cryptui: Validate password in export wizard.
[wine] / dlls / wintrust / register.c
index c7c687a..05e48ef 100644 (file)
 #include "winuser.h"
 #include "winreg.h"
 #include "winnls.h"
+#include "objbase.h"
 
 #include "guiddef.h"
 #include "wintrust.h"
 #include "softpub.h"
-
+#include "mssip.h"
+#include "wintrust_priv.h"
 #include "wine/debug.h"
 
 WINE_DEFAULT_DEBUG_CHANNEL(wintrust);
@@ -57,6 +59,11 @@ static CRYPT_TRUST_REG_ENTRY DriverInitializePolicy;
 static CRYPT_TRUST_REG_ENTRY DriverFinalPolicy;
 static CRYPT_TRUST_REG_ENTRY DriverCleanupPolicy;
 
+static CRYPT_TRUST_REG_ENTRY GenericChainCertificateTrust;
+static CRYPT_TRUST_REG_ENTRY GenericChainFinalProv;
+
+static const CRYPT_TRUST_REG_ENTRY NullCTRE = { 0, NULL, NULL };
+
 static const WCHAR Trust[]            = {'S','o','f','t','w','a','r','e','\\',
                                          'M','i','c','r','o','s','o','f','t','\\',
                                          'C','r','y','p','t','o','g','r','a','p','h','y','\\',
@@ -85,9 +92,9 @@ static void WINTRUST_InitRegStructs(void)
 {
 #define WINTRUST_INITREGENTRY( action, dllname, functionname ) \
     action.cbStruct = sizeof(CRYPT_TRUST_REG_ENTRY); \
-    action.pwszDLLName = HeapAlloc(GetProcessHeap(), 0, sizeof(dllname)); \
+    action.pwszDLLName = WINTRUST_Alloc(sizeof(dllname)); \
     lstrcpyW(action.pwszDLLName, dllname); \
-    action.pwszFunctionName = HeapAlloc(GetProcessHeap(), 0, sizeof(functionname)); \
+    action.pwszFunctionName = WINTRUST_Alloc(sizeof(functionname)); \
     lstrcpyW(action.pwszFunctionName, functionname);
 
     WINTRUST_INITREGENTRY(SoftpubInitialization, SP_POLICY_PROVIDER_DLL_NAME, SP_INIT_FUNCTION)
@@ -106,6 +113,8 @@ static void WINTRUST_InitRegStructs(void)
     WINTRUST_INITREGENTRY(DriverInitializePolicy, SP_POLICY_PROVIDER_DLL_NAME, DRIVER_INITPROV_FUNCTION)
     WINTRUST_INITREGENTRY(DriverFinalPolicy, SP_POLICY_PROVIDER_DLL_NAME, DRIVER_FINALPOLPROV_FUNCTION)
     WINTRUST_INITREGENTRY(DriverCleanupPolicy, SP_POLICY_PROVIDER_DLL_NAME, DRIVER_CLEANUPPOLICY_FUNCTION)
+    WINTRUST_INITREGENTRY(GenericChainCertificateTrust, SP_POLICY_PROVIDER_DLL_NAME, GENERIC_CHAIN_CERTTRUST_FUNCTION)
+    WINTRUST_INITREGENTRY(GenericChainFinalProv, SP_POLICY_PROVIDER_DLL_NAME, GENERIC_CHAIN_FINALPOLICY_FUNCTION)
 
 #undef WINTRUST_INITREGENTRY
 }
@@ -119,8 +128,8 @@ static void WINTRUST_InitRegStructs(void)
 static void WINTRUST_FreeRegStructs(void)
 {
 #define WINTRUST_FREEREGENTRY( action ) \
-    HeapFree(GetProcessHeap(), 0, action.pwszDLLName); \
-    HeapFree(GetProcessHeap(), 0, action.pwszFunctionName);
+    WINTRUST_Free(action.pwszDLLName); \
+    WINTRUST_Free(action.pwszFunctionName);
 
     WINTRUST_FREEREGENTRY(SoftpubInitialization);
     WINTRUST_FREEREGENTRY(SoftpubMessage);
@@ -138,6 +147,8 @@ static void WINTRUST_FreeRegStructs(void)
     WINTRUST_FREEREGENTRY(DriverInitializePolicy);
     WINTRUST_FREEREGENTRY(DriverFinalPolicy);
     WINTRUST_FREEREGENTRY(DriverCleanupPolicy);
+    WINTRUST_FREEREGENTRY(GenericChainCertificateTrust);
+    WINTRUST_FREEREGENTRY(GenericChainFinalProv);
 
 #undef WINTRUST_FREEREGENTRY
 }
@@ -231,7 +242,7 @@ BOOL WINAPI WintrustAddActionID( GUID* pgActionID, DWORD fdwFlags,
     LONG Res;
     LONG WriteActionError = ERROR_SUCCESS;
 
-    TRACE("%p %lx %p\n", debugstr_guid(pgActionID), fdwFlags, psProvInfo);
+    TRACE("%s %x %p\n", debugstr_guid(pgActionID), fdwFlags, psProvInfo);
 
     /* Some sanity checks.
      * We use the W2K3 last error as it makes more sense (W2K leaves the last error
@@ -354,7 +365,8 @@ BOOL WINAPI WintrustRemoveActionID( GUID* pgActionID )
 /***********************************************************************
  *              WINTRUST_WriteSingleUsageEntry
  *
- * Write a single value and its data to:
+ * Helper for WintrustAddDefaultForUsage, writes a single value and its
+ * data to:
  *
  * HKLM\Software\Microsoft\Cryptography\Trust\Usages\<OID>
  */
@@ -371,11 +383,11 @@ static LONG WINTRUST_WriteSingleUsageEntry(LPCSTR OID,
 
     /* Turn OID into a wide-character string */
     Len = MultiByteToWideChar( CP_ACP, 0, OID, -1, NULL, 0 );
-    OIDW = HeapAlloc( GetProcessHeap(), 0, Len * sizeof(WCHAR) );
+    OIDW = WINTRUST_Alloc( Len * sizeof(WCHAR) );
     MultiByteToWideChar( CP_ACP, 0, OID, -1, OIDW, Len );
 
     /* Allocate the needed space for UsageKey */
-    UsageKey = HeapAlloc(GetProcessHeap(), 0, (lstrlenW(Trust) + lstrlenW(Usages) + Len) * sizeof(WCHAR));
+    UsageKey = WINTRUST_Alloc((lstrlenW(Trust) + lstrlenW(Usages) + Len) * sizeof(WCHAR));
     /* Create the key string */
     lstrcpyW(UsageKey, Trust);
     lstrcatW(UsageKey, Usages);
@@ -390,8 +402,8 @@ static LONG WINTRUST_WriteSingleUsageEntry(LPCSTR OID,
     }
     RegCloseKey(Key);
 
-    HeapFree(GetProcessHeap(), 0, OIDW);
-    HeapFree(GetProcessHeap(), 0, UsageKey);
+    WINTRUST_Free(OIDW);
+    WINTRUST_Free(UsageKey);
 
     return Res;
 }
@@ -404,28 +416,35 @@ static LONG WINTRUST_WriteSingleUsageEntry(LPCSTR OID,
  * NOTES
  *   WINTRUST_ACTION_GENERIC_VERIFY_V2 ({00AAC56B-CD44-11D0-8CC2-00C04FC295EE}
  *   is defined in softpub.h
- *   We don't care about failures (see comments in DllRegisterServer)
  */
-static void WINTRUST_RegisterGenVerifyV2(void)
+static BOOL WINTRUST_RegisterGenVerifyV2(void)
 {
-    static const GUID ProvGUID = WINTRUST_ACTION_GENERIC_VERIFY_V2;
-    WCHAR GuidString[39];
-
-    WINTRUST_Guid2Wstr(&ProvGUID , GuidString);
-
-    TRACE("Going to register WINTRUST_ACTION_GENERIC_VERIFY_V2 : %s\n", wine_dbgstr_w(GuidString));
-
-    /* HKLM\Software\Microsoft\Cryptography\Trust\Usages\1.3.6.1.5.5.7.3.3 */
-    WINTRUST_WriteSingleUsageEntry(szOID_PKIX_KP_CODE_SIGNING, DefaultId, GuidString);
-
-    /* HKLM\Software\Microsoft\Cryptography\Trust\Provider\*\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE} */
-    WINTRUST_WriteProviderToReg(GuidString, Initialization, SoftpubInitialization);
-    WINTRUST_WriteProviderToReg(GuidString, Message       , SoftpubMessage);
-    WINTRUST_WriteProviderToReg(GuidString, Signature     , SoftpubSignature);
-    WINTRUST_WriteProviderToReg(GuidString, Certificate   , SoftpubCertficate);
-    WINTRUST_WriteProviderToReg(GuidString, CertCheck     , SoftpubCertCheck);
-    WINTRUST_WriteProviderToReg(GuidString, FinalPolicy   , SoftpubFinalPolicy);
-    WINTRUST_WriteProviderToReg(GuidString, Cleanup       , SoftpubCleanup);
+    BOOL RegisteredOK = TRUE;
+    static GUID ProvGUID = WINTRUST_ACTION_GENERIC_VERIFY_V2;
+    CRYPT_REGISTER_ACTIONID ProvInfo;
+    CRYPT_PROVIDER_REGDEFUSAGE DefUsage = { sizeof(CRYPT_PROVIDER_REGDEFUSAGE),
+                                            &ProvGUID,
+                                            NULL,   /* No Dll provided */
+                                            NULL,   /* No load callback function */
+                                            NULL }; /* No free callback function */
+
+    ProvInfo.cbStruct                   = sizeof(CRYPT_REGISTER_ACTIONID);
+    ProvInfo.sInitProvider              = SoftpubInitialization;
+    ProvInfo.sObjectProvider            = SoftpubMessage;
+    ProvInfo.sSignatureProvider         = SoftpubSignature;
+    ProvInfo.sCertificateProvider       = SoftpubCertficate;
+    ProvInfo.sCertificatePolicyProvider = SoftpubCertCheck;
+    ProvInfo.sFinalPolicyProvider       = SoftpubFinalPolicy;
+    ProvInfo.sTestPolicyProvider        = NullCTRE; /* No diagnostic policy */
+    ProvInfo.sCleanupProvider           = SoftpubCleanup;
+
+    if (!WintrustAddDefaultForUsage(szOID_PKIX_KP_CODE_SIGNING, &DefUsage))
+        RegisteredOK = FALSE;
+
+    if (!WintrustAddActionID(&ProvGUID, 0, &ProvInfo))
+        RegisteredOK = FALSE;
+
+    return RegisteredOK;
 }
 
 /***************************************************************************
@@ -436,25 +455,26 @@ static void WINTRUST_RegisterGenVerifyV2(void)
  * NOTES
  *   WIN_SPUB_ACTION_PUBLISHED_SOFTWARE ({64B9D180-8DA2-11CF-8736-00AA00A485EB})
  *   is defined in wintrust.h
- *   We don't care about failures (see comments in DllRegisterServer)
  */
-static void WINTRUST_RegisterPublishedSoftware(void)
+static BOOL WINTRUST_RegisterPublishedSoftware(void)
 {
-    static const GUID ProvGUID = WIN_SPUB_ACTION_PUBLISHED_SOFTWARE;
-    WCHAR GuidString[39];
-
-    WINTRUST_Guid2Wstr(&ProvGUID , GuidString);
-
-    TRACE("Going to register WIN_SPUB_ACTION_PUBLISHED_SOFTWARE : %s\n", wine_dbgstr_w(GuidString));
+    static GUID ProvGUID = WIN_SPUB_ACTION_PUBLISHED_SOFTWARE;
+    CRYPT_REGISTER_ACTIONID ProvInfo;
+
+    ProvInfo.cbStruct                   = sizeof(CRYPT_REGISTER_ACTIONID);
+    ProvInfo.sInitProvider              = SoftpubInitialization;
+    ProvInfo.sObjectProvider            = SoftpubMessage;
+    ProvInfo.sSignatureProvider         = SoftpubSignature;
+    ProvInfo.sCertificateProvider       = SoftpubCertficate;
+    ProvInfo.sCertificatePolicyProvider = SoftpubCertCheck;
+    ProvInfo.sFinalPolicyProvider       = SoftpubFinalPolicy;
+    ProvInfo.sTestPolicyProvider        = NullCTRE; /* No diagnostic policy */
+    ProvInfo.sCleanupProvider           = SoftpubCleanup;
+
+    if (!WintrustAddActionID(&ProvGUID, 0, &ProvInfo))
+        return FALSE;
 
-    /* HKLM\Software\Microsoft\Cryptography\Trust\Provider\*\{64B9D180-8DA2-11CF-8736-00AA00A485EB} */
-    WINTRUST_WriteProviderToReg(GuidString, Initialization, SoftpubInitialization);
-    WINTRUST_WriteProviderToReg(GuidString, Message       , SoftpubMessage);
-    WINTRUST_WriteProviderToReg(GuidString, Signature     , SoftpubSignature);
-    WINTRUST_WriteProviderToReg(GuidString, Certificate   , SoftpubCertficate);
-    WINTRUST_WriteProviderToReg(GuidString, CertCheck     , SoftpubCertCheck);
-    WINTRUST_WriteProviderToReg(GuidString, FinalPolicy   , SoftpubFinalPolicy);
-    WINTRUST_WriteProviderToReg(GuidString, Cleanup       , SoftpubCleanup);
+    return TRUE;
 }
 
 #define WIN_SPUB_ACTION_PUBLISHED_SOFTWARE_NOBADUI { 0xc6b2e8d0, 0xe005, 0x11cf, { 0xa1,0x34,0x00,0xc0,0x4f,0xd7,0xbf,0x43 }}
@@ -467,25 +487,26 @@ static void WINTRUST_RegisterPublishedSoftware(void)
  * NOTES
  *   WIN_SPUB_ACTION_PUBLISHED_SOFTWARE_NOBADUI ({C6B2E8D0-E005-11CF-A134-00C04FD7BF43})
  *   is not defined in any include file. (FIXME: Find out if the name is correct).
- *   We don't care about failures (see comments in DllRegisterServer)
  */
-static void WINTRUST_RegisterPublishedSoftwareNoBadUi(void)
+static BOOL WINTRUST_RegisterPublishedSoftwareNoBadUi(void)
 {
-    static const GUID ProvGUID = WIN_SPUB_ACTION_PUBLISHED_SOFTWARE_NOBADUI;
-    WCHAR GuidString[39];
-
-    WINTRUST_Guid2Wstr(&ProvGUID , GuidString);
-
-    TRACE("Going to register WIN_SPUB_ACTION_PUBLISHED_SOFTWARE_NOBADUI : %s\n", wine_dbgstr_w(GuidString));
+    static GUID ProvGUID = WIN_SPUB_ACTION_PUBLISHED_SOFTWARE_NOBADUI;
+    CRYPT_REGISTER_ACTIONID ProvInfo;
+
+    ProvInfo.cbStruct                   = sizeof(CRYPT_REGISTER_ACTIONID);
+    ProvInfo.sInitProvider              = SoftpubInitialization;
+    ProvInfo.sObjectProvider            = SoftpubMessage;
+    ProvInfo.sSignatureProvider         = SoftpubSignature;
+    ProvInfo.sCertificateProvider       = SoftpubCertficate;
+    ProvInfo.sCertificatePolicyProvider = SoftpubCertCheck;
+    ProvInfo.sFinalPolicyProvider       = SoftpubFinalPolicy;
+    ProvInfo.sTestPolicyProvider        = NullCTRE; /* No diagnostic policy */
+    ProvInfo.sCleanupProvider           = SoftpubCleanup;
+
+    if (!WintrustAddActionID(&ProvGUID, 0, &ProvInfo))
+        return FALSE;
 
-    /* HKLM\Software\Microsoft\Cryptography\Trust\Provider\*\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43} */
-    WINTRUST_WriteProviderToReg(GuidString, Initialization, SoftpubInitialization);
-    WINTRUST_WriteProviderToReg(GuidString, Message       , SoftpubMessage);
-    WINTRUST_WriteProviderToReg(GuidString, Signature     , SoftpubSignature);
-    WINTRUST_WriteProviderToReg(GuidString, Certificate   , SoftpubCertficate);
-    WINTRUST_WriteProviderToReg(GuidString, CertCheck     , SoftpubCertCheck);
-    WINTRUST_WriteProviderToReg(GuidString, FinalPolicy   , SoftpubFinalPolicy);
-    WINTRUST_WriteProviderToReg(GuidString, Cleanup       , SoftpubCleanup);
+    return TRUE;
 }
 
 /***************************************************************************
@@ -496,25 +517,26 @@ static void WINTRUST_RegisterPublishedSoftwareNoBadUi(void)
  * NOTES
  *   WINTRUST_ACTION_GENERIC_CERT_VERIFY ({189A3842-3041-11D1-85E1-00C04FC295EE})
  *   is defined in softpub.h
- *   We don't care about failures (see comments in DllRegisterServer)
  */
-static void WINTRUST_RegisterGenCertVerify(void)
+static BOOL WINTRUST_RegisterGenCertVerify(void)
 {
-    static const GUID ProvGUID = WINTRUST_ACTION_GENERIC_CERT_VERIFY;
-    WCHAR GuidString[39];
-
-    WINTRUST_Guid2Wstr(&ProvGUID , GuidString);
-
-    TRACE("Going to register WINTRUST_ACTION_GENERIC_CERT_VERIFY : %s\n", wine_dbgstr_w(GuidString));
+    static GUID ProvGUID = WINTRUST_ACTION_GENERIC_CERT_VERIFY;
+    CRYPT_REGISTER_ACTIONID ProvInfo;
+
+    ProvInfo.cbStruct                   = sizeof(CRYPT_REGISTER_ACTIONID);
+    ProvInfo.sInitProvider              = SoftpubDefCertInit;
+    ProvInfo.sObjectProvider            = SoftpubMessage;
+    ProvInfo.sSignatureProvider         = SoftpubSignature;
+    ProvInfo.sCertificateProvider       = SoftpubCertficate;
+    ProvInfo.sCertificatePolicyProvider = SoftpubCertCheck;
+    ProvInfo.sFinalPolicyProvider       = SoftpubFinalPolicy;
+    ProvInfo.sTestPolicyProvider        = NullCTRE; /* No diagnostic policy */
+    ProvInfo.sCleanupProvider           = SoftpubCleanup;
+
+    if (!WintrustAddActionID(&ProvGUID, 0, &ProvInfo))
+        return FALSE;
 
-    /* HKLM\Software\Microsoft\Cryptography\Trust\Provider\*\{189A3842-3041-11D1-85E1-00C04FC295EE} */
-    WINTRUST_WriteProviderToReg(GuidString, Initialization, SoftpubDefCertInit);
-    WINTRUST_WriteProviderToReg(GuidString, Message       , SoftpubMessage);
-    WINTRUST_WriteProviderToReg(GuidString, Signature     , SoftpubSignature);
-    WINTRUST_WriteProviderToReg(GuidString, Certificate   , SoftpubCertficate);
-    WINTRUST_WriteProviderToReg(GuidString, CertCheck     , SoftpubCertCheck);
-    WINTRUST_WriteProviderToReg(GuidString, FinalPolicy   , SoftpubFinalPolicy);
-    WINTRUST_WriteProviderToReg(GuidString, Cleanup       , SoftpubCleanup);
+    return TRUE;
 }
 
 /***************************************************************************
@@ -525,26 +547,26 @@ static void WINTRUST_RegisterGenCertVerify(void)
  * NOTES
  *   WINTRUST_ACTION_TRUSTPROVIDER_TEST ({573E31F8-DDBA-11D0-8CCB-00C04FC295EE})
  *   is defined in softpub.h
- *   We don't care about failures (see comments in DllRegisterServer)
  */
-static void WINTRUST_RegisterTrustProviderTest(void)
+static BOOL WINTRUST_RegisterTrustProviderTest(void)
 {
-    static const GUID ProvGUID = WINTRUST_ACTION_TRUSTPROVIDER_TEST;
-    WCHAR GuidString[39];
-
-    WINTRUST_Guid2Wstr(&ProvGUID , GuidString);
-
-    TRACE("Going to register WINTRUST_ACTION_TRUSTPROVIDER_TEST : %s\n", wine_dbgstr_w(GuidString));
+    static GUID ProvGUID = WINTRUST_ACTION_TRUSTPROVIDER_TEST;
+    CRYPT_REGISTER_ACTIONID ProvInfo;
+
+    ProvInfo.cbStruct                   = sizeof(CRYPT_REGISTER_ACTIONID);
+    ProvInfo.sInitProvider              = SoftpubInitialization;
+    ProvInfo.sObjectProvider            = SoftpubMessage;
+    ProvInfo.sSignatureProvider         = SoftpubSignature;
+    ProvInfo.sCertificateProvider       = SoftpubCertficate;
+    ProvInfo.sCertificatePolicyProvider = SoftpubCertCheck;
+    ProvInfo.sFinalPolicyProvider       = SoftpubFinalPolicy;
+    ProvInfo.sTestPolicyProvider        = SoftpubDumpStructure;
+    ProvInfo.sCleanupProvider           = SoftpubCleanup;
+
+    if (!WintrustAddActionID(&ProvGUID, 0, &ProvInfo))
+        return FALSE;
 
-    /* HKLM\Software\Microsoft\Cryptography\Trust\Provider\*\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE} */
-    WINTRUST_WriteProviderToReg(GuidString, Initialization  , SoftpubInitialization);
-    WINTRUST_WriteProviderToReg(GuidString, Message         , SoftpubMessage);
-    WINTRUST_WriteProviderToReg(GuidString, Signature       , SoftpubSignature);
-    WINTRUST_WriteProviderToReg(GuidString, Certificate     , SoftpubCertficate);
-    WINTRUST_WriteProviderToReg(GuidString, CertCheck       , SoftpubCertCheck);
-    WINTRUST_WriteProviderToReg(GuidString, FinalPolicy     , SoftpubFinalPolicy);
-    WINTRUST_WriteProviderToReg(GuidString, DiagnosticPolicy, SoftpubDumpStructure);
-    WINTRUST_WriteProviderToReg(GuidString, Cleanup         , SoftpubCleanup);
+    return TRUE;
 }
 
 /***************************************************************************
@@ -555,53 +577,48 @@ static void WINTRUST_RegisterTrustProviderTest(void)
  * NOTES
  *   HTTPSPROV_ACTION ({573E31F8-AABA-11D0-8CCB-00C04FC295EE})
  *   is defined in softpub.h
- *   We don't care about failures (see comments in DllRegisterServer)
  */
-static void WINTRUST_RegisterHttpsProv(void)
+static BOOL WINTRUST_RegisterHttpsProv(void)
 {
-    static WCHAR SoftpubLoadUsage[] = {'S','o','f','t','p','u','b','L','o','a','d','D','e','f','U','s','a','g','e','C','a','l','l','D','a','t','a', 0};
-    static WCHAR SoftpubFreeUsage[] = {'S','o','f','t','p','u','b','F','r','e','e','D','e','f','U','s','a','g','e','C','a','l','l','D','a','t','a', 0};
-    static const WCHAR CBAlloc[]    = {'C','a','l','l','b','a','c','k','A','l','l','o','c','F','u','n','c','t','i','o','n', 0};
-    static const WCHAR CBFree[]     = {'C','a','l','l','b','a','c','k','F','r','e','e','F','u','n','c','t','i','o','n', 0};
-    static const GUID ProvGUID = HTTPSPROV_ACTION;
-    WCHAR GuidString[39];
-    WCHAR ProvDllName[sizeof(SP_POLICY_PROVIDER_DLL_NAME)];
-
-    WINTRUST_Guid2Wstr(&ProvGUID , GuidString);
-
-    TRACE("Going to register HTTPSPROV_ACTION : %s\n", wine_dbgstr_w(GuidString));
-
-    lstrcpyW(ProvDllName, SP_POLICY_PROVIDER_DLL_NAME); \
-
-    /* HKLM\Software\Microsoft\Cryptography\Trust\Usages\1.3.6.1.5.5.7.3.1 */
-    WINTRUST_WriteSingleUsageEntry(szOID_PKIX_KP_SERVER_AUTH, Dll, ProvDllName);
-    WINTRUST_WriteSingleUsageEntry(szOID_PKIX_KP_SERVER_AUTH, CBAlloc, SoftpubLoadUsage );
-    WINTRUST_WriteSingleUsageEntry(szOID_PKIX_KP_SERVER_AUTH, CBFree, SoftpubFreeUsage );
-    WINTRUST_WriteSingleUsageEntry(szOID_PKIX_KP_SERVER_AUTH, DefaultId, GuidString );
-    /* HKLM\Software\Microsoft\Cryptography\Trust\Usages\1.3.6.1.5.5.7.3.2 */
-    WINTRUST_WriteSingleUsageEntry(szOID_PKIX_KP_CLIENT_AUTH, Dll, ProvDllName);
-    WINTRUST_WriteSingleUsageEntry(szOID_PKIX_KP_CLIENT_AUTH, CBAlloc, SoftpubLoadUsage );
-    WINTRUST_WriteSingleUsageEntry(szOID_PKIX_KP_CLIENT_AUTH, CBFree, SoftpubFreeUsage );
-    WINTRUST_WriteSingleUsageEntry(szOID_PKIX_KP_CLIENT_AUTH, DefaultId, GuidString );
-    /* HKLM\Software\Microsoft\Cryptography\Trust\Usages\1.3.6.1.4.1.311.10.3.3 */
-    WINTRUST_WriteSingleUsageEntry(szOID_SERVER_GATED_CRYPTO, Dll, ProvDllName);
-    WINTRUST_WriteSingleUsageEntry(szOID_SERVER_GATED_CRYPTO, CBAlloc, SoftpubLoadUsage );
-    WINTRUST_WriteSingleUsageEntry(szOID_SERVER_GATED_CRYPTO, CBFree, SoftpubFreeUsage );
-    WINTRUST_WriteSingleUsageEntry(szOID_SERVER_GATED_CRYPTO, DefaultId, GuidString );
-    /* HKLM\Software\Microsoft\Cryptography\Trust\Usages\2.16.840.1.113730.4.1 */
-    WINTRUST_WriteSingleUsageEntry(szOID_SGC_NETSCAPE, Dll, ProvDllName);
-    WINTRUST_WriteSingleUsageEntry(szOID_SGC_NETSCAPE, CBAlloc, SoftpubLoadUsage );
-    WINTRUST_WriteSingleUsageEntry(szOID_SGC_NETSCAPE, CBFree, SoftpubFreeUsage );
-    WINTRUST_WriteSingleUsageEntry(szOID_SGC_NETSCAPE, DefaultId, GuidString );
-
-    /* HKLM\Software\Microsoft\Cryptography\Trust\Provider\*\{573E31F8-AABA-11D0-8CCB-00C04FC295EE} */
-    WINTRUST_WriteProviderToReg(GuidString, Initialization, SoftpubInitialization);
-    WINTRUST_WriteProviderToReg(GuidString, Message       , SoftpubMessage);
-    WINTRUST_WriteProviderToReg(GuidString, Signature     , SoftpubSignature);
-    WINTRUST_WriteProviderToReg(GuidString, Certificate   , HTTPSCertificateTrust);
-    WINTRUST_WriteProviderToReg(GuidString, CertCheck     , SoftpubCertCheck);
-    WINTRUST_WriteProviderToReg(GuidString, FinalPolicy   , HTTPSFinalProv);
-    WINTRUST_WriteProviderToReg(GuidString, Cleanup       , SoftpubCleanup);
+    BOOL RegisteredOK = TRUE;
+    static CHAR SoftpubLoadUsage[] = "SoftpubLoadDefUsageCallData";
+    static CHAR SoftpubFreeUsage[] = "SoftpubFreeDefUsageCallData";
+    static GUID ProvGUID = HTTPSPROV_ACTION;
+    CRYPT_REGISTER_ACTIONID ProvInfo;
+    CRYPT_PROVIDER_REGDEFUSAGE DefUsage = { sizeof(CRYPT_PROVIDER_REGDEFUSAGE),
+                                            &ProvGUID,
+                                            NULL, /* Will be filled later */
+                                            SoftpubLoadUsage,
+                                            SoftpubFreeUsage };
+
+    ProvInfo.cbStruct                   = sizeof(CRYPT_REGISTER_ACTIONID);
+    ProvInfo.sInitProvider              = SoftpubInitialization;
+    ProvInfo.sObjectProvider            = SoftpubMessage;
+    ProvInfo.sSignatureProvider         = SoftpubSignature;
+    ProvInfo.sCertificateProvider       = HTTPSCertificateTrust;
+    ProvInfo.sCertificatePolicyProvider = SoftpubCertCheck;
+    ProvInfo.sFinalPolicyProvider       = HTTPSFinalProv;
+    ProvInfo.sTestPolicyProvider        = NullCTRE; /* No diagnostic policy */
+    ProvInfo.sCleanupProvider           = SoftpubCleanup;
+
+    DefUsage.pwszDllName = WINTRUST_Alloc(sizeof(SP_POLICY_PROVIDER_DLL_NAME));
+    lstrcpyW(DefUsage.pwszDllName, SP_POLICY_PROVIDER_DLL_NAME);
+
+    if (!WintrustAddDefaultForUsage(szOID_PKIX_KP_SERVER_AUTH, &DefUsage))
+        RegisteredOK = FALSE;
+    if (!WintrustAddDefaultForUsage(szOID_PKIX_KP_CLIENT_AUTH, &DefUsage))
+        RegisteredOK = FALSE;
+    if (!WintrustAddDefaultForUsage(szOID_SERVER_GATED_CRYPTO, &DefUsage))
+        RegisteredOK = FALSE;
+    if (!WintrustAddDefaultForUsage(szOID_SGC_NETSCAPE, &DefUsage))
+        RegisteredOK = FALSE;
+
+    WINTRUST_Free(DefUsage.pwszDllName);
+
+    if (!WintrustAddActionID(&ProvGUID, 0, &ProvInfo))
+        RegisteredOK = FALSE;
+
+    return RegisteredOK;
 }
 
 /***************************************************************************
@@ -612,25 +629,27 @@ static void WINTRUST_RegisterHttpsProv(void)
  * NOTES
  *   OFFICESIGN_ACTION_VERIFY ({5555C2CD-17FB-11D1-85C4-00C04FC295EE})
  *   is defined in softpub.h
- *   We don't care about failures (see comments in DllRegisterServer)
  */
-static void WINTRUST_RegisterOfficeSignVerify(void)
+static BOOL WINTRUST_RegisterOfficeSignVerify(void)
 {
-    static const GUID ProvGUID = OFFICESIGN_ACTION_VERIFY;
-    WCHAR GuidString[39];
+    static GUID ProvGUID = OFFICESIGN_ACTION_VERIFY;
+    CRYPT_REGISTER_ACTIONID ProvInfo;
+
+    ProvInfo.cbStruct                   = sizeof(CRYPT_REGISTER_ACTIONID);
+    ProvInfo.sInitProvider              = OfficeInitializePolicy;
+    ProvInfo.sObjectProvider            = SoftpubMessage;
+    ProvInfo.sSignatureProvider         = SoftpubSignature;
+    ProvInfo.sCertificateProvider       = SoftpubCertficate;
+    ProvInfo.sCertificatePolicyProvider = SoftpubCertCheck;
+    ProvInfo.sFinalPolicyProvider       = SoftpubFinalPolicy;
+    ProvInfo.sTestPolicyProvider        = NullCTRE; /* No diagnostic policy */
+    ProvInfo.sCleanupProvider           = OfficeCleanupPolicy;
 
-    WINTRUST_Guid2Wstr(&ProvGUID , GuidString);
 
-    TRACE("Going to register OFFICESIGN_ACTION_VERIFY : %s\n", wine_dbgstr_w(GuidString));
+    if (!WintrustAddActionID(&ProvGUID, 0, &ProvInfo))
+        return FALSE;
 
-    /* HKLM\Software\Microsoft\Cryptography\Trust\Provider\*\{5555C2CD-17FB-11D1-85C4-00C04FC295EE} */
-    WINTRUST_WriteProviderToReg(GuidString, Initialization, OfficeInitializePolicy);
-    WINTRUST_WriteProviderToReg(GuidString, Message       , SoftpubMessage);
-    WINTRUST_WriteProviderToReg(GuidString, Signature     , SoftpubSignature);
-    WINTRUST_WriteProviderToReg(GuidString, Certificate   , SoftpubCertficate);
-    WINTRUST_WriteProviderToReg(GuidString, CertCheck     , SoftpubCertCheck);
-    WINTRUST_WriteProviderToReg(GuidString, FinalPolicy   , SoftpubFinalPolicy);
-    WINTRUST_WriteProviderToReg(GuidString, Cleanup       , OfficeCleanupPolicy);
+    return TRUE;
 }
 
 /***************************************************************************
@@ -641,25 +660,263 @@ static void WINTRUST_RegisterOfficeSignVerify(void)
  * NOTES
  *   DRIVER_ACTION_VERIFY ({F750E6C3-38EE-11D1-85E5-00C04FC295EE})
  *   is defined in softpub.h
- *   We don't care about failures (see comments in DllRegisterServer)
  */
-static void WINTRUST_RegisterDriverVerify(void)
+static BOOL WINTRUST_RegisterDriverVerify(void)
+{
+    static GUID ProvGUID = DRIVER_ACTION_VERIFY;
+    CRYPT_REGISTER_ACTIONID ProvInfo;
+
+    ProvInfo.cbStruct                   = sizeof(CRYPT_REGISTER_ACTIONID);
+    ProvInfo.sInitProvider              = DriverInitializePolicy;
+    ProvInfo.sObjectProvider            = SoftpubMessage;
+    ProvInfo.sSignatureProvider         = SoftpubSignature;
+    ProvInfo.sCertificateProvider       = SoftpubCertficate;
+    ProvInfo.sCertificatePolicyProvider = SoftpubCertCheck;
+    ProvInfo.sFinalPolicyProvider       = DriverFinalPolicy;
+    ProvInfo.sTestPolicyProvider        = NullCTRE; /* No diagnostic policy */
+    ProvInfo.sCleanupProvider           = DriverCleanupPolicy;
+
+
+    if (!WintrustAddActionID(&ProvGUID, 0, &ProvInfo))
+        return FALSE;
+
+    return TRUE;
+}
+
+/***************************************************************************
+ *              WINTRUST_RegisterGenChainVerify
+ *
+ * Register WINTRUST_ACTION_GENERIC_CHAIN_VERIFY actions and usages.
+ *
+ * NOTES
+ *   WINTRUST_ACTION_GENERIC_CHAIN_VERIFY ({FC451C16-AC75-11D1-B4B8-00C04FB66EA0})
+ *   is defined in softpub.h
+ */
+static BOOL WINTRUST_RegisterGenChainVerify(void)
+{
+    static GUID ProvGUID = WINTRUST_ACTION_GENERIC_CHAIN_VERIFY;
+    CRYPT_REGISTER_ACTIONID ProvInfo;
+
+    ProvInfo.cbStruct                   = sizeof(CRYPT_REGISTER_ACTIONID);
+    ProvInfo.sInitProvider              = SoftpubInitialization;
+    ProvInfo.sObjectProvider            = SoftpubMessage;
+    ProvInfo.sSignatureProvider         = SoftpubSignature;
+    ProvInfo.sCertificateProvider       = GenericChainCertificateTrust;
+    ProvInfo.sCertificatePolicyProvider = SoftpubCertCheck;
+    ProvInfo.sFinalPolicyProvider       = GenericChainFinalProv;
+    ProvInfo.sTestPolicyProvider        = NullCTRE; /* No diagnostic policy */
+    ProvInfo.sCleanupProvider           = SoftpubCleanup;
+
+    if (!WintrustAddActionID(&ProvGUID, 0, &ProvInfo))
+        return FALSE;
+
+    return TRUE;
+}
+
+/***********************************************************************
+ *              WintrustAddDefaultForUsage (WINTRUST.@)
+ *
+ * Write OID and callback functions to the registry.
+ *
+ * PARAMS
+ *   pszUsageOID [I] Pointer to a GUID.
+ *   psDefUsage  [I] Pointer to a structure that specifies the callback functions.
+ *
+ * RETURNS
+ *   Success: TRUE.
+ *   Failure: FALSE.
+ *
+ * NOTES
+ *   WintrustAddDefaultForUsage will only return TRUE or FALSE, no last 
+ *   error is set, not even when the registry cannot be written to.
+ */
+BOOL WINAPI WintrustAddDefaultForUsage(const char *pszUsageOID,
+                                       CRYPT_PROVIDER_REGDEFUSAGE *psDefUsage)
+{
+    static const WCHAR CBAlloc[]    = {'C','a','l','l','b','a','c','k','A','l','l','o','c','F','u','n','c','t','i','o','n', 0};
+    static const WCHAR CBFree[]     = {'C','a','l','l','b','a','c','k','F','r','e','e','F','u','n','c','t','i','o','n', 0};
+    LONG Res = ERROR_SUCCESS;
+    LONG WriteUsageError = ERROR_SUCCESS;
+    DWORD Len;
+    WCHAR GuidString[39];
+
+    TRACE("(%s %p)\n", debugstr_a(pszUsageOID), psDefUsage);
+
+    /* Some sanity checks. */
+    if (!pszUsageOID ||
+        !psDefUsage ||
+        !psDefUsage->pgActionID ||
+        (psDefUsage->cbStruct != sizeof(CRYPT_PROVIDER_REGDEFUSAGE)))
+    {
+        SetLastError(ERROR_INVALID_PARAMETER);
+        return FALSE;
+    }
+
+    if (psDefUsage->pwszDllName)
+    {
+        Res = WINTRUST_WriteSingleUsageEntry(pszUsageOID, Dll, psDefUsage->pwszDllName);
+        if (Res != ERROR_SUCCESS) WriteUsageError = Res;
+    }
+    if (psDefUsage->pwszLoadCallbackDataFunctionName)
+    {
+        WCHAR* CallbackW;
+
+        Len = MultiByteToWideChar( CP_ACP, 0, psDefUsage->pwszLoadCallbackDataFunctionName, -1, NULL, 0 );
+        CallbackW = WINTRUST_Alloc( Len * sizeof(WCHAR) );
+        MultiByteToWideChar( CP_ACP, 0, psDefUsage->pwszLoadCallbackDataFunctionName, -1, CallbackW, Len );
+
+        Res = WINTRUST_WriteSingleUsageEntry(pszUsageOID, CBAlloc, CallbackW);
+        if (Res != ERROR_SUCCESS) WriteUsageError = Res;
+
+        WINTRUST_Free(CallbackW);
+    }
+    if (psDefUsage->pwszFreeCallbackDataFunctionName)
+    {
+        WCHAR* CallbackW;
+
+        Len = MultiByteToWideChar( CP_ACP, 0, psDefUsage->pwszFreeCallbackDataFunctionName, -1, NULL, 0 );
+        CallbackW = WINTRUST_Alloc( Len * sizeof(WCHAR) );
+        MultiByteToWideChar( CP_ACP, 0, psDefUsage->pwszFreeCallbackDataFunctionName, -1, CallbackW, Len );
+
+        Res = WINTRUST_WriteSingleUsageEntry(pszUsageOID, CBFree, CallbackW);
+        if (Res != ERROR_SUCCESS) WriteUsageError = Res;
+
+        WINTRUST_Free(CallbackW);
+    }
+
+    WINTRUST_Guid2Wstr(psDefUsage->pgActionID, GuidString);
+    Res = WINTRUST_WriteSingleUsageEntry(pszUsageOID, DefaultId, GuidString);
+    if (Res != ERROR_SUCCESS) WriteUsageError = Res;
+
+    if (WriteUsageError != ERROR_SUCCESS)
+        return FALSE;
+
+    return TRUE;
+}
+
+static FARPROC WINTRUST_ReadProviderFromReg(WCHAR *GuidString, const WCHAR *FunctionType)
+{
+    WCHAR ProvKey[MAX_PATH], DllName[MAX_PATH];
+    char FunctionName[MAX_PATH];
+    HKEY Key;
+    LONG Res = ERROR_SUCCESS;
+    DWORD Size;
+    HMODULE Lib;
+    FARPROC Func = NULL;
+
+    /* Create the needed key string */
+    ProvKey[0]='\0';
+    lstrcatW(ProvKey, Trust);
+    lstrcatW(ProvKey, FunctionType);
+    lstrcatW(ProvKey, GuidString);
+
+    Res = RegOpenKeyExW(HKEY_LOCAL_MACHINE, ProvKey, 0, KEY_READ, &Key);
+    if (Res != ERROR_SUCCESS) goto error_close_key;
+
+    /* Read the $DLL entry */
+    Size = sizeof(DllName);
+    Res = RegQueryValueExW(Key, Dll, NULL, NULL, (LPBYTE)DllName, &Size);
+    if (Res != ERROR_SUCCESS) goto error_close_key;
+
+    /* Read the $Function entry */
+    Size = sizeof(FunctionName);
+    Res = RegQueryValueExA(Key, "$Function", NULL, NULL, (LPBYTE)FunctionName, &Size);
+    if (Res != ERROR_SUCCESS) goto error_close_key;
+
+    /* Load the library - there appears to be no way to close a provider, so
+     * just leak the module handle.
+     */
+    Lib = LoadLibraryW(DllName);
+    Func = GetProcAddress(Lib, FunctionName);
+
+error_close_key:
+    RegCloseKey(Key);
+
+    return Func;
+}
+
+/***********************************************************************
+ *              WintrustLoadFunctionPointers (WINTRUST.@)
+ */
+BOOL WINAPI WintrustLoadFunctionPointers( GUID* pgActionID,
+                                          CRYPT_PROVIDER_FUNCTIONS* pPfns )
 {
-    static const GUID ProvGUID = DRIVER_ACTION_VERIFY;
     WCHAR GuidString[39];
 
-    WINTRUST_Guid2Wstr(&ProvGUID , GuidString);
+    TRACE("(%s %p)\n", debugstr_guid(pgActionID), pPfns);
+
+    if (!pPfns) return FALSE;
+    if (!pgActionID)
+    {
+        SetLastError(ERROR_INVALID_PARAMETER);
+        return FALSE;
+    }
+    if (pPfns->cbStruct != sizeof(CRYPT_PROVIDER_FUNCTIONS)) return FALSE;
+
+    /* Create this string only once, instead of in the helper function */
+    WINTRUST_Guid2Wstr( pgActionID, GuidString);
+
+    /* Get the function pointers from the registry, where applicable */
+    pPfns->pfnAlloc = WINTRUST_Alloc;
+    pPfns->pfnFree = WINTRUST_Free;
+    pPfns->pfnAddStore2Chain = WINTRUST_AddStore;
+    pPfns->pfnAddSgnr2Chain = WINTRUST_AddSgnr;
+    pPfns->pfnAddCert2Chain = WINTRUST_AddCert;
+    pPfns->pfnAddPrivData2Chain = WINTRUST_AddPrivData;
+    pPfns->psUIpfns = NULL;
+    pPfns->pfnInitialize = (PFN_PROVIDER_INIT_CALL)WINTRUST_ReadProviderFromReg(GuidString, Initialization);
+    pPfns->pfnObjectTrust = (PFN_PROVIDER_OBJTRUST_CALL)WINTRUST_ReadProviderFromReg(GuidString, Message);
+    pPfns->pfnSignatureTrust = (PFN_PROVIDER_SIGTRUST_CALL)WINTRUST_ReadProviderFromReg(GuidString, Signature);
+    pPfns->pfnCertificateTrust = (PFN_PROVIDER_CERTTRUST_CALL)WINTRUST_ReadProviderFromReg(GuidString, Certificate);
+    pPfns->pfnCertCheckPolicy = (PFN_PROVIDER_CERTCHKPOLICY_CALL)WINTRUST_ReadProviderFromReg(GuidString, CertCheck);
+    pPfns->pfnFinalPolicy = (PFN_PROVIDER_FINALPOLICY_CALL)WINTRUST_ReadProviderFromReg(GuidString, FinalPolicy);
+    pPfns->pfnTestFinalPolicy = (PFN_PROVIDER_TESTFINALPOLICY_CALL)WINTRUST_ReadProviderFromReg(GuidString, DiagnosticPolicy);
+    pPfns->pfnCleanupPolicy = (PFN_PROVIDER_CLEANUP_CALL)WINTRUST_ReadProviderFromReg(GuidString, Cleanup);
 
-    TRACE("Going to register DRIVER_ACTION_VERIFY : %s\n", wine_dbgstr_w(GuidString));
+    return TRUE;
+}
 
-    /* HKLM\Software\Microsoft\Cryptography\Trust\Provider\*\{F750E6C3-38EE-11D1-85E5-00C04FC295EE} */
-    WINTRUST_WriteProviderToReg(GuidString, Initialization, DriverInitializePolicy);
-    WINTRUST_WriteProviderToReg(GuidString, Message       , SoftpubMessage);
-    WINTRUST_WriteProviderToReg(GuidString, Signature     , SoftpubSignature);
-    WINTRUST_WriteProviderToReg(GuidString, Certificate   , SoftpubCertficate);
-    WINTRUST_WriteProviderToReg(GuidString, CertCheck     , SoftpubCertCheck);
-    WINTRUST_WriteProviderToReg(GuidString, FinalPolicy   , DriverFinalPolicy);
-    WINTRUST_WriteProviderToReg(GuidString, Cleanup       , DriverCleanupPolicy);
+/***********************************************************************
+ *              WINTRUST_SIPPAddProvider
+ *
+ * Helper for DllRegisterServer.
+ */
+static BOOL WINTRUST_SIPPAddProvider(GUID* Subject, WCHAR* MagicNumber)
+{
+    static WCHAR CryptSIPGetSignedDataMsg[] =
+        {'C','r','y','p','t','S','I','P','G','e','t','S','i','g','n','e','d','D','a','t','a','M','s','g', 0};
+    static WCHAR CryptSIPPutSignedDataMsg[] =
+        {'C','r','y','p','t','S','I','P','P','u','t','S','i','g','n','e','d','D','a','t','a','M','s','g', 0};
+    static WCHAR CryptSIPCreateIndirectData[] =
+        {'C','r','y','p','t','S','I','P','C','r','e','a','t','e','I','n','d','i','r','e','c','t','D','a','t','a', 0};
+    static WCHAR CryptSIPVerifyIndirectData[] =
+        {'C','r','y','p','t','S','I','P','V','e','r','i','f','y','I','n','d','i','r','e','c','t','D','a','t','a', 0};
+    static WCHAR CryptSIPRemoveSignedDataMsg[] =
+        {'C','r','y','p','t','S','I','P','R','e','m','o','v','e','S','i','g','n','e','d','D','a','t','a','M','s','g', 0};
+    SIP_ADD_NEWPROVIDER NewProv;
+    BOOL Ret;
+
+    /* Clear and initialize the structure */
+    memset(&NewProv, 0, sizeof(SIP_ADD_NEWPROVIDER));
+    NewProv.cbStruct = sizeof(SIP_ADD_NEWPROVIDER);
+    NewProv.pwszDLLFileName = WINTRUST_Alloc(sizeof(SP_POLICY_PROVIDER_DLL_NAME));
+    /* Fill the structure */
+    NewProv.pgSubject              = Subject;
+    lstrcpyW(NewProv.pwszDLLFileName, SP_POLICY_PROVIDER_DLL_NAME);
+    NewProv.pwszMagicNumber        = MagicNumber;
+    NewProv.pwszIsFunctionName     = NULL;
+    NewProv.pwszGetFuncName        = CryptSIPGetSignedDataMsg;
+    NewProv.pwszPutFuncName        = CryptSIPPutSignedDataMsg;
+    NewProv.pwszCreateFuncName     = CryptSIPCreateIndirectData;
+    NewProv.pwszVerifyFuncName     = CryptSIPVerifyIndirectData;
+    NewProv.pwszRemoveFuncName     = CryptSIPRemoveSignedDataMsg;
+    NewProv.pwszIsFunctionNameFmt2 = NULL;
+
+    Ret = CryptSIPAddProvider(&NewProv);
+
+    WINTRUST_Free(NewProv.pwszDLLFileName);
+    return Ret;
 }
 
 /***********************************************************************
@@ -667,51 +924,165 @@ static void WINTRUST_RegisterDriverVerify(void)
  */
 HRESULT WINAPI DllRegisterServer(void)
 {
-    HRESULT Res = S_OK;
-    HKEY Key;
+    static const CHAR SpcPeImageDataEncode[]           = "WVTAsn1SpcPeImageDataEncode";
+    static const CHAR SpcPeImageDataDecode[]           = "WVTAsn1SpcPeImageDataDecode";
+    static const CHAR SpcLinkEncode[]                  = "WVTAsn1SpcLinkEncode";
+    static const CHAR SpcLinkDecode[]                  = "WVTAsn1SpcLinkDecode";
+    static const CHAR SpcSigInfoEncode[]               = "WVTAsn1SpcSigInfoEncode";
+    static const CHAR SpcSigInfoDecode[]               = "WVTAsn1SpcSigInfoDecode";
+    static const CHAR SpcIndirectDataContentEncode[]   = "WVTAsn1SpcIndirectDataContentEncode";
+    static const CHAR SpcIndirectDataContentDecode[]   = "WVTAsn1SpcIndirectDataContentDecode";
+    static const CHAR SpcSpAgencyInfoEncode[]          = "WVTAsn1SpcSpAgencyInfoEncode";
+    static const CHAR SpcSpAgencyInfoDecode[]          = "WVTAsn1SpcSpAgencyInfoDecode";
+    static const CHAR SpcMinimalCriteriaInfoEncode[]   = "WVTAsn1SpcMinimalCriteriaInfoEncode";
+    static const CHAR SpcMinimalCriteriaInfoDecode[]   = "WVTAsn1SpcMinimalCriteriaInfoDecode";
+    static const CHAR SpcFinancialCriteriaInfoEncode[] = "WVTAsn1SpcFinancialCriteriaInfoEncode";
+    static const CHAR SpcFinancialCriteriaInfoDecode[] = "WVTAsn1SpcFinancialCriteriaInfoDecode";
+    static const CHAR SpcStatementTypeEncode[]         = "WVTAsn1SpcStatementTypeEncode";
+    static const CHAR SpcStatementTypeDecode[]         = "WVTAsn1SpcStatementTypeDecode";
+    static const CHAR CatNameValueEncode[]             = "WVTAsn1CatNameValueEncode";
+    static const CHAR CatNameValueDecode[]             = "WVTAsn1CatNameValueDecode";
+    static const CHAR CatMemberInfoEncode[]            = "WVTAsn1CatMemberInfoEncode";
+    static const CHAR CatMemberInfoDecode[]            = "WVTAsn1CatMemberInfoDecode";
+    static const CHAR SpcSpOpusInfoEncode[]            = "WVTAsn1SpcSpOpusInfoEncode";
+    static const CHAR SpcSpOpusInfoDecode[]            = "WVTAsn1SpcSpOpusInfoDecode";
+    static GUID Unknown1 = { 0xDE351A42, 0x8E59, 0x11D0, { 0x8C,0x47,0x00,0xC0,0x4F,0xC2,0x95,0xEE }};
+    static GUID Unknown2 = { 0xC689AABA, 0x8E78, 0x11D0, { 0x8C,0x47,0x00,0xC0,0x4F,0xC2,0x95,0xEE }};
+    static GUID Unknown3 = { 0xC689AAB8, 0x8E78, 0x11D0, { 0x8C,0x47,0x00,0xC0,0x4F,0xC2,0x95,0xEE }};
+    static GUID Unknown4 = { 0xC689AAB9, 0x8E78, 0x11D0, { 0x8C,0x47,0x00,0xC0,0x4F,0xC2,0x95,0xEE }};
+    static GUID Unknown5 = { 0xDE351A43, 0x8E59, 0x11D0, { 0x8C,0x47,0x00,0xC0,0x4F,0xC2,0x95,0xEE }};
+    static GUID Unknown6 = { 0x9BA61D3F, 0xE73A, 0x11D0, { 0x8C,0xD2,0x00,0xC0,0x4F,0xC2,0x95,0xEE }};
+    static WCHAR MagicNumber2[] = {'M','S','C','F', 0};
+    static WCHAR MagicNumber3[] = {'0','x','0','0','0','0','4','5','5','0', 0};
+    static WCHAR CafeBabe[] = {'0','x','c','a','f','e','b','a','b','e', 0};
+
+    HRESULT CryptRegisterRes = S_OK;
+    HRESULT TrustProviderRes = S_OK;
+    HRESULT SIPAddProviderRes = S_OK;
 
     TRACE("\n");
 
-    /* Create the necessary action registry structures */
-    WINTRUST_InitRegStructs();
-
-    /* FIXME:
-     * 
-     * A short list of stuff that should be done here:
+    /* Testing on native shows that when an error is encountered in one of the CryptRegisterOIDFunction calls
+     * the rest of these calls is skipped. Registering is however continued for the trust providers.
      *
-     * - Several calls to CryptRegisterOIDFunction
-     * - Several action registrations (NOT through WintrustAddActionID)
-     * - Several calls to CryptSIPAddProvider
-     * - One call to CryptSIPRemoveProvider (do we need that?)
+     * We are not totally in line with native as there all decoding functions are registered after all encoding
+     * functions.
      */
+#define WINTRUST_REGISTEROID( oid, encode_funcname, decode_funcname ) \
+    do { \
+        if (!CryptRegisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_ENCODE_OBJECT_FUNC, oid, SP_POLICY_PROVIDER_DLL_NAME, encode_funcname)) \
+        {                                                               \
+            CryptRegisterRes = HRESULT_FROM_WIN32(GetLastError());      \
+            goto add_trust_providers;                                   \
+        }                                                               \
+        if (!CryptRegisterOIDFunction(X509_ASN_ENCODING, CRYPT_OID_DECODE_OBJECT_FUNC, oid, SP_POLICY_PROVIDER_DLL_NAME, decode_funcname)) \
+        {                                                               \
+            CryptRegisterRes = HRESULT_FROM_WIN32(GetLastError());      \
+            goto add_trust_providers;                                   \
+        }                                                               \
+    } while (0)
+
+    WINTRUST_REGISTEROID(SPC_PE_IMAGE_DATA_OBJID, SpcPeImageDataEncode, SpcPeImageDataDecode);
+    WINTRUST_REGISTEROID(SPC_PE_IMAGE_DATA_STRUCT, SpcPeImageDataEncode, SpcPeImageDataDecode);
+    WINTRUST_REGISTEROID(SPC_CAB_DATA_OBJID, SpcLinkEncode, SpcLinkDecode);
+    WINTRUST_REGISTEROID(SPC_CAB_DATA_STRUCT, SpcLinkEncode, SpcLinkDecode);
+    WINTRUST_REGISTEROID(SPC_JAVA_CLASS_DATA_OBJID, SpcLinkEncode, SpcLinkDecode);
+    WINTRUST_REGISTEROID(SPC_JAVA_CLASS_DATA_STRUCT, SpcLinkEncode, SpcLinkDecode);
+    WINTRUST_REGISTEROID(SPC_LINK_OBJID, SpcLinkEncode, SpcLinkDecode);
+    WINTRUST_REGISTEROID(SPC_LINK_STRUCT, SpcLinkEncode, SpcLinkDecode);
+    WINTRUST_REGISTEROID(SPC_SIGINFO_OBJID, SpcSigInfoEncode, SpcSigInfoDecode);
+    WINTRUST_REGISTEROID(SPC_SIGINFO_STRUCT, SpcSigInfoEncode, SpcSigInfoDecode);
+    WINTRUST_REGISTEROID(SPC_INDIRECT_DATA_OBJID, SpcIndirectDataContentEncode, SpcIndirectDataContentDecode);
+    WINTRUST_REGISTEROID(SPC_INDIRECT_DATA_CONTENT_STRUCT, SpcIndirectDataContentEncode, SpcIndirectDataContentDecode);
+    WINTRUST_REGISTEROID(SPC_SP_AGENCY_INFO_OBJID, SpcSpAgencyInfoEncode, SpcSpAgencyInfoDecode);
+    WINTRUST_REGISTEROID(SPC_SP_AGENCY_INFO_STRUCT, SpcSpAgencyInfoEncode, SpcSpAgencyInfoDecode);
+    WINTRUST_REGISTEROID(SPC_MINIMAL_CRITERIA_OBJID, SpcMinimalCriteriaInfoEncode, SpcMinimalCriteriaInfoDecode);
+    WINTRUST_REGISTEROID(SPC_MINIMAL_CRITERIA_STRUCT, SpcMinimalCriteriaInfoEncode, SpcMinimalCriteriaInfoDecode);
+    WINTRUST_REGISTEROID(SPC_FINANCIAL_CRITERIA_OBJID, SpcFinancialCriteriaInfoEncode, SpcFinancialCriteriaInfoDecode);
+    WINTRUST_REGISTEROID(SPC_FINANCIAL_CRITERIA_STRUCT, SpcFinancialCriteriaInfoEncode, SpcFinancialCriteriaInfoDecode);
+    WINTRUST_REGISTEROID(SPC_STATEMENT_TYPE_OBJID, SpcStatementTypeEncode, SpcStatementTypeDecode);
+    WINTRUST_REGISTEROID(SPC_STATEMENT_TYPE_STRUCT, SpcStatementTypeEncode, SpcStatementTypeDecode);
+    WINTRUST_REGISTEROID(CAT_NAMEVALUE_OBJID, CatNameValueEncode, CatNameValueDecode);
+    WINTRUST_REGISTEROID(CAT_NAMEVALUE_STRUCT, CatNameValueEncode, CatNameValueDecode);
+    WINTRUST_REGISTEROID(CAT_MEMBERINFO_OBJID, CatMemberInfoEncode, CatMemberInfoDecode);
+    WINTRUST_REGISTEROID(CAT_MEMBERINFO_STRUCT, CatMemberInfoEncode, CatMemberInfoDecode);
+    WINTRUST_REGISTEROID(SPC_SP_OPUS_INFO_OBJID, SpcSpOpusInfoEncode, SpcSpOpusInfoDecode);
+    WINTRUST_REGISTEROID(SPC_SP_OPUS_INFO_STRUCT, SpcSpOpusInfoEncode,  SpcSpOpusInfoDecode);
+
+#undef WINTRUST_REGISTEROID
+
+add_trust_providers:
 
     /* Testing on W2K3 shows:
-     * If we cannot open HKLM\Software\Microsoft\Cryptography\Providers\Trust
-     * for writing, DllRegisterServer returns S_FALSE. If the key can be opened 
-     * there is no check whether the actions can be written in the registry.
-     * As the previous list shows, there are several calls after these registrations.
-     * If they fail they will overwrite the returnvalue of DllRegisterServer.
+     * All registry writes are tried. If one fails this part will return S_FALSE.
+     *
+     * Last error is set to the last error encountered, regardless if the first
+     * part failed or not.
      */
 
-    /* Check if we can open/create HKLM\Software\Microsoft\Cryptography\Providers\Trust */
-    if (RegCreateKeyExW(HKEY_LOCAL_MACHINE, Trust, 0, NULL, 0, KEY_WRITE, NULL, &Key, NULL) != ERROR_SUCCESS)
-        Res = S_FALSE;
-    RegCloseKey(Key);
+    /* Create the necessary action registry structures */
+    WINTRUST_InitRegStructs();
 
     /* Register several Trust Provider actions */
-    WINTRUST_RegisterGenVerifyV2();
-    WINTRUST_RegisterPublishedSoftware();
-    WINTRUST_RegisterPublishedSoftwareNoBadUi();
-    WINTRUST_RegisterGenCertVerify();
-    WINTRUST_RegisterTrustProviderTest();
-    WINTRUST_RegisterHttpsProv();
-    WINTRUST_RegisterOfficeSignVerify();
-    WINTRUST_RegisterDriverVerify();
+    if (!WINTRUST_RegisterGenVerifyV2())
+        TrustProviderRes = S_FALSE;
+    if (!WINTRUST_RegisterPublishedSoftware())
+        TrustProviderRes = S_FALSE;
+    if (!WINTRUST_RegisterPublishedSoftwareNoBadUi())
+        TrustProviderRes = S_FALSE;
+    if (!WINTRUST_RegisterGenCertVerify())
+        TrustProviderRes = S_FALSE;
+    if (!WINTRUST_RegisterTrustProviderTest())
+        TrustProviderRes = S_FALSE;
+    if (!WINTRUST_RegisterHttpsProv())
+        TrustProviderRes = S_FALSE;
+    if (!WINTRUST_RegisterOfficeSignVerify())
+        TrustProviderRes = S_FALSE;
+    if (!WINTRUST_RegisterDriverVerify())
+        TrustProviderRes = S_FALSE;
+    if (!WINTRUST_RegisterGenChainVerify())
+        TrustProviderRes = S_FALSE;
 
     /* Free the registry structures */
     WINTRUST_FreeRegStructs();
 
-    return Res;
+    /* Testing on W2K3 shows:
+     * All registry writes are tried. If one fails this part will return S_FALSE.
+     *
+     * Last error is set to the last error encountered, regardless if the previous
+     * parts failed or not.
+     */
+
+    if (!WINTRUST_SIPPAddProvider(&Unknown1, NULL))
+        SIPAddProviderRes = S_FALSE;
+    if (!WINTRUST_SIPPAddProvider(&Unknown2, MagicNumber2))
+        SIPAddProviderRes = S_FALSE;
+    if (!WINTRUST_SIPPAddProvider(&Unknown3, MagicNumber3))
+        SIPAddProviderRes = S_FALSE;
+    if (!WINTRUST_SIPPAddProvider(&Unknown4, CafeBabe))
+        SIPAddProviderRes = S_FALSE;
+    if (!WINTRUST_SIPPAddProvider(&Unknown5, CafeBabe))
+        SIPAddProviderRes = S_FALSE;
+    if (!WINTRUST_SIPPAddProvider(&Unknown6, CafeBabe))
+        SIPAddProviderRes = S_FALSE;
+
+    /* Native does a CryptSIPRemoveProvider here for {941C2937-1292-11D1-85BE-00C04FC295EE}.
+     * This SIP Provider is however not found on up-to-date window install and native will
+     * set the last error to ERROR_FILE_NOT_FOUND.
+     * Wine has the last error set to ERROR_INVALID_PARAMETER. There shouldn't be an app
+     * depending on this last error though so there is no need to imitate native to the full extent.
+     *
+     * (The ERROR_INVALID_PARAMETER for Wine it totally valid as we (and native) do register
+     * a trust provider without a diagnostic policy).
+     */
+
+    /* If CryptRegisterRes is not S_OK it will always overrule the return value. */
+    if (CryptRegisterRes != S_OK)
+        return CryptRegisterRes;
+    else if (SIPAddProviderRes == S_OK)
+        return TrustProviderRes;
+    else 
+        return SIPAddProviderRes;
 }
 
 /***********************************************************************
@@ -725,11 +1096,52 @@ HRESULT WINAPI DllUnregisterServer(void)
 
 /***********************************************************************
  *              SoftpubDllRegisterServer (WINTRUST.@)
+ *
+ * Registers softpub.dll
+ *
+ * PARAMS
+ *
+ * RETURNS
+ *  Success: S_OK.
+ *  Failure: S_FALSE. (See also GetLastError()).
+ *
+ * NOTES
+ *  DllRegisterServer in softpub.dll will call this function.
+ *  See comments in DllRegisterServer.
  */
 HRESULT WINAPI SoftpubDllRegisterServer(void)
 {
-     FIXME("stub\n");
-     return S_OK;
+    HRESULT TrustProviderRes = S_OK;
+
+    TRACE("\n");
+
+    /* Create the necessary action registry structures */
+    WINTRUST_InitRegStructs();
+
+    /* Register several Trust Provider actions */
+    if (!WINTRUST_RegisterGenVerifyV2())
+        TrustProviderRes = S_FALSE;
+    if (!WINTRUST_RegisterPublishedSoftware())
+        TrustProviderRes = S_FALSE;
+    if (!WINTRUST_RegisterPublishedSoftwareNoBadUi())
+        TrustProviderRes = S_FALSE;
+    if (!WINTRUST_RegisterGenCertVerify())
+        TrustProviderRes = S_FALSE;
+    if (!WINTRUST_RegisterTrustProviderTest())
+        TrustProviderRes = S_FALSE;
+    if (!WINTRUST_RegisterHttpsProv())
+        TrustProviderRes = S_FALSE;
+    if (!WINTRUST_RegisterOfficeSignVerify())
+        TrustProviderRes = S_FALSE;
+    if (!WINTRUST_RegisterDriverVerify())
+        TrustProviderRes = S_FALSE;
+    if (!WINTRUST_RegisterGenChainVerify())
+        TrustProviderRes = S_FALSE;
+
+    /* Free the registry structures */
+    WINTRUST_FreeRegStructs();
+
+    return TrustProviderRes;
 }
 
 /***********************************************************************