|
|
/*++
Copyright (c) 2001 Microsoft CorporationAll rights reserved
Module Name:
ssp.cxx
Abstract:
This file wraps around wintrust functions.
Author:
Larry Zhu (LZhu) 6-Apr-2001 Created.
Environment:
User Mode -Win32
Revision History:
Robert Orleth (ROrleth) 7-Apr-2001 Contributed the following APIs: AddCatalogDirect
--*/
#include "precomp.h"
#pragma hdrstop
#include "ssp.hxx"
TSSP::TSSP( VOID ) : m_hLibrary(NULL), m_pfnCryptCATAdminAcquireContext(NULL), m_pfnCryptCATAdminAddCatalog(NULL), m_pfnCryptCATAdminReleaseCatalogContext(NULL), m_pfnCryptCATAdminReleaseContext(NULL), m_pfnWinVerifyTrust(NULL), m_hr(E_FAIL){ m_hr = Initialize();}
TSSP::~TSSP( VOID ){ if (m_hLibrary) { (void)FreeLibrary(m_hLibrary); }}
HRESULTTSSP::IsValid( VOID ) const{ return m_hr;}
/*++
Routine Name:
AddCatalogDirect
Routine Description:
This routine installs a catalog file, this routine must run with Admin privilege.
Arguments:
pszCatalogFullPath - Supplies the fully-qualified win32 path of the catalog to be installed on the system pszCatNameOnSystem - Catalog name used under CatRoot
Return Value: An HRESULT --*/HRESULTTSSP::AddCatalogDirect( IN PCWSTR pszCatalogFullPath, IN PCWSTR pszCatNameOnSystem OPTIONAL ){ HRESULT hRetval = E_FAIL; GUID guidDriver = DRIVER_ACTION_VERIFY; HCATINFO hCatInfo = NULL; HCATADMIN hCatAdmin = NULL;
hRetval = pszCatalogFullPath ? S_OK : E_INVALIDARG;
if (SUCCEEDED(hRetval)) { hRetval = m_pfnCryptCATAdminAcquireContext(&hCatAdmin, &guidDriver, 0) ? S_OK : GetLastErrorAsHResultAndFail(); }
if (SUCCEEDED(hRetval)) { hCatInfo = m_pfnCryptCATAdminAddCatalog(hCatAdmin, const_cast<PWSTR>(pszCatalogFullPath), const_cast<PWSTR>(pszCatNameOnSystem), 0); hRetval = hCatInfo ? S_OK : GetLastErrorAsHResultAndFail(); }
if (SUCCEEDED(hRetval)) { (void)m_pfnCryptCATAdminReleaseCatalogContext(hCatAdmin, hCatInfo, 0); }
if (hCatAdmin) { (void)m_pfnCryptCATAdminReleaseContext(hCatAdmin, 0); } return hRetval;}
/*++
Routine Name:
VerifyCatalog
Routine Description:
This routine verifies a single catalog file. A catalog file is "self-verifying" in that there is no additional file or data required to verify it.
Arguments:
pszCatalogFullPath - Supplies the fully-qualified Win32 path of the catalog file to be verified
Return Value:
An HRESULT --*/HRESULTTSSP::VerifyCatalog( IN PCWSTR pszCatalogFullPath ){ HRESULT hRetval = E_FAIL; GUID DriverVerifyGuid = DRIVER_ACTION_VERIFY; WINTRUST_DATA WintrustData = {0}; WINTRUST_FILE_INFO WintrustFileInfo = {0};
hRetval = pszCatalogFullPath ? S_OK : E_INVALIDARG; if (SUCCEEDED(hRetval)) { WintrustFileInfo.cbStruct = sizeof(WINTRUST_FILE_INFO); WintrustFileInfo.pcwszFilePath = pszCatalogFullPath; WintrustData.cbStruct = sizeof(WINTRUST_DATA); WintrustData.dwUIChoice = WTD_UI_NONE; WintrustData.fdwRevocationChecks = WTD_REVOKE_NONE; WintrustData.dwUnionChoice = WTD_CHOICE_FILE; WintrustData.pFile = &WintrustFileInfo; WintrustData.dwProvFlags = WTD_REVOCATION_CHECK_NONE; //
// WinVerifyTrust uses INVALID_HANDLE_VALUE as hwnd handle for
// non-interactive operations. Do NOT pass a NULL as hwnd, since that
// will cause the trust provider to interact with users using the
// interactive desktop! Refer to SDK for details
//
hRetval = m_pfnWinVerifyTrust(INVALID_HANDLE_VALUE, &DriverVerifyGuid, &WintrustData); }
return hRetval;}
/******************************************************************************
Private Methods ******************************************************************************/ /*++
Routine Name:
Initialize
Routine Description:
Load the system restore library and get the addresses of ssp functions.
Arguments:
None
Return Value:
An HRESULT
--*/HRESULTTSSP::Initialize( VOID ){ HRESULT hRetval = E_FAIL;
m_hLibrary = LoadLibrary(L"wintrust.dll");
hRetval = m_hLibrary ? S_OK : GetLastErrorAsHResult();
if (SUCCEEDED(hRetval)) { m_pfnCryptCATAdminAcquireContext = reinterpret_cast<PFuncCryptCATAdminAcquireContext>(GetProcAddress(m_hLibrary, "CryptCATAdminAcquireContext"));
hRetval = m_pfnCryptCATAdminAddCatalog ? S_OK : GetLastErrorAsHResult(); }
if (SUCCEEDED(hRetval)) { m_pfnCryptCATAdminAddCatalog = reinterpret_cast<PFuncCryptCATAdminAddCatalog>(GetProcAddress(m_hLibrary, "CryptCATAdminAddCatalog")); hRetval = m_pfnCryptCATAdminAddCatalog ? S_OK : GetLastErrorAsHResult(); }
if (SUCCEEDED(hRetval)) { m_pfnCryptCATAdminReleaseContext = reinterpret_cast<PFuncCryptCATAdminReleaseContext>(GetProcAddress(m_hLibrary, "CryptCATAdminReleaseContext")); hRetval = m_pfnCryptCATAdminReleaseContext ? S_OK : GetLastErrorAsHResult(); } if (SUCCEEDED(hRetval)) { m_pfnCryptCATAdminReleaseCatalogContext = reinterpret_cast<PFuncCryptCATAdminReleaseCatalogContext>(GetProcAddress(m_hLibrary, "CryptCATAdminReleaseCatalogContext")); hRetval = m_pfnCryptCATAdminReleaseCatalogContext ? S_OK : GetLastErrorAsHResult(); } if (SUCCEEDED(hRetval)) { m_pfnWinVerifyTrust = reinterpret_cast<PFuncWinVerifyTrust>(GetProcAddress(m_hLibrary, "WinVerifyTrust")); hRetval = m_pfnWinVerifyTrust ? S_OK : GetLastErrorAsHResult(); } return hRetval;}
|
