git.oblomov.eu Git - wine/blob - dlls/cryptdlg/main.c

   1 /*
   2  * Copyright 2008 Maarten Lankhorst
   3  *
   4  * This library is free software; you can redistribute it and/or
   5  * modify it under the terms of the GNU Lesser General Public
   6  * License as published by the Free Software Foundation; either
   7  * version 2.1 of the License, or (at your option) any later version.
   8  *
   9  * This library is distributed in the hope that it will be useful,
  10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  12  * Lesser General Public License for more details.
  13  *
  14  * You should have received a copy of the GNU Lesser General Public
  15  * License along with this library; if not, write to the Free Software
  16  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  17  */
  18
  19 #define NONAMELESSUNION
  20
  21 #include "config.h"
  22
  23 #include <stdarg.h>
  24
  25 #include "windef.h"
  26 #include "winbase.h"
  27 #include "winnls.h"
  28 #include "winreg.h"
  29 #include "wincrypt.h"
  30 #include "wintrust.h"
  31 #include "winuser.h"
  32 #include "objbase.h"
  33 #include "cryptdlg.h"
  34 #include "cryptuiapi.h"
  35 #include "cryptres.h"
  36 #include "wine/unicode.h"
  37 #include "wine/debug.h"
  38
  39 WINE_DEFAULT_DEBUG_CHANNEL(cryptdlg);
  40
  41 static HINSTANCE hInstance;
  42
  43 BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
  44 {
  45     TRACE("(0x%p, %d, %p)\n", hinstDLL, fdwReason, lpvReserved);
  46
  47     switch (fdwReason)
  48     {
  49         case DLL_WINE_PREATTACH:
  50             return FALSE;    /* prefer native version */
  51         case DLL_PROCESS_ATTACH:
  52             DisableThreadLibraryCalls(hinstDLL);
  53             hInstance = hinstDLL;
  54             break;
  55         case DLL_PROCESS_DETACH:
  56             break;
  57         default:
  58             break;
  59     }
  60     return TRUE;
  61 }
  62
  63 /***********************************************************************
  64  *              GetFriendlyNameOfCertA (CRYPTDLG.@)
  65  */
  66 DWORD WINAPI GetFriendlyNameOfCertA(PCCERT_CONTEXT pccert, LPSTR pchBuffer,
  67                              DWORD cchBuffer)
  68 {
  69     return CertGetNameStringA(pccert, CERT_NAME_FRIENDLY_DISPLAY_TYPE, 0, NULL,
  70      pchBuffer, cchBuffer);
  71 }
  72
  73 /***********************************************************************
  74  *              GetFriendlyNameOfCertW (CRYPTDLG.@)
  75  */
  76 DWORD WINAPI GetFriendlyNameOfCertW(PCCERT_CONTEXT pccert, LPWSTR pchBuffer,
  77                              DWORD cchBuffer)
  78 {
  79     return CertGetNameStringW(pccert, CERT_NAME_FRIENDLY_DISPLAY_TYPE, 0, NULL,
  80      pchBuffer, cchBuffer);
  81 }
  82
  83 /***********************************************************************
  84  *              CertTrustInit (CRYPTDLG.@)
  85  */
  86 HRESULT WINAPI CertTrustInit(CRYPT_PROVIDER_DATA *pProvData)
  87 {
  88     HRESULT ret = S_FALSE;
  89
  90     TRACE("(%p)\n", pProvData);
  91
  92     if (pProvData->padwTrustStepErrors &&
  93      !pProvData->padwTrustStepErrors[TRUSTERROR_STEP_FINAL_WVTINIT])
  94         ret = S_OK;
  95     TRACE("returning %08x\n", ret);
  96     return ret;
  97 }
  98
  99 /***********************************************************************
 100  *              CertTrustCertPolicy (CRYPTDLG.@)
 101  */
 102 BOOL WINAPI CertTrustCertPolicy(CRYPT_PROVIDER_DATA *pProvData, DWORD idxSigner, BOOL fCounterSignerChain, DWORD idxCounterSigner)
 103 {
 104     FIXME("(%p, %d, %s, %d)\n", pProvData, idxSigner, fCounterSignerChain ? "TRUE" : "FALSE", idxCounterSigner);
 105     return FALSE;
 106 }
 107
 108 /***********************************************************************
 109  *              CertTrustCleanup (CRYPTDLG.@)
 110  */
 111 HRESULT WINAPI CertTrustCleanup(CRYPT_PROVIDER_DATA *pProvData)
 112 {
 113     FIXME("(%p)\n", pProvData);
 114     return E_NOTIMPL;
 115 }
 116
 117 static BOOL CRYPTDLG_CheckOnlineCRL(void)
 118 {
 119     static const WCHAR policyFlagsKey[] = { 'S','o','f','t','w','a','r','e',
 120      '\\','M','i','c','r','o','s','o','f','t','\\','C','r','y','p','t','o','g',
 121      'r','a','p','h','y','\\','{','7','8','0','1','e','b','d','0','-','c','f',
 122      '4','b','-','1','1','d','0','-','8','5','1','f','-','0','0','6','0','9',
 123      '7','9','3','8','7','e','a','}',0 };
 124     static const WCHAR policyFlags[] = { 'P','o','l','i','c','y','F','l','a',
 125      'g','s',0 };
 126     HKEY key;
 127     BOOL ret = FALSE;
 128
 129     if (!RegOpenKeyExW(HKEY_LOCAL_MACHINE, policyFlagsKey, 0, KEY_READ, &key))
 130     {
 131         DWORD type, flags, size = sizeof(flags);
 132
 133         if (!RegQueryValueExW(key, policyFlags, NULL, &type, (BYTE *)&flags,
 134          &size) && type == REG_DWORD)
 135         {
 136             /* The flag values aren't defined in any header I'm aware of, but
 137              * this value is well documented on the net.
 138              */
 139             if (flags & 0x00010000)
 140                 ret = TRUE;
 141         }
 142         RegCloseKey(key);
 143     }
 144     return ret;
 145 }
 146
 147 /* Returns TRUE if pCert is not in the Disallowed system store, or FALSE if it
 148  * is.
 149  */
 150 static BOOL CRYPTDLG_IsCertAllowed(PCCERT_CONTEXT pCert)
 151 {
 152     BOOL ret;
 153     BYTE hash[20];
 154     DWORD size = sizeof(hash);
 155
 156     if ((ret = CertGetCertificateContextProperty(pCert,
 157      CERT_SIGNATURE_HASH_PROP_ID, hash, &size)))
 158     {
 159         static const WCHAR disallowedW[] =
 160          { 'D','i','s','a','l','l','o','w','e','d',0 };
 161         HCERTSTORE disallowed = CertOpenStore(CERT_STORE_PROV_SYSTEM_W,
 162          X509_ASN_ENCODING, 0, CERT_SYSTEM_STORE_CURRENT_USER, disallowedW);
 163
 164         if (disallowed)
 165         {
 166             PCCERT_CONTEXT found = CertFindCertificateInStore(disallowed,
 167              X509_ASN_ENCODING, 0, CERT_FIND_SIGNATURE_HASH, hash, NULL);
 168
 169             if (found)
 170             {
 171                 ret = FALSE;
 172                 CertFreeCertificateContext(found);
 173             }
 174             CertCloseStore(disallowed, 0);
 175         }
 176     }
 177     return ret;
 178 }
 179
 180 static DWORD CRYPTDLG_TrustStatusToConfidence(DWORD errorStatus)
 181 {
 182     DWORD confidence = 0;
 183
 184     confidence = 0;
 185     if (!(errorStatus & CERT_TRUST_IS_NOT_SIGNATURE_VALID))
 186         confidence |= CERT_CONFIDENCE_SIG;
 187     if (!(errorStatus & CERT_TRUST_IS_NOT_TIME_VALID))
 188         confidence |= CERT_CONFIDENCE_TIME;
 189     if (!(errorStatus & CERT_TRUST_IS_NOT_TIME_NESTED))
 190         confidence |= CERT_CONFIDENCE_TIMENEST;
 191     return confidence;
 192 }
 193
 194 static BOOL CRYPTDLG_CopyChain(CRYPT_PROVIDER_DATA *data,
 195  PCCERT_CHAIN_CONTEXT chain)
 196 {
 197     BOOL ret;
 198     CRYPT_PROVIDER_SGNR signer;
 199     PCERT_SIMPLE_CHAIN simpleChain = chain->rgpChain[0];
 200     DWORD i;
 201
 202     memset(&signer, 0, sizeof(signer));
 203     signer.cbStruct = sizeof(signer);
 204     ret = data->psPfns->pfnAddSgnr2Chain(data, FALSE, 0, &signer);
 205     if (ret)
 206     {
 207         CRYPT_PROVIDER_SGNR *sgnr = WTHelperGetProvSignerFromChain(data, 0,
 208          FALSE, 0);
 209
 210         if (sgnr)
 211         {
 212             sgnr->dwError = simpleChain->TrustStatus.dwErrorStatus;
 213             sgnr->pChainContext = CertDuplicateCertificateChain(chain);
 214         }
 215         else
 216             ret = FALSE;
 217         for (i = 0; ret && i < simpleChain->cElement; i++)
 218         {
 219             ret = data->psPfns->pfnAddCert2Chain(data, 0, FALSE, 0,
 220              simpleChain->rgpElement[i]->pCertContext);
 221             if (ret)
 222             {
 223                 CRYPT_PROVIDER_CERT *cert;
 224
 225                 if ((cert = WTHelperGetProvCertFromChain(sgnr, i)))
 226                 {
 227                     CERT_CHAIN_ELEMENT *element = simpleChain->rgpElement[i];
 228
 229                     cert->dwConfidence = CRYPTDLG_TrustStatusToConfidence(
 230                      element->TrustStatus.dwErrorStatus);
 231                     cert->dwError = element->TrustStatus.dwErrorStatus;
 232                     cert->pChainElement = element;
 233                 }
 234                 else
 235                     ret = FALSE;
 236             }
 237         }
 238     }
 239     return ret;
 240 }
 241
 242 static CERT_VERIFY_CERTIFICATE_TRUST *CRYPTDLG_GetVerifyData(
 243  CRYPT_PROVIDER_DATA *data)
 244 {
 245     CERT_VERIFY_CERTIFICATE_TRUST *pCert = NULL;
 246
 247     /* This should always be true, but just in case the calling function is
 248      * called directly:
 249      */
 250     if (data->pWintrustData->dwUnionChoice == WTD_CHOICE_BLOB &&
 251      data->pWintrustData->u.pBlob && data->pWintrustData->u.pBlob->cbMemObject ==
 252      sizeof(CERT_VERIFY_CERTIFICATE_TRUST) &&
 253      data->pWintrustData->u.pBlob->pbMemObject)
 254          pCert = (CERT_VERIFY_CERTIFICATE_TRUST *)
 255           data->pWintrustData->u.pBlob->pbMemObject;
 256     return pCert;
 257 }
 258
 259 static HCERTCHAINENGINE CRYPTDLG_MakeEngine(CERT_VERIFY_CERTIFICATE_TRUST *cert)
 260 {
 261     HCERTCHAINENGINE engine = NULL;
 262     HCERTSTORE root = NULL, trust = NULL;
 263     DWORD i;
 264
 265     if (cert->cRootStores)
 266     {
 267         root = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0,
 268          CERT_STORE_CREATE_NEW_FLAG, NULL);
 269         if (root)
 270         {
 271             for (i = 0; i < cert->cRootStores; i++)
 272                 CertAddStoreToCollection(root, cert->rghstoreRoots[i], 0, 0);
 273         }
 274     }
 275     if (cert->cTrustStores)
 276     {
 277         trust = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0,
 278          CERT_STORE_CREATE_NEW_FLAG, NULL);
 279         if (trust)
 280         {
 281             for (i = 0; i < cert->cTrustStores; i++)
 282                 CertAddStoreToCollection(trust, cert->rghstoreTrust[i], 0, 0);
 283         }
 284     }
 285     if (cert->cRootStores || cert->cStores || cert->cTrustStores)
 286     {
 287         CERT_CHAIN_ENGINE_CONFIG config;
 288
 289         memset(&config, 0, sizeof(config));
 290         config.cbSize = sizeof(config);
 291         config.hRestrictedRoot = root;
 292         config.hRestrictedTrust = trust;
 293         config.cAdditionalStore = cert->cStores;
 294         config.rghAdditionalStore = cert->rghstoreCAs;
 295         config.hRestrictedRoot = root;
 296         CertCreateCertificateChainEngine(&config, &engine);
 297         CertCloseStore(root, 0);
 298         CertCloseStore(trust, 0);
 299     }
 300     return engine;
 301 }
 302
 303 /***********************************************************************
 304  *              CertTrustFinalPolicy (CRYPTDLG.@)
 305  */
 306 HRESULT WINAPI CertTrustFinalPolicy(CRYPT_PROVIDER_DATA *data)
 307 {
 308     BOOL ret;
 309     DWORD err = S_OK;
 310     CERT_VERIFY_CERTIFICATE_TRUST *pCert = CRYPTDLG_GetVerifyData(data);
 311
 312     TRACE("(%p)\n", data);
 313
 314     if (data->pWintrustData->dwUIChoice != WTD_UI_NONE)
 315         FIXME("unimplemented for UI choice %d\n",
 316          data->pWintrustData->dwUIChoice);
 317     if (pCert)
 318     {
 319         DWORD flags = 0;
 320         CERT_CHAIN_PARA chainPara;
 321         HCERTCHAINENGINE engine;
 322
 323         memset(&chainPara, 0, sizeof(chainPara));
 324         chainPara.cbSize = sizeof(chainPara);
 325         if (CRYPTDLG_CheckOnlineCRL())
 326             flags |= CERT_CHAIN_REVOCATION_CHECK_END_CERT;
 327         engine = CRYPTDLG_MakeEngine(pCert);
 328         GetSystemTimeAsFileTime(&data->sftSystemTime);
 329         ret = CRYPTDLG_IsCertAllowed(pCert->pccert);
 330         if (ret)
 331         {
 332             PCCERT_CHAIN_CONTEXT chain;
 333
 334             ret = CertGetCertificateChain(engine, pCert->pccert,
 335              &data->sftSystemTime, NULL, &chainPara, flags, NULL, &chain);
 336             if (ret)
 337             {
 338                 if (chain->cChain != 1)
 339                 {
 340                     FIXME("unimplemented for more than 1 simple chain\n");
 341                     err = TRUST_E_SUBJECT_FORM_UNKNOWN;
 342                     ret = FALSE;
 343                 }
 344                 else if ((ret = CRYPTDLG_CopyChain(data, chain)))
 345                 {
 346                     if (CertVerifyTimeValidity(&data->sftSystemTime,
 347                      pCert->pccert->pCertInfo))
 348                     {
 349                         ret = FALSE;
 350                         err = CERT_E_EXPIRED;
 351                     }
 352                 }
 353                 else
 354                     err = TRUST_E_SYSTEM_ERROR;
 355                 CertFreeCertificateChain(chain);
 356             }
 357             else
 358                 err = TRUST_E_SUBJECT_NOT_TRUSTED;
 359         }
 360         CertFreeCertificateChainEngine(engine);
 361     }
 362     else
 363     {
 364         ret = FALSE;
 365         err = TRUST_E_NOSIGNATURE;
 366     }
 367     /* Oddly, native doesn't set the error in the trust step error location,
 368      * probably because this action is more advisory than anything else.
 369      * Instead it stores it as the final error, but the function "succeeds" in
 370      * any case.
 371      */
 372     if (!ret)
 373         data->dwFinalError = err;
 374     TRACE("returning %d (%08x)\n", S_OK, data->dwFinalError);
 375     return S_OK;
 376 }
 377
 378 /***********************************************************************
 379  *              CertViewPropertiesA (CRYPTDLG.@)
 380  */
 381 BOOL WINAPI CertViewPropertiesA(CERT_VIEWPROPERTIES_STRUCT_A *info)
 382 {
 383     CERT_VIEWPROPERTIES_STRUCT_W infoW;
 384     LPWSTR title = NULL;
 385     BOOL ret;
 386
 387     TRACE("(%p)\n", info);
 388
 389     memcpy(&infoW, info, sizeof(infoW));
 390     if (info->szTitle)
 391     {
 392         int len = MultiByteToWideChar(CP_ACP, 0, info->szTitle, -1, NULL, 0);
 393
 394         title = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
 395         if (title)
 396         {
 397             MultiByteToWideChar(CP_ACP, 0, info->szTitle, -1, title, len);
 398             infoW.szTitle = title;
 399         }
 400         else
 401         {
 402             ret = FALSE;
 403             goto error;
 404         }
 405     }
 406     ret = CertViewPropertiesW(&infoW);
 407     HeapFree(GetProcessHeap(), 0, title);
 408 error:
 409     return ret;
 410 }
 411
 412 /***********************************************************************
 413  *              CertViewPropertiesW (CRYPTDLG.@)
 414  */
 415 BOOL WINAPI CertViewPropertiesW(CERT_VIEWPROPERTIES_STRUCT_W *info)
 416 {
 417     static GUID cert_action_verify = CERT_CERTIFICATE_ACTION_VERIFY;
 418     CERT_VERIFY_CERTIFICATE_TRUST trust;
 419     WINTRUST_BLOB_INFO blob;
 420     WINTRUST_DATA wtd;
 421     LONG err;
 422     BOOL ret;
 423
 424     TRACE("(%p)\n", info);
 425
 426     memset(&trust, 0, sizeof(trust));
 427     trust.cbSize = sizeof(trust);
 428     trust.pccert = info->pCertContext;
 429     trust.cRootStores = info->cRootStores;
 430     trust.rghstoreRoots = info->rghstoreRoots;
 431     trust.cStores = info->cStores;
 432     trust.rghstoreCAs = info->rghstoreCAs;
 433     trust.cTrustStores = info->cTrustStores;
 434     trust.rghstoreTrust = info->rghstoreTrust;
 435     memset(&blob, 0, sizeof(blob));
 436     blob.cbStruct = sizeof(blob);
 437     blob.cbMemObject = sizeof(trust);
 438     blob.pbMemObject = (BYTE *)&trust;
 439     memset(&wtd, 0, sizeof(wtd));
 440     wtd.cbStruct = sizeof(wtd);
 441     wtd.dwUIChoice = WTD_UI_NONE;
 442     wtd.dwUnionChoice = WTD_CHOICE_BLOB;
 443     wtd.u.pBlob = &blob;
 444     wtd.dwStateAction = WTD_STATEACTION_VERIFY;
 445     err = WinVerifyTrust(NULL, &cert_action_verify, &wtd);
 446     if (err == ERROR_SUCCESS)
 447     {
 448         CRYPTUI_VIEWCERTIFICATE_STRUCTW uiInfo;
 449         BOOL propsChanged = FALSE;
 450
 451         memset(&uiInfo, 0, sizeof(uiInfo));
 452         uiInfo.dwSize = sizeof(uiInfo);
 453         uiInfo.hwndParent = info->hwndParent;
 454         uiInfo.dwFlags =
 455          CRYPTUI_DISABLE_ADDTOSTORE | CRYPTUI_ENABLE_EDITPROPERTIES;
 456         uiInfo.szTitle = info->szTitle;
 457         uiInfo.pCertContext = info->pCertContext;
 458         uiInfo.cPurposes = info->cArrayPurposes;
 459         uiInfo.rgszPurposes = (LPCSTR *)info->arrayPurposes;
 460         uiInfo.u.hWVTStateData = wtd.hWVTStateData;
 461         uiInfo.fpCryptProviderDataTrustedUsage = TRUE;
 462         uiInfo.cPropSheetPages = info->cArrayPropSheetPages;
 463         uiInfo.rgPropSheetPages = info->arrayPropSheetPages;
 464         uiInfo.nStartPage = info->nStartPage;
 465         ret = CryptUIDlgViewCertificateW(&uiInfo, &propsChanged);
 466         wtd.dwStateAction = WTD_STATEACTION_CLOSE;
 467         WinVerifyTrust(NULL, &cert_action_verify, &wtd);
 468     }
 469     else
 470         ret = FALSE;
 471     return ret;
 472 }
 473
 474 static BOOL CRYPT_FormatHexString(const BYTE *pbEncoded, DWORD cbEncoded,
 475  WCHAR *str, DWORD *pcchStr)
 476 {
 477     BOOL ret;
 478     DWORD charsNeeded;
 479
 480     if (cbEncoded)
 481         charsNeeded = (cbEncoded * 3);
 482     else
 483         charsNeeded = 1;
 484     if (!str)
 485     {
 486         *pcchStr = charsNeeded;
 487         ret = TRUE;
 488     }
 489     else if (*pcchStr < charsNeeded)
 490     {
 491         *pcchStr = charsNeeded;
 492         SetLastError(ERROR_MORE_DATA);
 493         ret = FALSE;
 494     }
 495     else
 496     {
 497         static const WCHAR fmt[] = { '%','0','2','x',' ',0 };
 498         static const WCHAR endFmt[] = { '%','0','2','x',0 };
 499         DWORD i;
 500         LPWSTR ptr = str;
 501
 502         *pcchStr = charsNeeded;
 503         if (cbEncoded)
 504         {
 505             for (i = 0; i < cbEncoded; i++)
 506             {
 507                 if (i < cbEncoded - 1)
 508                     ptr += sprintfW(ptr, fmt, pbEncoded[i]);
 509                 else
 510                     ptr += sprintfW(ptr, endFmt, pbEncoded[i]);
 511             }
 512         }
 513         else
 514             *ptr = 0;
 515         ret = TRUE;
 516     }
 517     return ret;
 518 }
 519
 520 static const WCHAR indent[] = { ' ',' ',' ',' ',' ',0 };
 521 static const WCHAR colonCrlf[] = { ':','\r','\n',0 };
 522 static const WCHAR colonSpace[] = { ':',' ',0 };
 523 static const WCHAR crlf[] = { '\r','\n',0 };
 524 static const WCHAR commaSep[] = { ',',' ',0 };
 525
 526 static BOOL CRYPT_FormatCPS(DWORD dwCertEncodingType,
 527  DWORD dwFormatStrType, const BYTE *pbEncoded, DWORD cbEncoded,
 528  WCHAR *str, DWORD *pcchStr)
 529 {
 530     BOOL ret;
 531     DWORD size, charsNeeded = 1;
 532     CERT_NAME_VALUE *cpsValue;
 533
 534     if ((ret = CryptDecodeObjectEx(dwCertEncodingType, X509_UNICODE_ANY_STRING,
 535      pbEncoded, cbEncoded, CRYPT_DECODE_ALLOC_FLAG, NULL, &cpsValue, &size)))
 536     {
 537         LPCWSTR sep;
 538         DWORD sepLen;
 539
 540         if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
 541             sep = crlf;
 542         else
 543             sep = commaSep;
 544
 545         sepLen = strlenW(sep);
 546
 547         if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
 548         {
 549             charsNeeded += 3 * strlenW(indent);
 550             if (str && *pcchStr >= charsNeeded)
 551             {
 552                 strcpyW(str, indent);
 553                 str += strlenW(indent);
 554                 strcpyW(str, indent);
 555                 str += strlenW(indent);
 556                 strcpyW(str, indent);
 557                 str += strlenW(indent);
 558             }
 559         }
 560         charsNeeded += cpsValue->Value.cbData / sizeof(WCHAR);
 561         if (str && *pcchStr >= charsNeeded)
 562         {
 563             strcpyW(str, (LPWSTR)cpsValue->Value.pbData);
 564             str += cpsValue->Value.cbData / sizeof(WCHAR);
 565         }
 566         charsNeeded += sepLen;
 567         if (str && *pcchStr >= charsNeeded)
 568         {
 569             strcpyW(str, sep);
 570             str += sepLen;
 571         }
 572         LocalFree(cpsValue);
 573         if (!str)
 574             *pcchStr = charsNeeded;
 575         else if (*pcchStr < charsNeeded)
 576         {
 577             *pcchStr = charsNeeded;
 578             SetLastError(ERROR_MORE_DATA);
 579             ret = FALSE;
 580         }
 581         else
 582             *pcchStr = charsNeeded;
 583     }
 584     return ret;
 585 }
 586
 587 static BOOL CRYPT_FormatUserNotice(DWORD dwCertEncodingType,
 588  DWORD dwFormatStrType, const BYTE *pbEncoded, DWORD cbEncoded,
 589  WCHAR *str, DWORD *pcchStr)
 590 {
 591     BOOL ret;
 592     DWORD size, charsNeeded = 1;
 593     CERT_POLICY_QUALIFIER_USER_NOTICE *notice;
 594
 595     if ((ret = CryptDecodeObjectEx(dwCertEncodingType,
 596      X509_PKIX_POLICY_QUALIFIER_USERNOTICE, pbEncoded, cbEncoded,
 597      CRYPT_DECODE_ALLOC_FLAG, NULL, &notice, &size)))
 598     {
 599         static const WCHAR numFmt[] = { '%','d',0 };
 600         CERT_POLICY_QUALIFIER_NOTICE_REFERENCE *pNoticeRef =
 601          notice->pNoticeReference;
 602         LPCWSTR headingSep, sep;
 603         DWORD headingSepLen, sepLen;
 604         LPWSTR noticeRef, organization, noticeNum, noticeText;
 605         DWORD noticeRefLen, organizationLen, noticeNumLen, noticeTextLen;
 606         WCHAR noticeNumStr[11];
 607
 608         noticeRefLen = LoadStringW(hInstance, IDS_NOTICE_REF,
 609          (LPWSTR)&noticeRef, 0);
 610         organizationLen = LoadStringW(hInstance, IDS_ORGANIZATION,
 611          (LPWSTR)&organization, 0);
 612         noticeNumLen = LoadStringW(hInstance, IDS_NOTICE_NUM,
 613          (LPWSTR)&noticeNum, 0);
 614         noticeTextLen = LoadStringW(hInstance, IDS_NOTICE_TEXT,
 615          (LPWSTR)&noticeText, 0);
 616         if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
 617         {
 618             headingSep = colonCrlf;
 619             sep = crlf;
 620         }
 621         else
 622         {
 623             headingSep = colonSpace;
 624             sep = commaSep;
 625         }
 626         sepLen = strlenW(sep);
 627         headingSepLen = strlenW(headingSep);
 628
 629         if (pNoticeRef)
 630         {
 631             DWORD k;
 632             LPCSTR src;
 633
 634             if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
 635             {
 636                 charsNeeded += 3 * strlenW(indent);
 637                 if (str && *pcchStr >= charsNeeded)
 638                 {
 639                     strcpyW(str, indent);
 640                     str += strlenW(indent);
 641                     strcpyW(str, indent);
 642                     str += strlenW(indent);
 643                     strcpyW(str, indent);
 644                     str += strlenW(indent);
 645                 }
 646             }
 647             charsNeeded += noticeRefLen;
 648             if (str && *pcchStr >= charsNeeded)
 649             {
 650                 memcpy(str, noticeRef, noticeRefLen * sizeof(WCHAR));
 651                 str += noticeRefLen;
 652             }
 653             charsNeeded += headingSepLen;
 654             if (str && *pcchStr >= charsNeeded)
 655             {
 656                 strcpyW(str, headingSep);
 657                 str += headingSepLen;
 658             }
 659             if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
 660             {
 661                 charsNeeded += 4 * strlenW(indent);
 662                 if (str && *pcchStr >= charsNeeded)
 663                 {
 664                     strcpyW(str, indent);
 665                     str += strlenW(indent);
 666                     strcpyW(str, indent);
 667                     str += strlenW(indent);
 668                     strcpyW(str, indent);
 669                     str += strlenW(indent);
 670                     strcpyW(str, indent);
 671                     str += strlenW(indent);
 672                 }
 673             }
 674             charsNeeded += organizationLen;
 675             if (str && *pcchStr >= charsNeeded)
 676             {
 677                 memcpy(str, organization, organizationLen * sizeof(WCHAR));
 678                 str += organizationLen;
 679             }
 680             charsNeeded += strlen(pNoticeRef->pszOrganization);
 681             if (str && *pcchStr >= charsNeeded)
 682                 for (src = pNoticeRef->pszOrganization; src && *src;
 683                  src++, str++)
 684                     *str = *src;
 685             charsNeeded += sepLen;
 686             if (str && *pcchStr >= charsNeeded)
 687             {
 688                 strcpyW(str, sep);
 689                 str += sepLen;
 690             }
 691             for (k = 0; k < pNoticeRef->cNoticeNumbers; k++)
 692             {
 693                 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
 694                 {
 695                     charsNeeded += 4 * strlenW(indent);
 696                     if (str && *pcchStr >= charsNeeded)
 697                     {
 698                         strcpyW(str, indent);
 699                         str += strlenW(indent);
 700                         strcpyW(str, indent);
 701                         str += strlenW(indent);
 702                         strcpyW(str, indent);
 703                         str += strlenW(indent);
 704                         strcpyW(str, indent);
 705                         str += strlenW(indent);
 706                     }
 707                 }
 708                 charsNeeded += noticeNumLen;
 709                 if (str && *pcchStr >= charsNeeded)
 710                 {
 711                     memcpy(str, noticeNum, noticeNumLen * sizeof(WCHAR));
 712                     str += noticeNumLen;
 713                 }
 714                 sprintfW(noticeNumStr, numFmt, k + 1);
 715                 charsNeeded += strlenW(noticeNumStr);
 716                 if (str && *pcchStr >= charsNeeded)
 717                 {
 718                     strcpyW(str, noticeNumStr);
 719                     str += strlenW(noticeNumStr);
 720                 }
 721                 charsNeeded += sepLen;
 722                 if (str && *pcchStr >= charsNeeded)
 723                 {
 724                     strcpyW(str, sep);
 725                     str += sepLen;
 726                 }
 727             }
 728         }
 729         if (notice->pszDisplayText)
 730         {
 731             if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
 732             {
 733                 charsNeeded += 3 * strlenW(indent);
 734                 if (str && *pcchStr >= charsNeeded)
 735                 {
 736                     strcpyW(str, indent);
 737                     str += strlenW(indent);
 738                     strcpyW(str, indent);
 739                     str += strlenW(indent);
 740                     strcpyW(str, indent);
 741                     str += strlenW(indent);
 742                 }
 743             }
 744             charsNeeded += noticeTextLen;
 745             if (str && *pcchStr >= charsNeeded)
 746             {
 747                 memcpy(str, noticeText, noticeTextLen * sizeof(WCHAR));
 748                 str += noticeTextLen;
 749             }
 750             charsNeeded += strlenW(notice->pszDisplayText);
 751             if (str && *pcchStr >= charsNeeded)
 752             {
 753                 strcpyW(str, notice->pszDisplayText);
 754                 str += strlenW(notice->pszDisplayText);
 755             }
 756             charsNeeded += sepLen;
 757             if (str && *pcchStr >= charsNeeded)
 758             {
 759                 strcpyW(str, sep);
 760                 str += sepLen;
 761             }
 762         }
 763         LocalFree(notice);
 764         if (!str)
 765             *pcchStr = charsNeeded;
 766         else if (*pcchStr < charsNeeded)
 767         {
 768             *pcchStr = charsNeeded;
 769             SetLastError(ERROR_MORE_DATA);
 770             ret = FALSE;
 771         }
 772         else
 773             *pcchStr = charsNeeded;
 774     }
 775     return ret;
 776 }
 777
 778 /***********************************************************************
 779  *              FormatVerisignExtension (CRYPTDLG.@)
 780  */
 781 BOOL WINAPI FormatVerisignExtension(DWORD dwCertEncodingType,
 782  DWORD dwFormatType, DWORD dwFormatStrType, void *pFormatStruct,
 783  LPCSTR lpszStructType, const BYTE *pbEncoded, DWORD cbEncoded, void *pbFormat,
 784  DWORD *pcbFormat)
 785 {
 786     CERT_POLICIES_INFO *policies;
 787     DWORD size;
 788     BOOL ret = FALSE;
 789
 790     if (!cbEncoded)
 791     {
 792         SetLastError(E_INVALIDARG);
 793         return FALSE;
 794     }
 795     if ((ret = CryptDecodeObjectEx(dwCertEncodingType, X509_CERT_POLICIES,
 796      pbEncoded, cbEncoded, CRYPT_DECODE_ALLOC_FLAG, NULL, &policies, &size)))
 797     {
 798         static const WCHAR numFmt[] = { '%','d',0 };
 799         DWORD charsNeeded = 1; /* space for NULL terminator */
 800         LPCWSTR headingSep, sep;
 801         DWORD headingSepLen, sepLen;
 802         WCHAR policyNum[11], policyQualifierNum[11];
 803         LPWSTR certPolicy, policyId, policyQualifierInfo, policyQualifierId;
 804         LPWSTR cps, userNotice, qualifier;
 805         DWORD certPolicyLen, policyIdLen, policyQualifierInfoLen;
 806         DWORD policyQualifierIdLen, cpsLen, userNoticeLen, qualifierLen;
 807         DWORD i;
 808         LPWSTR str = pbFormat;
 809
 810         certPolicyLen = LoadStringW(hInstance, IDS_CERT_POLICY,
 811          (LPWSTR)&certPolicy, 0);
 812         policyIdLen = LoadStringW(hInstance, IDS_POLICY_ID, (LPWSTR)&policyId,
 813          0);
 814         policyQualifierInfoLen = LoadStringW(hInstance,
 815          IDS_POLICY_QUALIFIER_INFO, (LPWSTR)&policyQualifierInfo, 0);
 816         policyQualifierIdLen = LoadStringW(hInstance, IDS_POLICY_QUALIFIER_ID,
 817          (LPWSTR)&policyQualifierId, 0);
 818         cpsLen = LoadStringW(hInstance, IDS_CPS, (LPWSTR)&cps, 0);
 819         userNoticeLen = LoadStringW(hInstance, IDS_USER_NOTICE,
 820          (LPWSTR)&userNotice, 0);
 821         qualifierLen = LoadStringW(hInstance, IDS_QUALIFIER,
 822          (LPWSTR)&qualifier, 0);
 823         if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
 824         {
 825             headingSep = colonCrlf;
 826             sep = crlf;
 827         }
 828         else
 829         {
 830             headingSep = colonSpace;
 831             sep = commaSep;
 832         }
 833         sepLen = strlenW(sep);
 834         headingSepLen = strlenW(headingSep);
 835
 836         for (i = 0; ret && i < policies->cPolicyInfo; i++)
 837         {
 838             CERT_POLICY_INFO *policy = &policies->rgPolicyInfo[i];
 839             DWORD j;
 840             LPCSTR src;
 841
 842             charsNeeded += 1; /* '['*/
 843             if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
 844                 *str++ = '[';
 845             sprintfW(policyNum, numFmt, i + 1);
 846             charsNeeded += strlenW(policyNum);
 847             if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
 848             {
 849                 strcpyW(str, policyNum);
 850                 str += strlenW(policyNum);
 851             }
 852             charsNeeded += 1; /* ']'*/
 853             if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
 854                 *str++ = ']';
 855             charsNeeded += certPolicyLen;
 856             if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
 857             {
 858                 memcpy(str, certPolicy, certPolicyLen * sizeof(WCHAR));
 859                 str += certPolicyLen;
 860             }
 861             charsNeeded += headingSepLen;
 862             if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
 863             {
 864                 strcpyW(str, headingSep);
 865                 str += headingSepLen;
 866             }
 867             if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
 868             {
 869                 charsNeeded += strlenW(indent);
 870                 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
 871                 {
 872                     strcpyW(str, indent);
 873                     str += strlenW(indent);
 874                 }
 875             }
 876             charsNeeded += policyIdLen;
 877             if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
 878             {
 879                 memcpy(str, policyId, policyIdLen * sizeof(WCHAR));
 880                 str += policyIdLen;
 881             }
 882             charsNeeded += strlen(policy->pszPolicyIdentifier);
 883             if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
 884             {
 885                 for (src = policy->pszPolicyIdentifier; src && *src;
 886                  src++, str++)
 887                     *str = *src;
 888             }
 889             charsNeeded += sepLen;
 890             if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
 891             {
 892                 strcpyW(str, sep);
 893                 str += sepLen;
 894             }
 895             for (j = 0; j < policy->cPolicyQualifier; j++)
 896             {
 897                 CERT_POLICY_QUALIFIER_INFO *qualifierInfo =
 898                  &policy->rgPolicyQualifier[j];
 899                 DWORD sizeRemaining;
 900
 901                 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
 902                 {
 903                     charsNeeded += strlenW(indent);
 904                     if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
 905                     {
 906                         strcpyW(str, indent);
 907                         str += strlenW(indent);
 908                     }
 909                 }
 910                 charsNeeded += 1; /* '['*/
 911                 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
 912                     *str++ = '[';
 913                 charsNeeded += strlenW(policyNum);
 914                 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
 915                 {
 916                     strcpyW(str, policyNum);
 917                     str += strlenW(policyNum);
 918                 }
 919                 charsNeeded += 1; /* ','*/
 920                 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
 921                     *str++ = ',';
 922                 sprintfW(policyQualifierNum, numFmt, j + 1);
 923                 charsNeeded += strlenW(policyQualifierNum);
 924                 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
 925                 {
 926                     strcpyW(str, policyQualifierNum);
 927                     str += strlenW(policyQualifierNum);
 928                 }
 929                 charsNeeded += 1; /* ']'*/
 930                 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
 931                     *str++ = ']';
 932                 charsNeeded += policyQualifierInfoLen;
 933                 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
 934                 {
 935                     memcpy(str, policyQualifierInfo,
 936                      policyQualifierInfoLen * sizeof(WCHAR));
 937                     str += policyQualifierInfoLen;
 938                 }
 939                 charsNeeded += headingSepLen;
 940                 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
 941                 {
 942                     strcpyW(str, headingSep);
 943                     str += headingSepLen;
 944                 }
 945                 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
 946                 {
 947                     charsNeeded += 2 * strlenW(indent);
 948                     if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
 949                     {
 950                         strcpyW(str, indent);
 951                         str += strlenW(indent);
 952                         strcpyW(str, indent);
 953                         str += strlenW(indent);
 954                     }
 955                 }
 956                 charsNeeded += policyQualifierIdLen;
 957                 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
 958                 {
 959                     memcpy(str, policyQualifierId,
 960                      policyQualifierIdLen * sizeof(WCHAR));
 961                     str += policyQualifierIdLen;
 962                 }
 963                 if (!strcmp(qualifierInfo->pszPolicyQualifierId,
 964                  szOID_PKIX_POLICY_QUALIFIER_CPS))
 965                 {
 966                     charsNeeded += cpsLen;
 967                     if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
 968                     {
 969                         memcpy(str, cps, cpsLen * sizeof(WCHAR));
 970                         str += cpsLen;
 971                     }
 972                 }
 973                 else if (!strcmp(qualifierInfo->pszPolicyQualifierId,
 974                  szOID_PKIX_POLICY_QUALIFIER_USERNOTICE))
 975                 {
 976                     charsNeeded += userNoticeLen;
 977                     if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
 978                     {
 979                         memcpy(str, userNotice, userNoticeLen * sizeof(WCHAR));
 980                         str += userNoticeLen;
 981                     }
 982                 }
 983                 else
 984                 {
 985                     charsNeeded += strlen(qualifierInfo->pszPolicyQualifierId);
 986                     if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
 987                     {
 988                         for (src = qualifierInfo->pszPolicyQualifierId;
 989                          src && *src; src++, str++)
 990                             *str = *src;
 991                     }
 992                 }
 993                 charsNeeded += sepLen;
 994                 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
 995                 {
 996                     strcpyW(str, sep);
 997                     str += sepLen;
 998                 }
 999                 if (dwFormatStrType & CRYPT_FORMAT_STR_MULTI_LINE)
1000                 {
1001                     charsNeeded += 2 * strlenW(indent);
1002                     if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
1003                     {
1004                         strcpyW(str, indent);
1005                         str += strlenW(indent);
1006                         strcpyW(str, indent);
1007                         str += strlenW(indent);
1008                     }
1009                 }
1010                 charsNeeded += qualifierLen;
1011                 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
1012                 {
1013                     memcpy(str, qualifier, qualifierLen * sizeof(WCHAR));
1014                     str += qualifierLen;
1015                 }
1016                 charsNeeded += headingSepLen;
1017                 if (str && *pcbFormat >= charsNeeded * sizeof(WCHAR))
1018                 {
1019                     strcpyW(str, headingSep);
1020                     str += headingSepLen;
1021                 }
1022                 /* This if block is deliberately redundant with the same if
1023                  * block above, in order to keep the code more readable (the
1024                  * code flow follows the order in which the strings are output.)
1025                  */
1026                 if (!strcmp(qualifierInfo->pszPolicyQualifierId,
1027                  szOID_PKIX_POLICY_QUALIFIER_CPS))
1028                 {
1029                     if (!str || *pcbFormat < charsNeeded * sizeof(WCHAR))
1030                     {
1031                         /* Insufficient space, determine how much is needed. */
1032                         ret = CRYPT_FormatCPS(dwCertEncodingType,
1033                          dwFormatStrType, qualifierInfo->Qualifier.pbData,
1034                          qualifierInfo->Qualifier.cbData, NULL, &size);
1035                         if (ret)
1036                             charsNeeded += size - 1;
1037                     }
1038                     else
1039                     {
1040                         sizeRemaining = *pcbFormat / sizeof(WCHAR);
1041                         sizeRemaining -= str - (LPWSTR)pbFormat;
1042                         ret = CRYPT_FormatCPS(dwCertEncodingType,
1043                          dwFormatStrType, qualifierInfo->Qualifier.pbData,
1044                          qualifierInfo->Qualifier.cbData, str, &sizeRemaining);
1045                         if (ret || GetLastError() == ERROR_MORE_DATA)
1046                         {
1047                             charsNeeded += sizeRemaining - 1;
1048                             str += sizeRemaining - 1;
1049                         }
1050                     }
1051                 }
1052                 else if (!strcmp(qualifierInfo->pszPolicyQualifierId,
1053                  szOID_PKIX_POLICY_QUALIFIER_USERNOTICE))
1054                 {
1055                     if (!str || *pcbFormat < charsNeeded * sizeof(WCHAR))
1056                     {
1057                         /* Insufficient space, determine how much is needed. */
1058                         ret = CRYPT_FormatUserNotice(dwCertEncodingType,
1059                          dwFormatStrType, qualifierInfo->Qualifier.pbData,
1060                          qualifierInfo->Qualifier.cbData, NULL, &size);
1061                         if (ret)
1062                             charsNeeded += size - 1;
1063                     }
1064                     else
1065                     {
1066                         sizeRemaining = *pcbFormat / sizeof(WCHAR);
1067                         sizeRemaining -= str - (LPWSTR)pbFormat;
1068                         ret = CRYPT_FormatUserNotice(dwCertEncodingType,
1069                          dwFormatStrType, qualifierInfo->Qualifier.pbData,
1070                          qualifierInfo->Qualifier.cbData, str, &sizeRemaining);
1071                         if (ret || GetLastError() == ERROR_MORE_DATA)
1072                         {
1073                             charsNeeded += sizeRemaining - 1;
1074                             str += sizeRemaining - 1;
1075                         }
1076                     }
1077                 }
1078                 else
1079                 {
1080                     if (!str || *pcbFormat < charsNeeded * sizeof(WCHAR))
1081                     {
1082                         /* Insufficient space, determine how much is needed. */
1083                         ret = CRYPT_FormatHexString(
1084                          qualifierInfo->Qualifier.pbData,
1085                          qualifierInfo->Qualifier.cbData, NULL, &size);
1086                         if (ret)
1087                             charsNeeded += size - 1;
1088                     }
1089                     else
1090                     {
1091                         sizeRemaining = *pcbFormat / sizeof(WCHAR);
1092                         sizeRemaining -= str - (LPWSTR)pbFormat;
1093                         ret = CRYPT_FormatHexString(
1094                          qualifierInfo->Qualifier.pbData,
1095                          qualifierInfo->Qualifier.cbData, str, &sizeRemaining);
1096                         if (ret || GetLastError() == ERROR_MORE_DATA)
1097                         {
1098                             charsNeeded += sizeRemaining - 1;
1099                             str += sizeRemaining - 1;
1100                         }
1101                     }
1102                 }
1103             }
1104         }
1105         LocalFree(policies);
1106         if (ret)
1107         {
1108             if (!pbFormat)
1109                 *pcbFormat = charsNeeded * sizeof(WCHAR);
1110             else if (*pcbFormat < charsNeeded * sizeof(WCHAR))
1111             {
1112                 *pcbFormat = charsNeeded * sizeof(WCHAR);
1113                 SetLastError(ERROR_MORE_DATA);
1114                 ret = FALSE;
1115             }
1116             else
1117                 *pcbFormat = charsNeeded * sizeof(WCHAR);
1118         }
1119     }
1120     return ret;
1121 }
1122
1123 #define szOID_MICROSOFT_Encryption_Key_Preference "1.3.6.1.4.1.311.16.4"
1124
1125 /***********************************************************************
1126  *              DllRegisterServer (CRYPTDLG.@)
1127  */
1128 HRESULT WINAPI DllRegisterServer(void)
1129 {
1130     static WCHAR cryptdlg[] = { 'c','r','y','p','t','d','l','g','.',
1131      'd','l','l',0 };
1132     static WCHAR wintrust[] = { 'w','i','n','t','r','u','s','t','.',
1133      'd','l','l',0 };
1134     static WCHAR certTrustInit[] = { 'C','e','r','t','T','r','u','s','t',
1135      'I','n','i','t',0 };
1136     static WCHAR wintrustCertificateTrust[] = { 'W','i','n','t','r','u','s','t',
1137      'C','e','r','t','i','f','i','c','a','t','e','T','r','u','s','t',0 };
1138     static WCHAR certTrustCertPolicy[] = { 'C','e','r','t','T','r','u','s','t',
1139      'C','e','r','t','P','o','l','i','c','y',0 };
1140     static WCHAR certTrustFinalPolicy[] = { 'C','e','r','t','T','r','u','s','t',
1141      'F','i','n','a','l','P','o','l','i','c','y',0 };
1142     static WCHAR certTrustCleanup[] = { 'C','e','r','t','T','r','u','s','t',
1143      'C','l','e','a','n','u','p',0 };
1144     static const WCHAR cryptDlg[] = { 'c','r','y','p','t','d','l','g','.',
1145        'd','l','l',0 };
1146     CRYPT_REGISTER_ACTIONID reg;
1147     GUID guid = CERT_CERTIFICATE_ACTION_VERIFY;
1148     HRESULT hr = S_OK;
1149
1150     memset(&reg, 0, sizeof(reg));
1151     reg.cbStruct = sizeof(reg);
1152     reg.sInitProvider.cbStruct = sizeof(CRYPT_TRUST_REG_ENTRY);
1153     reg.sInitProvider.pwszDLLName = cryptdlg;
1154     reg.sInitProvider.pwszFunctionName = certTrustInit;
1155     reg.sCertificateProvider.cbStruct = sizeof(CRYPT_TRUST_REG_ENTRY);
1156     reg.sCertificateProvider.pwszDLLName = wintrust;
1157     reg.sCertificateProvider.pwszFunctionName = wintrustCertificateTrust;
1158     reg.sCertificatePolicyProvider.cbStruct = sizeof(CRYPT_TRUST_REG_ENTRY);
1159     reg.sCertificatePolicyProvider.pwszDLLName = cryptdlg;
1160     reg.sCertificatePolicyProvider.pwszFunctionName = certTrustCertPolicy;
1161     reg.sFinalPolicyProvider.cbStruct = sizeof(CRYPT_TRUST_REG_ENTRY);
1162     reg.sFinalPolicyProvider.pwszDLLName = cryptdlg;
1163     reg.sFinalPolicyProvider.pwszFunctionName = certTrustFinalPolicy;
1164     reg.sCleanupProvider.cbStruct = sizeof(CRYPT_TRUST_REG_ENTRY);
1165     reg.sCleanupProvider.pwszDLLName = cryptdlg;
1166     reg.sCleanupProvider.pwszFunctionName = certTrustCleanup;
1167     if (!WintrustAddActionID(&guid, WT_ADD_ACTION_ID_RET_RESULT_FLAG, &reg))
1168         hr = GetLastError();
1169     CryptRegisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_ENCODE_OBJECT_FUNC,
1170      "1.3.6.1.4.1.311.16.1.1", cryptDlg, "EncodeAttrSequence");
1171     CryptRegisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_ENCODE_OBJECT_FUNC,
1172      szOID_MICROSOFT_Encryption_Key_Preference, cryptDlg, "EncodeRecipientID");
1173     CryptRegisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_DECODE_OBJECT_FUNC,
1174      "1.3.6.1.4.1.311.16.1.1", cryptDlg, "DecodeAttrSequence");
1175     CryptRegisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_DECODE_OBJECT_FUNC,
1176      szOID_MICROSOFT_Encryption_Key_Preference, cryptDlg, "DecodeRecipientID");
1177     CryptRegisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_FORMAT_OBJECT_FUNC,
1178      szOID_PKIX_KP_EMAIL_PROTECTION, cryptDlg, "FormatPKIXEmailProtection");
1179     CryptRegisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_FORMAT_OBJECT_FUNC,
1180      szOID_CERT_POLICIES, cryptDlg, "FormatVerisignExtension");
1181     return hr;
1182 }
1183
1184 /***********************************************************************
1185  *              DllUnregisterServer (CRYPTDLG.@)
1186  */
1187 HRESULT WINAPI DllUnregisterServer(void)
1188 {
1189     GUID guid = CERT_CERTIFICATE_ACTION_VERIFY;
1190
1191     WintrustRemoveActionID(&guid);
1192     CryptUnregisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_ENCODE_OBJECT_FUNC,
1193      "1.3.6.1.4.1.311.16.1.1");
1194     CryptUnregisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_ENCODE_OBJECT_FUNC,
1195      szOID_MICROSOFT_Encryption_Key_Preference);
1196     CryptUnregisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_DECODE_OBJECT_FUNC,
1197      "1.3.6.1.4.1.311.16.1.1");
1198     CryptUnregisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_DECODE_OBJECT_FUNC,
1199      szOID_MICROSOFT_Encryption_Key_Preference);
1200     CryptUnregisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_FORMAT_OBJECT_FUNC,
1201      szOID_PKIX_KP_EMAIL_PROTECTION);
1202     CryptUnregisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_FORMAT_OBJECT_FUNC,
1203      szOID_CERT_POLICIES);
1204     return S_OK;
1205 }