Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

263 lines
6.3 KiB

  1. /*++
  2. Copyright (c) 2001 Microsoft Corporation
  3. All rights reserved
  4. Module Name:
  5. ssp.cxx
  6. Abstract:
  7. This file wraps around wintrust functions.
  8. Author:
  9. Larry Zhu (LZhu) 6-Apr-2001 Created.
  10. Environment:
  11. User Mode -Win32
  12. Revision History:
  13. Robert Orleth (ROrleth) 7-Apr-2001 Contributed the following APIs:
  14. AddCatalogDirect
  15. --*/
  16. #include "precomp.h"
  17. #pragma hdrstop
  18. #include "ssp.hxx"
  19. TSSP::
  20. TSSP(
  21. VOID
  22. ) : m_hLibrary(NULL),
  23. m_pfnCryptCATAdminAcquireContext(NULL),
  24. m_pfnCryptCATAdminAddCatalog(NULL),
  25. m_pfnCryptCATAdminReleaseCatalogContext(NULL),
  26. m_pfnCryptCATAdminReleaseContext(NULL),
  27. m_pfnWinVerifyTrust(NULL),
  28. m_hr(E_FAIL)
  29. {
  30. m_hr = Initialize();
  31. }
  32. TSSP::
  33. ~TSSP(
  34. VOID
  35. )
  36. {
  37. if (m_hLibrary)
  38. {
  39. (void)FreeLibrary(m_hLibrary);
  40. }
  41. }
  42. HRESULT
  43. TSSP::
  44. IsValid(
  45. VOID
  46. ) const
  47. {
  48. return m_hr;
  49. }
  50. /*++
  51. Routine Name:
  52. AddCatalogDirect
  53. Routine Description:
  54. This routine installs a catalog file, this routine must run with Admin
  55. privilege.
  56. Arguments:
  57. pszCatalogFullPath - Supplies the fully-qualified win32 path of the
  58. catalog to be installed on the system
  59. pszCatNameOnSystem - Catalog name used under CatRoot
  60. Return Value:
  61. An HRESULT
  62. --*/
  63. HRESULT
  64. TSSP::
  65. AddCatalogDirect(
  66. IN PCWSTR pszCatalogFullPath,
  67. IN PCWSTR pszCatNameOnSystem OPTIONAL
  68. )
  69. {
  70. HRESULT hRetval = E_FAIL;
  71. GUID guidDriver = DRIVER_ACTION_VERIFY;
  72. HCATINFO hCatInfo = NULL;
  73. HCATADMIN hCatAdmin = NULL;
  74. hRetval = pszCatalogFullPath ? S_OK : E_INVALIDARG;
  75. if (SUCCEEDED(hRetval))
  76. {
  77. hRetval = m_pfnCryptCATAdminAcquireContext(&hCatAdmin, &guidDriver, 0) ? S_OK : GetLastErrorAsHResultAndFail();
  78. }
  79. if (SUCCEEDED(hRetval))
  80. {
  81. hCatInfo = m_pfnCryptCATAdminAddCatalog(hCatAdmin,
  82. const_cast<PWSTR>(pszCatalogFullPath),
  83. const_cast<PWSTR>(pszCatNameOnSystem),
  84. 0);
  85. hRetval = hCatInfo ? S_OK : GetLastErrorAsHResultAndFail();
  86. }
  87. if (SUCCEEDED(hRetval))
  88. {
  89. (void)m_pfnCryptCATAdminReleaseCatalogContext(hCatAdmin, hCatInfo, 0);
  90. }
  91. if (hCatAdmin)
  92. {
  93. (void)m_pfnCryptCATAdminReleaseContext(hCatAdmin, 0);
  94. }
  95. return hRetval;
  96. }
  97. /*++
  98. Routine Name:
  99. VerifyCatalog
  100. Routine Description:
  101. This routine verifies a single catalog file. A catalog file is
  102. "self-verifying" in that there is no additional file or data required
  103. to verify it.
  104. Arguments:
  105. pszCatalogFullPath - Supplies the fully-qualified Win32 path of the catalog
  106. file to be verified
  107. Return Value:
  108. An HRESULT
  109. --*/
  110. HRESULT
  111. TSSP::
  112. VerifyCatalog(
  113. IN PCWSTR pszCatalogFullPath
  114. )
  115. {
  116. HRESULT hRetval = E_FAIL;
  117. GUID DriverVerifyGuid = DRIVER_ACTION_VERIFY;
  118. WINTRUST_DATA WintrustData = {0};
  119. WINTRUST_FILE_INFO WintrustFileInfo = {0};
  120. hRetval = pszCatalogFullPath ? S_OK : E_INVALIDARG;
  121. if (SUCCEEDED(hRetval))
  122. {
  123. WintrustFileInfo.cbStruct = sizeof(WINTRUST_FILE_INFO);
  124. WintrustFileInfo.pcwszFilePath = pszCatalogFullPath;
  125. WintrustData.cbStruct = sizeof(WINTRUST_DATA);
  126. WintrustData.dwUIChoice = WTD_UI_NONE;
  127. WintrustData.fdwRevocationChecks = WTD_REVOKE_NONE;
  128. WintrustData.dwUnionChoice = WTD_CHOICE_FILE;
  129. WintrustData.pFile = &WintrustFileInfo;
  130. WintrustData.dwProvFlags = WTD_REVOCATION_CHECK_NONE;
  131. //
  132. // WinVerifyTrust uses INVALID_HANDLE_VALUE as hwnd handle for
  133. // non-interactive operations. Do NOT pass a NULL as hwnd, since that
  134. // will cause the trust provider to interact with users using the
  135. // interactive desktop! Refer to SDK for details
  136. //
  137. hRetval = m_pfnWinVerifyTrust(INVALID_HANDLE_VALUE, &DriverVerifyGuid, &WintrustData);
  138. }
  139. return hRetval;
  140. }
  141. /******************************************************************************
  142. Private Methods
  143. ******************************************************************************/
  144. /*++
  145. Routine Name:
  146. Initialize
  147. Routine Description:
  148. Load the wintrust library and get the addresses of ssp functions.
  149. Arguments:
  150. None
  151. Return Value:
  152. An HRESULT
  153. --*/
  154. HRESULT
  155. TSSP::
  156. Initialize(
  157. VOID
  158. )
  159. {
  160. HRESULT hRetval = E_FAIL;
  161. m_hLibrary = LoadLibrary(L"wintrust.dll");
  162. hRetval = m_hLibrary ? S_OK : GetLastErrorAsHResult();
  163. if (SUCCEEDED(hRetval))
  164. {
  165. m_pfnCryptCATAdminAcquireContext = reinterpret_cast<PFuncCryptCATAdminAcquireContext>(GetProcAddress(m_hLibrary, "CryptCATAdminAcquireContext"));
  166. hRetval = m_pfnCryptCATAdminAddCatalog ? S_OK : GetLastErrorAsHResult();
  167. }
  168. if (SUCCEEDED(hRetval))
  169. {
  170. m_pfnCryptCATAdminAddCatalog = reinterpret_cast<PFuncCryptCATAdminAddCatalog>(GetProcAddress(m_hLibrary, "CryptCATAdminAddCatalog"));
  171. hRetval = m_pfnCryptCATAdminAddCatalog ? S_OK : GetLastErrorAsHResult();
  172. }
  173. if (SUCCEEDED(hRetval))
  174. {
  175. m_pfnCryptCATAdminReleaseContext = reinterpret_cast<PFuncCryptCATAdminReleaseContext>(GetProcAddress(m_hLibrary, "CryptCATAdminReleaseContext"));
  176. hRetval = m_pfnCryptCATAdminReleaseContext ? S_OK : GetLastErrorAsHResult();
  177. }
  178. if (SUCCEEDED(hRetval))
  179. {
  180. m_pfnCryptCATAdminReleaseCatalogContext = reinterpret_cast<PFuncCryptCATAdminReleaseCatalogContext>(GetProcAddress(m_hLibrary, "CryptCATAdminReleaseCatalogContext"));
  181. hRetval = m_pfnCryptCATAdminReleaseCatalogContext ? S_OK : GetLastErrorAsHResult();
  182. }
  183. if (SUCCEEDED(hRetval))
  184. {
  185. m_pfnWinVerifyTrust = reinterpret_cast<PFuncWinVerifyTrust>(GetProcAddress(m_hLibrary, "WinVerifyTrust"));
  186. hRetval = m_pfnWinVerifyTrust ? S_OK : GetLastErrorAsHResult();
  187. }
  188. return hRetval;
  189. }