
311 /* We don't care about success or failure */
312 RegDeleteKeyW(HKEY_LOCAL_MACHINE, ProvKey);
315 /***********************************************************************
316 * WintrustRemoveActionID (WINTRUST.@)
318 * Remove the definitions of the actions a Trust provider can perform
322 * pgActionID [I] Pointer to a GUID for the Trust provider.
325 * Success: TRUE. (Use GetLastError() for more information)
326 * Failure: FALSE. (Use GetLastError() for more information)
329 * Testing shows that WintrustRemoveActionID always returns TRUE and
330 * that a possible error should be retrieved via GetLastError().
331 * There are no checks if the definitions are in the registry.
333 BOOL WINAPI WintrustRemoveActionID( GUID* pgActionID )
335 WCHAR GuidString[39];
337 TRACE("(%s)\n", debugstr_guid(pgActionID));
341 SetLastError(ERROR_INVALID_PARAMETER);
345 /* Create this string only once, instead of in the helper function */
346 WINTRUST_Guid2Wstr( pgActionID, GuidString);
348 /* We don't care about success or failure */
349 WINTRUST_RemoveProviderFromReg(GuidString, Initialization);
350 WINTRUST_RemoveProviderFromReg(GuidString, Message);
351 WINTRUST_RemoveProviderFromReg(GuidString, Signature);
352 WINTRUST_RemoveProviderFromReg(GuidString, Certificate);
353 WINTRUST_RemoveProviderFromReg(GuidString, CertCheck);
354 WINTRUST_RemoveProviderFromReg(GuidString, FinalPolicy);
355 WINTRUST_RemoveProviderFromReg(GuidString, DiagnosticPolicy);
356 WINTRUST_RemoveProviderFromReg(GuidString, Cleanup);
361 /***********************************************************************
362 * WINTRUST_WriteSingleUsageEntry
364 * Write a single value and its data to:
366 * HKLM\Software\Microsoft\Cryptography\Trust\Usages\<OID>
368 static LONG WINTRUST_WriteSingleUsageEntry(LPCSTR OID,
372 static const WCHAR Usages[] = {'U','s','a','g','e','s','\\', 0};
375 LONG Res = ERROR_SUCCESS;
379 /* Turn OID into a wide-character string */
380 Len = MultiByteToWideChar( CP_ACP, 0, OID, -1, NULL, 0 );
381 OIDW = HeapAlloc( GetProcessHeap(), 0, Len * sizeof(WCHAR) );
382 MultiByteToWideChar( CP_ACP, 0, OID, -1, OIDW, Len );
384 /* Allocate the needed space for UsageKey */
385 UsageKey = HeapAlloc(GetProcessHeap(), 0, (lstrlenW(Trust) + lstrlenW(Usages) + Len) * sizeof(WCHAR));
386 /* Create the key string */
387 lstrcpyW(UsageKey, Trust);
388 lstrcatW(UsageKey, Usages);
389 lstrcatW(UsageKey, OIDW);
391 Res = RegCreateKeyExW(HKEY_LOCAL_MACHINE, UsageKey, 0, NULL, 0, KEY_WRITE, NULL, &Key, NULL);
392 if (Res == ERROR_SUCCESS)
394 /* Create the Value entry */
395 Res = RegSetValueExW(Key, Value, 0, REG_SZ, (BYTE*)Data,
396 (lstrlenW(Data) + 1)*sizeof(WCHAR));
400 HeapFree(GetProcessHeap(), 0, OIDW);
401 HeapFree(GetProcessHeap(), 0, UsageKey);
406 /***************************************************************************
407 * WINTRUST_RegisterGenVerifyV2
409 * Register WINTRUST_ACTION_GENERIC_VERIFY_V2 actions and usages.
412 * WINTRUST_ACTION_GENERIC_VERIFY_V2 ({00AAC56B-CD44-11D0-8CC2-00C04FC295EE}
413 * is defined in softpub.h
414 * We don't care about failures (see comments in DllRegisterServer)
416 static void WINTRUST_RegisterGenVerifyV2(void)
418 static GUID ProvGUID = WINTRUST_ACTION_GENERIC_VERIFY_V2;
419 CRYPT_REGISTER_ACTIONID ProvInfo = { sizeof(CRYPT_REGISTER_ACTIONID),
420 SoftpubInitialization,
426 { 0, NULL, NULL }, /* No diagnostic policy */
428 WCHAR GuidString[39];
430 WINTRUST_Guid2Wstr(&ProvGUID , GuidString);
432 TRACE("Going to register WINTRUST_ACTION_GENERIC_VERIFY_V2 : %s\n", wine_dbgstr_w(GuidString));
434 /* HKLM\Software\Microsoft\Cryptography\Trust\Usages\1.3.6.1.5.5.7.3.3 */
435 WINTRUST_WriteSingleUsageEntry(szOID_PKIX_KP_CODE_SIGNING, DefaultId, GuidString);
437 WintrustAddActionID(&ProvGUID, 0, &ProvInfo);
440 /***************************************************************************
441 * WINTRUST_RegisterPublishedSoftware
443 * Register WIN_SPUB_ACTION_PUBLISHED_SOFTWARE actions and usages.
446 * WIN_SPUB_ACTION_PUBLISHED_SOFTWARE ({64B9D180-8DA2-11CF-8736-00AA00A485EB})
447 * is defined in wintrust.h
448 * We don't care about failures (see comments in DllRegisterServer)
450 static void WINTRUST_RegisterPublishedSoftware(void)
452 static GUID ProvGUID = WIN_SPUB_ACTION_PUBLISHED_SOFTWARE;
453 CRYPT_REGISTER_ACTIONID ProvInfo = { sizeof(CRYPT_REGISTER_ACTIONID),
454 SoftpubInitialization,
460 { 0, NULL, NULL }, /* No diagnostic policy */
463 WintrustAddActionID(&ProvGUID, 0, &ProvInfo);
466 #define WIN_SPUB_ACTION_PUBLISHED_SOFTWARE_NOBADUI { 0xc6b2e8d0, 0xe005, 0x11cf, { 0xa1,0x34,0x00,0xc0,0x4f,0xd7,0xbf,0x43 }}
468 /***************************************************************************
469 * WINTRUST_RegisterPublishedSoftwareNoBadUi
471 * Register WIN_SPUB_ACTION_PUBLISHED_SOFTWARE_NOBADUI actions and usages.
474 * WIN_SPUB_ACTION_PUBLISHED_SOFTWARE_NOBADUI ({C6B2E8D0-E005-11CF-A134-00C04FD7BF43})
475 * is not defined in any include file. (FIXME: Find out if the name is correct).
476 * We don't care about failures (see comments in DllRegisterServer)
478 static void WINTRUST_RegisterPublishedSoftwareNoBadUi(void)
480 static GUID ProvGUID = WIN_SPUB_ACTION_PUBLISHED_SOFTWARE_NOBADUI;
481 CRYPT_REGISTER_ACTIONID ProvInfo = { sizeof(CRYPT_REGISTER_ACTIONID),
482 SoftpubInitialization,
488 { 0, NULL, NULL }, /* No diagnostic policy */
490 WintrustAddActionID(&ProvGUID, 0, &ProvInfo);
493 /***************************************************************************
494 * WINTRUST_RegisterGenCertVerify
496 * Register WINTRUST_ACTION_GENERIC_CERT_VERIFY actions and usages.
499 * WINTRUST_ACTION_GENERIC_CERT_VERIFY ({189A3842-3041-11D1-85E1-00C04FC295EE})
500 * is defined in softpub.h
501 * We don't care about failures (see comments in DllRegisterServer)
503 static void WINTRUST_RegisterGenCertVerify(void)
505 static GUID ProvGUID = WINTRUST_ACTION_GENERIC_CERT_VERIFY;
506 CRYPT_REGISTER_ACTIONID ProvInfo = { sizeof(CRYPT_REGISTER_ACTIONID),
513 { 0, NULL, NULL }, /* No diagnostic policy */
516 WintrustAddActionID(&ProvGUID, 0, &ProvInfo);
519 /***************************************************************************
520 * WINTRUST_RegisterTrustProviderTest
522 * Register WINTRUST_ACTION_TRUSTPROVIDER_TEST actions and usages.
525 * WINTRUST_ACTION_TRUSTPROVIDER_TEST ({573E31F8-DDBA-11D0-8CCB-00C04FC295EE})
526 * is defined in softpub.h
527 * We don't care about failures (see comments in DllRegisterServer)
529 static void WINTRUST_RegisterTrustProviderTest(void)
531 static GUID ProvGUID = WINTRUST_ACTION_TRUSTPROVIDER_TEST;
532 CRYPT_REGISTER_ACTIONID ProvInfo = { sizeof(CRYPT_REGISTER_ACTIONID),
533 SoftpubInitialization,
539 SoftpubDumpStructure,
542 WintrustAddActionID(&ProvGUID, 0, &ProvInfo);
545 /***************************************************************************
546 * WINTRUST_RegisterHttpsProv
548 * Register HTTPSPROV_ACTION actions and usages.
551 * HTTPSPROV_ACTION ({573E31F8-AABA-11D0-8CCB-00C04FC295EE})
552 * is defined in softpub.h
553 * We don't care about failures (see comments in DllRegisterServer)
555 static void WINTRUST_RegisterHttpsProv(void)
557 static WCHAR SoftpubLoadUsage[] = {'S','o','f','t','p','u','b','L','o','a','d','D','e','f','U','s','a','g','e','C','a','l','l','D','a','t','a', 0};
558 static WCHAR SoftpubFreeUsage[] = {'S','o','f','t','p','u','b','F','r','e','e','D','e','f','U','s','a','g','e','C','a','l','l','D','a','t','a', 0};
559 static const WCHAR CBAlloc[] = {'C','a','l','l','b','a','c','k','A','l','l','o','c','F','u','n','c','t','i','o','n', 0};
560 static const WCHAR CBFree[] = {'C','a','l','l','b','a','c','k','F','r','e','e','F','u','n','c','t','i','o','n', 0};
561 static GUID ProvGUID = HTTPSPROV_ACTION;
562 CRYPT_REGISTER_ACTIONID ProvInfo = { sizeof(CRYPT_REGISTER_ACTIONID),
563 SoftpubInitialization,
566 HTTPSCertificateTrust,
569 { 0, NULL, NULL }, /* No diagnostic policy */
571 WCHAR GuidString[39];
572 WCHAR ProvDllName[sizeof(SP_POLICY_PROVIDER_DLL_NAME)];
574 WINTRUST_Guid2Wstr(&ProvGUID , GuidString);
576 TRACE("Going to register HTTPSPROV_ACTION : %s\n", wine_dbgstr_w(GuidString));
578 lstrcpyW(ProvDllName, SP_POLICY_PROVIDER_DLL_NAME);
580 /* HKLM\Software\Microsoft\Cryptography\Trust\Usages\1.3.6.1.5.5.7.3.1 */
581 WINTRUST_WriteSingleUsageEntry(szOID_PKIX_KP_SERVER_AUTH, Dll, ProvDllName);
582 WINTRUST_WriteSingleUsageEntry(szOID_PKIX_KP_SERVER_AUTH, CBAlloc, SoftpubLoadUsage );
583 WINTRUST_WriteSingleUsageEntry(szOID_PKIX_KP_SERVER_AUTH, CBFree, SoftpubFreeUsage );
584 WINTRUST_WriteSingleUsageEntry(szOID_PKIX_KP_SERVER_AUTH, DefaultId, GuidString );
585 /* HKLM\Software\Microsoft\Cryptography\Trust\Usages\1.3.6.1.5.5.7.3.2 */
586 WINTRUST_WriteSingleUsageEntry(szOID_PKIX_KP_CLIENT_AUTH, Dll, ProvDllName);
587 WINTRUST_WriteSingleUsageEntry(szOID_PKIX_KP_CLIENT_AUTH, CBAlloc, SoftpubLoadUsage );
588 WINTRUST_WriteSingleUsageEntry(szOID_PKIX_KP_CLIENT_AUTH, CBFree, SoftpubFreeUsage );
589 WINTRUST_WriteSingleUsageEntry(szOID_PKIX_KP_CLIENT_AUTH, DefaultId, GuidString );
590 /* HKLM\Software\Microsoft\Cryptography\Trust\Usages\1.3.6.1.4.1.311.10.3.3 */
591 WINTRUST_WriteSingleUsageEntry(szOID_SERVER_GATED_CRYPTO, Dll, ProvDllName);
592 WINTRUST_WriteSingleUsageEntry(szOID_SERVER_GATED_CRYPTO, CBAlloc, SoftpubLoadUsage );
593 WINTRUST_WriteSingleUsageEntry(szOID_SERVER_GATED_CRYPTO, CBFree, SoftpubFreeUsage );
594 WINTRUST_WriteSingleUsageEntry(szOID_SERVER_GATED_CRYPTO, DefaultId, GuidString );
595 /* HKLM\Software\Microsoft\Cryptography\Trust\Usages\2.16.840.1.113730.4.1 */
596 WINTRUST_WriteSingleUsageEntry(szOID_SGC_NETSCAPE, Dll, ProvDllName);
597 WINTRUST_WriteSingleUsageEntry(szOID_SGC_NETSCAPE, CBAlloc, SoftpubLoadUsage );
598 WINTRUST_WriteSingleUsageEntry(szOID_SGC_NETSCAPE, CBFree, SoftpubFreeUsage );
599 WINTRUST_WriteSingleUsageEntry(szOID_SGC_NETSCAPE, DefaultId, GuidString );
601 WintrustAddActionID(&ProvGUID, 0, &ProvInfo);
604 /***************************************************************************
605 * WINTRUST_RegisterOfficeSignVerify
607 * Register OFFICESIGN_ACTION_VERIFY actions and usages.
610 * OFFICESIGN_ACTION_VERIFY ({5555C2CD-17FB-11D1-85C4-00C04FC295EE})
611 * is defined in softpub.h
612 * We don't care about failures (see comments in DllRegisterServer)
614 static void WINTRUST_RegisterOfficeSignVerify(void)
616 static GUID ProvGUID = OFFICESIGN_ACTION_VERIFY;
617 CRYPT_REGISTER_ACTIONID ProvInfo = { sizeof(CRYPT_REGISTER_ACTIONID),
618 OfficeInitializePolicy,
624 { 0, NULL, NULL }, /* No diagnostic policy */
625 OfficeCleanupPolicy };
627 WintrustAddActionID(&ProvGUID, 0, &ProvInfo);
630 /***************************************************************************
631 * WINTRUST_RegisterDriverVerify
633 * Register DRIVER_ACTION_VERIFY actions and usages.
636 * DRIVER_ACTION_VERIFY ({F750E6C3-38EE-11D1-85E5-00C04FC295EE})
637 * is defined in softpub.h
638 * We don't care about failures (see comments in DllRegisterServer)
640 static void WINTRUST_RegisterDriverVerify(void)
642 static GUID ProvGUID = DRIVER_ACTION_VERIFY;
643 CRYPT_REGISTER_ACTIONID ProvInfo = { sizeof(CRYPT_REGISTER_ACTIONID),
644 DriverInitializePolicy,
650 { 0, NULL, NULL }, /* No diagnostic policy */
651 DriverCleanupPolicy };
653 WintrustAddActionID(&ProvGUID, 0, &ProvInfo);
656 /***************************************************************************
657 * WINTRUST_RegisterGenChainVerify
659 * Register WINTRUST_ACTION_GENERIC_CHAIN_VERIFY actions and usages.
662 * WINTRUST_ACTION_GENERIC_CHAIN_VERIFY ({FC451C16-AC75-11D1-B4B8-00C04FB66EA0})
663 * is defined in softpub.h
664 * We don't care about failures (see comments in DllRegisterServer)
666 static void WINTRUST_RegisterGenChainVerify(void)
668 static GUID ProvGUID = WINTRUST_ACTION_GENERIC_CHAIN_VERIFY;
669 CRYPT_REGISTER_ACTIONID ProvInfo = { sizeof(CRYPT_REGISTER_ACTIONID),
670 SoftpubInitialization,
673 GenericChainCertificateTrust,
675 GenericChainFinalProv,
676 { 0, NULL, NULL }, /* No diagnostic policy */
679 WintrustAddActionID(&ProvGUID, 0, &ProvInfo);
682 /***********************************************************************
683 * WintrustAddDefaultForUsage (WINTRUST.@)
685 * Write OID and callback functions to the registry.
688 * pszUsageOID [I] Pointer to a GUID.
689 * psDefUsage [I] Pointer to a structure that specifies the callback functions.
696 * WintrustAddDefaultForUsage will only return TRUE or FALSE, no last
697 * error is set, not even when the registry cannot be written to.
699 BOOL WINAPI WintrustAddDefaultForUsage(const CHAR *pszUsageOID,
700 CRYPT_PROVIDER_REGDEFUSAGE *psDefUsage)
702 static const WCHAR CBAlloc[] = {'C','a','l','l','b','a','c','k','A','l','l','o','c','F','u','n','c','t','i','o','n', 0};
703 static const WCHAR CBFree[] = {'C','a','l','l','b','a','c','k','F','r','e','e','F','u','n','c','t','i','o','n', 0};
704 LONG Res = ERROR_SUCCESS;
705 LONG WriteUsageError = ERROR_SUCCESS;
707 WCHAR GuidString[39];
709 TRACE("(%s %p)\n", debugstr_a(pszUsageOID), psDefUsage);
711 /* Some sanity checks. */
714 !psDefUsage->pgActionID ||
715 (psDefUsage->cbStruct != sizeof(CRYPT_PROVIDER_REGDEFUSAGE)))
717 SetLastError(ERROR_INVALID_PARAMETER);
721 if (psDefUsage->pwszDllName)
723 Res = WINTRUST_WriteSingleUsageEntry(pszUsageOID, Dll, psDefUsage->pwszDllName);
724 if (Res != ERROR_SUCCESS) WriteUsageError = Res;
726 if (psDefUsage->pwszLoadCallbackDataFunctionName)
730 Len = MultiByteToWideChar( CP_ACP, 0, psDefUsage->pwszLoadCallbackDataFunctionName, -1, NULL, 0 );
731 CallbackW = HeapAlloc( GetProcessHeap(), 0, Len * sizeof(WCHAR) );
732 MultiByteToWideChar( CP_ACP, 0, psDefUsage->pwszLoadCallbackDataFunctionName, -1, CallbackW, Len );
734 Res = WINTRUST_WriteSingleUsageEntry(pszUsageOID, CBAlloc, CallbackW);
735 if (Res != ERROR_SUCCESS) WriteUsageError = Res;
737 HeapFree(GetProcessHeap(), 0, CallbackW);
739 if (psDefUsage->pwszFreeCallbackDataFunctionName)
743 Len = MultiByteToWideChar( CP_ACP, 0, psDefUsage->pwszFreeCallbackDataFunctionName, -1, NULL, 0 );
744 CallbackW = HeapAlloc( GetProcessHeap(), 0, Len * sizeof(WCHAR) );
745 MultiByteToWideChar( CP_ACP, 0, psDefUsage->pwszFreeCallbackDataFunctionName, -1, CallbackW, Len );
747 Res = WINTRUST_WriteSingleUsageEntry(pszUsageOID, CBFree, CallbackW);
748 if (Res != ERROR_SUCCESS) WriteUsageError = Res;
750 HeapFree(GetProcessHeap(), 0, CallbackW);
753 WINTRUST_Guid2Wstr(psDefUsage->pgActionID, GuidString);
754 Res = WINTRUST_WriteSingleUsageEntry(pszUsageOID, DefaultId, GuidString);
755 if (Res != ERROR_SUCCESS) WriteUsageError = Res;
757 if (WriteUsageError != ERROR_SUCCESS)
763 /***********************************************************************
764 * DllRegisterServer (WINTRUST.@)
766 HRESULT WINAPI DllRegisterServer(void)
768 static const CHAR SpcPeImageDataEncode[] = "WVTAsn1SpcPeImageDataEncode";
769 static const CHAR SpcPeImageDataDecode[] = "WVTAsn1SpcPeImageDataDecode";
770 static const CHAR SpcLinkEncode[] = "WVTAsn1SpcLinkEncode";
771 static const CHAR SpcLinkDecode[] = "WVTAsn1SpcLinkDecode";
772 static const CHAR SpcSigInfoEncode[] = "WVTAsn1SpcSigInfoEncode";
773 static const CHAR SpcSigInfoDecode[] = "WVTAsn1SpcSigInfoDecode";
774 static const CHAR SpcIndirectDataContentEncode[] = "WVTAsn1SpcIndirectDataContentEncode";
775 static const CHAR SpcIndirectDataContentDecode[] = "WVTAsn1SpcIndirectDataContentDecode";
776 static const CHAR SpcSpAgencyInfoEncode[] = "WVTAsn1SpcSpAgencyInfoEncode";
777 static const CHAR SpcSpAgencyInfoDecode[] = "WVTAsn1SpcSpAgencyInfoDecode";
778 static const CHAR SpcMinimalCriteriaInfoEncode[] = "WVTAsn1SpcMinimalCriteriaInfoEncode";
779 static const CHAR SpcMinimalCriteriaInfoDecode[] = "WVTAsn1SpcMinimalCriteriaInfoDecode";
780 static const CHAR SpcFinancialCriteriaInfoEncode[] = "WVTAsn1SpcFinancialCriteriaInfoEncode";
781 static const CHAR SpcFinancialCriteriaInfoDecode[] = "WVTAsn1SpcFinancialCriteriaInfoDecode";
782 static const CHAR SpcStatementTypeEncode[] = "WVTAsn1SpcStatementTypeEncode";
783 static const CHAR SpcStatementTypeDecode[] = "WVTAsn1SpcStatementTypeDecode";
784 static const CHAR CatNameValueEncode[] = "WVTAsn1CatNameValueEncode";
785 static const CHAR CatNameValueDecode[] = "WVTAsn1CatNameValueDecode";
786 static const CHAR CatMemberInfoEncode[] = "WVTAsn1CatMemberInfoEncode";
787 static const CHAR CatMemberInfoDecode[] = "WVTAsn1CatMemberInfoDecode";
788 static const CHAR SpcSpOpusInfoEncode[] = "WVTAsn1SpcSpOpusInfoEncode";
789 static const CHAR SpcSpOpusInfoDecode[] = "WVTAsn1SpcSpOpusInfoDecode";
797 * A short list of stuff that should be done here:
799 * - Several calls to CryptRegisterOIDFunction
800 * - Several action registrations (NOT through WintrustAddActionID)
801 * - Several calls to CryptSIPAddProvider
802 * - One call to CryptSIPRemoveProvider (do we need that?)
805 /* Testing on native shows that when an error is encountered in one of the CryptRegisterOIDFunction calls
806 * the rest of these calls is skipped. Registering is however continued for the trust providers.
808 * We are not totally in line with native as there all decoding functions are registered after all encoding
811 #define WINTRUST_REGISTEROID( oid, encode_funcname, decode_funcname ) \
813 if (!CryptRegisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_ENCODE_OBJECT_FUNC, oid, SP_POLICY_PROVIDER_DLL_NAME, encode_funcname)) \
815 Res = HRESULT_FROM_WIN32(GetLastError()); \
816 goto add_trust_providers; \
818 if (!CryptRegisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_DECODE_OBJECT_FUNC, oid, SP_POLICY_PROVIDER_DLL_NAME, decode_funcname)) \
820 Res = HRESULT_FROM_WIN32(GetLastError()); \
821 goto add_trust_providers; \
825 WINTRUST_REGISTEROID(SPC_PE_IMAGE_DATA_OBJID, SpcPeImageDataEncode, SpcPeImageDataDecode);
826 WINTRUST_REGISTEROID(SPC_PE_IMAGE_DATA_STRUCT, SpcPeImageDataEncode, SpcPeImageDataDecode);
827 WINTRUST_REGISTEROID(SPC_CAB_DATA_OBJID, SpcLinkEncode, SpcLinkDecode);
828 WINTRUST_REGISTEROID(SPC_CAB_DATA_STRUCT, SpcLinkEncode, SpcLinkDecode);
829 WINTRUST_REGISTEROID(SPC_JAVA_CLASS_DATA_OBJID, SpcLinkEncode, SpcLinkDecode);
830 WINTRUST_REGISTEROID(SPC_JAVA_CLASS_DATA_STRUCT, SpcLinkEncode, SpcLinkDecode);
831 WINTRUST_REGISTEROID(SPC_LINK_OBJID, SpcLinkEncode, SpcLinkDecode);
832 WINTRUST_REGISTEROID(SPC_LINK_STRUCT, SpcLinkEncode, SpcLinkDecode);
833 WINTRUST_REGISTEROID(SPC_SIGINFO_OBJID, SpcSigInfoEncode, SpcSigInfoDecode);
834 WINTRUST_REGISTEROID(SPC_SIGINFO_STRUCT, SpcSigInfoEncode, SpcSigInfoDecode);
835 WINTRUST_REGISTEROID(SPC_INDIRECT_DATA_OBJID, SpcIndirectDataContentEncode, SpcIndirectDataContentDecode);
836 WINTRUST_REGISTEROID(SPC_INDIRECT_DATA_CONTENT_STRUCT, SpcIndirectDataContentEncode, SpcIndirectDataContentDecode);
837 WINTRUST_REGISTEROID(SPC_SP_AGENCY_INFO_OBJID, SpcSpAgencyInfoEncode, SpcSpAgencyInfoDecode);
838 WINTRUST_REGISTEROID(SPC_SP_AGENCY_INFO_STRUCT, SpcSpAgencyInfoEncode, SpcSpAgencyInfoDecode);
839 WINTRUST_REGISTEROID(SPC_MINIMAL_CRITERIA_OBJID, SpcMinimalCriteriaInfoEncode, SpcMinimalCriteriaInfoDecode);
840 WINTRUST_REGISTEROID(SPC_MINIMAL_CRITERIA_STRUCT, SpcMinimalCriteriaInfoEncode, SpcMinimalCriteriaInfoDecode);
841 WINTRUST_REGISTEROID(SPC_FINANCIAL_CRITERIA_OBJID, SpcFinancialCriteriaInfoEncode, SpcFinancialCriteriaInfoDecode);
842 WINTRUST_REGISTEROID(SPC_FINANCIAL_CRITERIA_STRUCT, SpcFinancialCriteriaInfoEncode, SpcFinancialCriteriaInfoDecode);
843 WINTRUST_REGISTEROID(SPC_STATEMENT_TYPE_OBJID, SpcStatementTypeEncode, SpcStatementTypeDecode);
844 WINTRUST_REGISTEROID(SPC_STATEMENT_TYPE_STRUCT, SpcStatementTypeEncode, SpcStatementTypeDecode);
845 WINTRUST_REGISTEROID(CAT_NAMEVALUE_OBJID, CatNameValueEncode, CatNameValueDecode);
846 WINTRUST_REGISTEROID(CAT_NAMEVALUE_STRUCT, CatNameValueEncode, CatNameValueDecode);
847 WINTRUST_REGISTEROID(CAT_MEMBERINFO_OBJID, CatMemberInfoEncode, CatMemberInfoDecode);
848 WINTRUST_REGISTEROID(CAT_MEMBERINFO_STRUCT, CatMemberInfoEncode, CatMemberInfoDecode);
849 WINTRUST_REGISTEROID(SPC_SP_OPUS_INFO_OBJID, SpcSpOpusInfoEncode, SpcSpOpusInfoDecode);
850 WINTRUST_REGISTEROID(SPC_SP_OPUS_INFO_STRUCT, SpcSpOpusInfoEncode, SpcSpOpusInfoDecode);
852 #undef WINTRUST_REGISTEROID
856 /* Testing on W2K3 shows:
857 * If we cannot open HKLM\Software\Microsoft\Cryptography\Providers\Trust
858 * for writing, DllRegisterServer returns S_FALSE. If the key can be opened
859 * there is no check whether the actions can be written in the registry.
860 * As the previous list shows, there are several calls after these registrations.
861 * If they fail they will overwrite the returnvalue of DllRegisterServer.
864 /* Check if we can open/create HKLM\Software\Microsoft\Cryptography\Providers\Trust */
865 if (RegCreateKeyExW(HKEY_LOCAL_MACHINE, Trust, 0, NULL, 0, KEY_WRITE, NULL, &Key, NULL) != ERROR_SUCCESS)
867 /* If the opening/creation of the key fails, there is no need to do the action registrations as they
876 /* Create the necessary action registry structures */
877 WINTRUST_InitRegStructs();
879 /* Register several Trust Provider actions */
880 WINTRUST_RegisterGenVerifyV2();
881 WINTRUST_RegisterPublishedSoftware();
882 WINTRUST_RegisterPublishedSoftwareNoBadUi();
883 WINTRUST_RegisterGenCertVerify();
884 WINTRUST_RegisterTrustProviderTest();
885 WINTRUST_RegisterHttpsProv();
886 WINTRUST_RegisterOfficeSignVerify();
887 WINTRUST_RegisterDriverVerify();
888 WINTRUST_RegisterGenChainVerify();
890 /* Free the registry structures */
891 WINTRUST_FreeRegStructs();
897 /***********************************************************************
898 * DllUnregisterServer (WINTRUST.@)
900 HRESULT WINAPI DllUnregisterServer(void)
906 /***********************************************************************
907 * SoftpubDllRegisterServer (WINTRUST.@)
909 HRESULT WINAPI SoftpubDllRegisterServer(void)
915 /***********************************************************************
916 * SoftpubDllUnregisterServer (WINTRUST.@)
918 HRESULT WINAPI SoftpubDllUnregisterServer(void)
924 /***********************************************************************
925 * mscat32DllRegisterServer (WINTRUST.@)
927 HRESULT WINAPI mscat32DllRegisterServer(void)
933 /***********************************************************************
934 * mscat32DllUnregisterServer (WINTRUST.@)
936 HRESULT WINAPI mscat32DllUnregisterServer(void)
942 /***********************************************************************
943 * mssip32DllRegisterServer (WINTRUST.@)
945 HRESULT WINAPI mssip32DllRegisterServer(void)
951 /***********************************************************************
952 * mssip32DllUnregisterServer (WINTRUST.@)
954 HRESULT WINAPI mssip32DllUnregisterServer(void)
projects / wine / blob