You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
300 lines
10 KiB
300 lines
10 KiB
//+-------------------------------------------------------------------------
|
|
//
|
|
// Microsoft Windows
|
|
//
|
|
// Copyright (C) Microsoft Corporation, 1996 - 1999
|
|
//
|
|
// File: offprov.cpp
|
|
//
|
|
// Contents: Microsoft Internet Security Authenticode Policy Provider
|
|
//
|
|
// Functions: OfficeRegisterServer
|
|
// OfficeUnregisterServer
|
|
// OfficeInitializePolicy
|
|
// OfficeCleanupPolicy
|
|
//
|
|
// *** local functions ***
|
|
// _SetOverrideText
|
|
//
|
|
// History: 18-Aug-1997 pberkman created
|
|
//
|
|
//--------------------------------------------------------------------------
|
|
|
|
#include "global.hxx"
|
|
|
|
void _SetOverrideText(CRYPT_PROVIDER_DATA *pProvData, WCHAR **ppwszRet, DWORD dwStringId);
|
|
|
|
//////////////////////////////////////////////////////////////////////////////
|
|
//
|
|
// OfficeRegisterServer
|
|
//----------------------------------------------------------------------------
|
|
// Register the office provider
|
|
//
|
|
|
|
STDAPI OfficeRegisterServer(void)
|
|
{
|
|
GUID gOfficeProv = OFFICESIGN_ACTION_VERIFY;
|
|
|
|
CRYPT_REGISTER_ACTIONID sRegAID;
|
|
|
|
memset(&sRegAID, 0x00, sizeof(CRYPT_REGISTER_ACTIONID));
|
|
|
|
sRegAID.cbStruct = sizeof(CRYPT_REGISTER_ACTIONID);
|
|
|
|
// my initialization provider
|
|
sRegAID.sInitProvider.cbStruct = sizeof(CRYPT_TRUST_REG_ENTRY);
|
|
sRegAID.sInitProvider.pwszDLLName = OFFICE_POLICY_PROVIDER_DLL_NAME;
|
|
sRegAID.sInitProvider.pwszFunctionName = OFFICE_INITPROV_FUNCTION;
|
|
|
|
// Authenticode object provider
|
|
sRegAID.sObjectProvider.cbStruct = sizeof(CRYPT_TRUST_REG_ENTRY);
|
|
sRegAID.sObjectProvider.pwszDLLName = SP_POLICY_PROVIDER_DLL_NAME;
|
|
sRegAID.sObjectProvider.pwszFunctionName = SP_OBJTRUST_FUNCTION;
|
|
|
|
// Authenticode signature provider
|
|
sRegAID.sSignatureProvider.cbStruct = sizeof(CRYPT_TRUST_REG_ENTRY);
|
|
sRegAID.sSignatureProvider.pwszDLLName = SP_POLICY_PROVIDER_DLL_NAME;
|
|
sRegAID.sSignatureProvider.pwszFunctionName = SP_SIGTRUST_FUNCTION;
|
|
|
|
// wintrust's certificate provider
|
|
sRegAID.sCertificateProvider.cbStruct = sizeof(CRYPT_TRUST_REG_ENTRY);
|
|
sRegAID.sCertificateProvider.pwszDLLName = WT_PROVIDER_DLL_NAME; // set to wintrust.dll
|
|
sRegAID.sCertificateProvider.pwszFunctionName = WT_PROVIDER_CERTTRUST_FUNCTION; // use wintrust's standard!
|
|
|
|
// Authenticode certificate checker
|
|
sRegAID.sCertificatePolicyProvider.cbStruct = sizeof(CRYPT_TRUST_REG_ENTRY);
|
|
sRegAID.sCertificatePolicyProvider.pwszDLLName = SP_POLICY_PROVIDER_DLL_NAME;
|
|
sRegAID.sCertificatePolicyProvider.pwszFunctionName = SP_CHKCERT_FUNCTION;
|
|
|
|
// Authenticode final
|
|
sRegAID.sFinalPolicyProvider.cbStruct = sizeof(CRYPT_TRUST_REG_ENTRY);
|
|
sRegAID.sFinalPolicyProvider.pwszDLLName = SP_POLICY_PROVIDER_DLL_NAME;
|
|
sRegAID.sFinalPolicyProvider.pwszFunctionName = SP_FINALPOLICY_FUNCTION;
|
|
|
|
// Authenticode cleanup
|
|
sRegAID.sCleanupProvider.cbStruct = sizeof(CRYPT_TRUST_REG_ENTRY);
|
|
sRegAID.sCleanupProvider.pwszDLLName = OFFICE_POLICY_PROVIDER_DLL_NAME;
|
|
sRegAID.sCleanupProvider.pwszFunctionName = OFFICE_CLEANUPPOLICY_FUNCTION;
|
|
|
|
if (WintrustAddActionID(&gOfficeProv, 0, &sRegAID))
|
|
{
|
|
return(S_OK);
|
|
}
|
|
|
|
return(S_FALSE);
|
|
}
|
|
|
|
//////////////////////////////////////////////////////////////////////////////
|
|
//
|
|
// DllUnregisterServer
|
|
//----------------------------------------------------------------------------
|
|
// unregisters office provider
|
|
//
|
|
|
|
STDAPI OfficeUnregisterServer(void)
|
|
{
|
|
GUID gOfficeProv = OFFICESIGN_ACTION_VERIFY;
|
|
|
|
WintrustRemoveActionID(&gOfficeProv);
|
|
|
|
return(S_OK);
|
|
}
|
|
|
|
|
|
typedef struct _OFFPROV_PRIVATE_DATA
|
|
{
|
|
DWORD cbStruct;
|
|
|
|
CRYPT_PROVIDER_FUNCTIONS sAuthenticodePfns;
|
|
|
|
} OFFPROV_PRIVATE_DATA, *POFFPROV_PRIVATE_DATA;
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////////////////
|
|
//
|
|
// Initialize Policy Provider function: OfficeInitializePolicy
|
|
//----------------------------------------------------------------------------
|
|
// change the OID to the email OID for Usage....
|
|
//
|
|
|
|
static char *pszOfficeUsage = szOID_PKIX_KP_CODE_SIGNING;
|
|
|
|
HRESULT WINAPI OfficeInitializePolicy(CRYPT_PROVIDER_DATA *pProvData)
|
|
{
|
|
if (!(pProvData->padwTrustStepErrors) ||
|
|
(pProvData->padwTrustStepErrors[TRUSTERROR_STEP_FINAL_WVTINIT] != ERROR_SUCCESS))
|
|
{
|
|
return(S_FALSE);
|
|
}
|
|
|
|
if (!(_ISINSTRUCT(CRYPT_PROVIDER_DATA, pProvData->cbStruct, pszUsageOID)))
|
|
{
|
|
pProvData->padwTrustStepErrors[TRUSTERROR_STEP_FINAL_INITPROV] = ERROR_INVALID_PARAMETER;
|
|
return(S_FALSE);
|
|
}
|
|
|
|
GUID gAuthenticode = WINTRUST_ACTION_GENERIC_VERIFY_V2;
|
|
GUID gOfficeProv = OFFICESIGN_ACTION_VERIFY;
|
|
CRYPT_PROVIDER_PRIVDATA sPrivData;
|
|
CRYPT_PROVIDER_PRIVDATA *pPrivData;
|
|
OFFPROV_PRIVATE_DATA *pOfficeData;
|
|
HRESULT hr;
|
|
|
|
memset(&sPrivData, 0x00, sizeof(CRYPT_PROVIDER_PRIVDATA));
|
|
sPrivData.cbStruct = sizeof(CRYPT_PROVIDER_PRIVDATA);
|
|
|
|
memcpy(&sPrivData.gProviderID, &gOfficeProv, sizeof(GUID));
|
|
|
|
//
|
|
// add my data to the chain!
|
|
//
|
|
if (!pProvData->psPfns->pfnAddPrivData2Chain(pProvData, &sPrivData))
|
|
{
|
|
return(S_FALSE);
|
|
}
|
|
|
|
//
|
|
// get the new reference
|
|
//
|
|
pPrivData = WTHelperGetProvPrivateDataFromChain(pProvData, &gOfficeProv);
|
|
|
|
|
|
//
|
|
// allocate space for my struct
|
|
//
|
|
if (!(pPrivData->pvProvData = pProvData->psPfns->pfnAlloc(sizeof(OFFPROV_PRIVATE_DATA))))
|
|
{
|
|
pProvData->dwError = GetLastError();
|
|
pProvData->padwTrustStepErrors[TRUSTERROR_STEP_FINAL_INITPROV] = TRUST_E_SYSTEM_ERROR;
|
|
return(S_FALSE);
|
|
}
|
|
|
|
memset(pPrivData->pvProvData, 0x00, sizeof(OFFPROV_PRIVATE_DATA));
|
|
pPrivData->cbProvData = sizeof(OFFPROV_PRIVATE_DATA);
|
|
|
|
pOfficeData = (OFFPROV_PRIVATE_DATA *)pPrivData->pvProvData;
|
|
pOfficeData->cbStruct = sizeof(OFFPROV_PRIVATE_DATA);
|
|
|
|
//
|
|
// fill in the Authenticode Functions
|
|
//
|
|
pOfficeData->sAuthenticodePfns.cbStruct = sizeof(CRYPT_PROVIDER_FUNCTIONS);
|
|
|
|
if (!(WintrustLoadFunctionPointers(&gAuthenticode, &pOfficeData->sAuthenticodePfns)))
|
|
{
|
|
pProvData->psPfns->pfnFree(sPrivData.pvProvData);
|
|
pProvData->padwTrustStepErrors[TRUSTERROR_STEP_FINAL_INITPROV] = TRUST_E_PROVIDER_UNKNOWN;
|
|
return(S_FALSE);
|
|
}
|
|
|
|
if (pOfficeData->sAuthenticodePfns.pfnInitialize)
|
|
{
|
|
hr = pOfficeData->sAuthenticodePfns.pfnInitialize(pProvData);
|
|
}
|
|
|
|
//
|
|
// assign our usage
|
|
//
|
|
pProvData->pszUsageOID = pszOfficeUsage;
|
|
|
|
//
|
|
// change the text on the dialog buttons
|
|
//
|
|
if (pProvData->psPfns->psUIpfns)
|
|
{
|
|
if (pProvData->psPfns->psUIpfns->psUIData)
|
|
{
|
|
if (!(_ISINSTRUCT(CRYPT_PROVUI_DATA, pProvData->psPfns->psUIpfns->psUIData->cbStruct, pCopyActionTextNotSigned)))
|
|
{
|
|
return(hr);
|
|
}
|
|
|
|
_SetOverrideText(pProvData, &pProvData->psPfns->psUIpfns->psUIData->pYesButtonText,
|
|
IDS_OFFICE_YES_BUTTON_TEXT);
|
|
_SetOverrideText(pProvData, &pProvData->psPfns->psUIpfns->psUIData->pNoButtonText,
|
|
IDS_OFFICE_NO_BUTTON_TEXT);
|
|
_SetOverrideText(pProvData, &pProvData->psPfns->psUIpfns->psUIData->pCopyActionText,
|
|
IDS_OFFICE_COPYACTION_TEXT);
|
|
_SetOverrideText(pProvData, &pProvData->psPfns->psUIpfns->psUIData->pCopyActionTextNoTS,
|
|
IDS_OFFICE_COPYACTION_NOTS_TEXT);
|
|
_SetOverrideText(pProvData, &pProvData->psPfns->psUIpfns->psUIData->pCopyActionTextNotSigned,
|
|
IDS_OFFICE_COPYACTION_NOSIGN_TEXT);
|
|
}
|
|
}
|
|
|
|
return(hr);
|
|
}
|
|
|
|
void _SetOverrideText(CRYPT_PROVIDER_DATA *pProvData, WCHAR **ppwszRet, DWORD dwStringId)
|
|
{
|
|
WCHAR wsz[MAX_PATH];
|
|
|
|
if (*ppwszRet)
|
|
{
|
|
pProvData->psPfns->pfnFree(*ppwszRet);
|
|
*ppwszRet = NULL;
|
|
}
|
|
|
|
wsz[0] = NULL;
|
|
LoadStringU(hinst, dwStringId, &wsz[0], MAX_PATH);
|
|
|
|
if (wsz[0])
|
|
{
|
|
if (*ppwszRet = (WCHAR *)pProvData->psPfns->pfnAlloc((wcslen(&wsz[0]) + 1) * sizeof(WCHAR)))
|
|
{
|
|
wcscpy(*ppwszRet, &wsz[0]);
|
|
}
|
|
}
|
|
}
|
|
|
|
HRESULT WINAPI OfficeCleanupPolicy(CRYPT_PROVIDER_DATA *pProvData)
|
|
{
|
|
GUID gOfficeProv = OFFICESIGN_ACTION_VERIFY;
|
|
CRYPT_PROVIDER_PRIVDATA *pMyData;
|
|
OFFPROV_PRIVATE_DATA *pOfficeData;
|
|
HRESULT hr = S_OK;
|
|
|
|
if (!(pProvData->padwTrustStepErrors) ||
|
|
(pProvData->padwTrustStepErrors[TRUSTERROR_STEP_FINAL_WVTINIT] != ERROR_SUCCESS))
|
|
{
|
|
return(S_FALSE);
|
|
}
|
|
|
|
pMyData = WTHelperGetProvPrivateDataFromChain(pProvData, &gOfficeProv);
|
|
|
|
if (pMyData)
|
|
{
|
|
pOfficeData = (OFFPROV_PRIVATE_DATA *)pMyData->pvProvData;
|
|
//
|
|
// remove the data we allocated except for the "MyData" which WVT will clean up for us!
|
|
//
|
|
|
|
if (pOfficeData->sAuthenticodePfns.pfnCleanupPolicy)
|
|
{
|
|
hr = pOfficeData->sAuthenticodePfns.pfnCleanupPolicy(pProvData);
|
|
}
|
|
|
|
pProvData->psPfns->pfnFree(pMyData->pvProvData);
|
|
pMyData->pvProvData = NULL;
|
|
}
|
|
|
|
if (pProvData->psPfns->psUIpfns)
|
|
{
|
|
if (pProvData->psPfns->psUIpfns->psUIData)
|
|
{
|
|
if (_ISINSTRUCT(CRYPT_PROVUI_DATA, pProvData->psPfns->psUIpfns->psUIData->cbStruct, pCopyActionText))
|
|
{
|
|
pProvData->psPfns->pfnFree(pProvData->psPfns->psUIpfns->psUIData->pYesButtonText);
|
|
pProvData->psPfns->psUIpfns->psUIData->pYesButtonText = NULL;
|
|
|
|
pProvData->psPfns->pfnFree(pProvData->psPfns->psUIpfns->psUIData->pNoButtonText);
|
|
pProvData->psPfns->psUIpfns->psUIData->pNoButtonText = NULL;
|
|
|
|
pProvData->psPfns->pfnFree(pProvData->psPfns->psUIpfns->psUIData->pCopyActionText);
|
|
pProvData->psPfns->psUIpfns->psUIData->pCopyActionText = NULL;
|
|
}
|
|
}
|
|
}
|
|
|
|
return(hr);
|
|
}
|