windows-server-2003/printscan/print/spooler/localspl/ssp.cxx

/*++

Copyright (c) 2001  Microsoft Corporation
All rights reserved

Module Name:

    ssp.cxx

Abstract:

    This file wraps around wintrust functions.

Author:

    Larry Zhu   (LZhu)             6-Apr-2001  Created.

Environment:

    User Mode -Win32

Revision History:

    Robert Orleth (ROrleth)        7-Apr-2001 Contributed the following APIs:

         AddCatalogDirect

--*/

#include "precomp.h"
#pragma hdrstop

#include "ssp.hxx"

TSSP::
TSSP(
    VOID
    ) : m_hLibrary(NULL),
        m_pfnCryptCATAdminAcquireContext(NULL),
        m_pfnCryptCATAdminAddCatalog(NULL),
        m_pfnCryptCATAdminReleaseCatalogContext(NULL),
        m_pfnCryptCATAdminReleaseContext(NULL),
        m_pfnWinVerifyTrust(NULL),
        m_hr(E_FAIL)
{
    m_hr = Initialize();
}

TSSP::
~TSSP(
    VOID
    )
{
    if (m_hLibrary)
    {
        (void)FreeLibrary(m_hLibrary);
    }
}

HRESULT
TSSP::
IsValid(
    VOID
    ) const
{
    return m_hr;
}

/*++

Routine Name:

    AddCatalogDirect

Routine Description:

    This routine installs a catalog file, this routine must run with Admin
    privilege.

Arguments:

    pszCatalogFullPath  - Supplies the fully-qualified win32 path of the
                          catalog to be installed on the system
    pszCatNameOnSystem -  Catalog name used under CatRoot

Return Value:

    An HRESULT

--*/
HRESULT
TSSP::
AddCatalogDirect(
    IN    PCWSTR       pszCatalogFullPath,
    IN    PCWSTR       pszCatNameOnSystem     OPTIONAL
    )
{
    HRESULT   hRetval     = E_FAIL;
    GUID      guidDriver  = DRIVER_ACTION_VERIFY;
    HCATINFO  hCatInfo    = NULL;
    HCATADMIN hCatAdmin   = NULL;

    hRetval = pszCatalogFullPath ? S_OK : E_INVALIDARG;

    if (SUCCEEDED(hRetval))
    {
        hRetval = m_pfnCryptCATAdminAcquireContext(&hCatAdmin, &guidDriver, 0) ? S_OK : GetLastErrorAsHResultAndFail();
    }

    if (SUCCEEDED(hRetval))
    {
        hCatInfo = m_pfnCryptCATAdminAddCatalog(hCatAdmin,
                                                const_cast<PWSTR>(pszCatalogFullPath),
                                                const_cast<PWSTR>(pszCatNameOnSystem),
                                                0);
        hRetval = hCatInfo ? S_OK : GetLastErrorAsHResultAndFail();
    }

    if (SUCCEEDED(hRetval))
    {
        (void)m_pfnCryptCATAdminReleaseCatalogContext(hCatAdmin, hCatInfo, 0);
    }

    if (hCatAdmin)
    {
        (void)m_pfnCryptCATAdminReleaseContext(hCatAdmin, 0);
    }

    return hRetval;
}

/*++

Routine Name:

    VerifyCatalog

Routine Description:

    This routine verifies a single catalog file. A catalog file is
    "self-verifying" in that there is no additional file or data required
    to verify it.

Arguments:

    pszCatalogFullPath - Supplies the fully-qualified Win32 path of the catalog
                         file to be verified

Return Value:

    An HRESULT

--*/
HRESULT
TSSP::
VerifyCatalog(
    IN     PCWSTR      pszCatalogFullPath
    )
{
    HRESULT            hRetval          = E_FAIL;
    GUID               DriverVerifyGuid = DRIVER_ACTION_VERIFY;
    WINTRUST_DATA      WintrustData     = {0};
    WINTRUST_FILE_INFO WintrustFileInfo = {0};

    hRetval = pszCatalogFullPath ? S_OK : E_INVALIDARG;

    if (SUCCEEDED(hRetval))
    {
        WintrustFileInfo.cbStruct        = sizeof(WINTRUST_FILE_INFO);
        WintrustFileInfo.pcwszFilePath   = pszCatalogFullPath;

        WintrustData.cbStruct            = sizeof(WINTRUST_DATA);
        WintrustData.dwUIChoice          = WTD_UI_NONE;
        WintrustData.fdwRevocationChecks = WTD_REVOKE_NONE;
        WintrustData.dwUnionChoice       = WTD_CHOICE_FILE;
        WintrustData.pFile               = &WintrustFileInfo;
        WintrustData.dwProvFlags         = WTD_REVOCATION_CHECK_NONE;

        //
        // WinVerifyTrust uses INVALID_HANDLE_VALUE as hwnd handle for
        // non-interactive operations. Do NOT pass a NULL as hwnd, since that
        // will cause the trust provider to interact with users using the
        // interactive desktop! Refer to SDK for details
        //
        hRetval = m_pfnWinVerifyTrust(INVALID_HANDLE_VALUE, &DriverVerifyGuid, &WintrustData);
    }

    return hRetval;
}

/******************************************************************************

    Private Methods

******************************************************************************/
/*++

Routine Name:

    Initialize

Routine Description:

    Load the wintrust library and get the addresses of ssp functions.

Arguments:

    None

Return Value:

    An HRESULT

--*/
HRESULT
TSSP::
Initialize(
    VOID
    )
{
    HRESULT hRetval = E_FAIL;

    m_hLibrary = LoadLibrary(L"wintrust.dll");

    hRetval = m_hLibrary ? S_OK : GetLastErrorAsHResult();

    if (SUCCEEDED(hRetval))
    {
        m_pfnCryptCATAdminAcquireContext = reinterpret_cast<PFuncCryptCATAdminAcquireContext>(GetProcAddress(m_hLibrary, "CryptCATAdminAcquireContext"));

        hRetval = m_pfnCryptCATAdminAddCatalog ? S_OK : GetLastErrorAsHResult();
    }

    if (SUCCEEDED(hRetval))
    {
        m_pfnCryptCATAdminAddCatalog = reinterpret_cast<PFuncCryptCATAdminAddCatalog>(GetProcAddress(m_hLibrary, "CryptCATAdminAddCatalog"));

        hRetval = m_pfnCryptCATAdminAddCatalog ? S_OK : GetLastErrorAsHResult();
    }

    if (SUCCEEDED(hRetval))
    {
        m_pfnCryptCATAdminReleaseContext = reinterpret_cast<PFuncCryptCATAdminReleaseContext>(GetProcAddress(m_hLibrary, "CryptCATAdminReleaseContext"));

        hRetval = m_pfnCryptCATAdminReleaseContext ? S_OK : GetLastErrorAsHResult();
    }

    if (SUCCEEDED(hRetval))
    {
        m_pfnCryptCATAdminReleaseCatalogContext = reinterpret_cast<PFuncCryptCATAdminReleaseCatalogContext>(GetProcAddress(m_hLibrary, "CryptCATAdminReleaseCatalogContext"));

        hRetval = m_pfnCryptCATAdminReleaseCatalogContext ? S_OK : GetLastErrorAsHResult();
    }

    if (SUCCEEDED(hRetval))
    {
        m_pfnWinVerifyTrust = reinterpret_cast<PFuncWinVerifyTrust>(GetProcAddress(m_hLibrary, "WinVerifyTrust"));

        hRetval = m_pfnWinVerifyTrust ? S_OK : GetLastErrorAsHResult();
    }

    return hRetval;
}