Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

1203 lines
29 KiB

  1. //+---------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows NT Security
  4. // Copyright (C) Microsoft Corporation, 1992 - 1999
  5. //
  6. // File: iih.cpp
  7. //
  8. // Contents: ACUI Invoke Info Helper class implementation
  9. //
  10. // History: 10-May-97 kirtd Created
  11. //
  12. //----------------------------------------------------------------------------
  13. #include <stdpch.h>
  14. #include "malloc.h"
  15. #include "sgnerror.h"
  16. //
  17. // Personal trust database interface id
  18. //
  19. extern "C" const GUID IID_IPersonalTrustDB = IID_IPersonalTrustDB_Data;
  20. //+---------------------------------------------------------------------------
  21. //
  22. // Member: CInvokeInfoHelper::CInvokeInfoHelper, public
  23. //
  24. // Synopsis: Constructor, initializes member variables from data found
  25. // in the invoke info data structure
  26. //
  27. // Arguments: [pInvokeInfo] -- invoke info
  28. // [rhr] -- result of construction
  29. //
  30. // Returns: (none)
  31. //
  32. // Notes:
  33. //
  34. //----------------------------------------------------------------------------
  35. CInvokeInfoHelper::CInvokeInfoHelper (
  36. PACUI_INVOKE_INFO pInvokeInfo,
  37. HRESULT& rhr
  38. )
  39. : m_pInvokeInfo ( pInvokeInfo ),
  40. m_pszSubject ( NULL ),
  41. m_pszPublisher ( NULL ),
  42. m_pszAdvancedLink ( NULL ),
  43. m_pszControlWebPage ( NULL ),
  44. m_pszCAWebPage ( NULL ),
  45. m_pszPublisherCertIssuer ( NULL ),
  46. m_pszErrorStatement ( NULL ),
  47. m_pszCertTimestamp ( NULL ),
  48. m_pszTestCertInChain ( NULL ),
  49. m_fKnownPublisher ( FALSE ),
  50. m_hModCVPA ( NULL ),
  51. m_pfnCVPA ( NULL )
  52. {
  53. //
  54. // Initialize the subject
  55. //
  56. rhr = InitSubject();
  57. //
  58. // if there's a test cert, format the text!
  59. //
  60. InitTestCertInChain();
  61. //
  62. // If we actually have a signature then ...
  63. //
  64. //
  65. // If we need an error statement, initialize it
  66. //
  67. if ( ( rhr == S_OK ) && ( pInvokeInfo->hrInvokeReason != S_OK ) )
  68. {
  69. rhr = InitErrorStatement();
  70. }
  71. if ( ( rhr == S_OK ) &&
  72. ( pInvokeInfo->hrInvokeReason != TRUST_E_NOSIGNATURE ) )
  73. {
  74. //
  75. // Initialize the publisher
  76. //
  77. rhr = InitPublisher();
  78. //
  79. // If we have a known publisher, then we initialize the publisher
  80. // cert issuer
  81. //
  82. if ( ( rhr == S_OK ) && ( m_fKnownPublisher == TRUE ) )
  83. {
  84. rhr = InitPublisherCertIssuer();
  85. }
  86. //
  87. // Initialize the timestamp string
  88. //
  89. if ( rhr == S_OK )
  90. {
  91. rhr = InitCertTimestamp();
  92. }
  93. //
  94. // initialize the "advanced link" text
  95. //
  96. InitAdvancedLink();
  97. //
  98. // initialize the Control's Web page link
  99. //
  100. InitControlWebPage();
  101. //
  102. // initialize the CA's Web page link
  103. //
  104. InitCAWebPage();
  105. }
  106. //
  107. // Initialize the CertViewProperties entry point
  108. //
  109. if ( rhr == S_OK )
  110. {
  111. InitCertViewPropertiesEntryPoint();
  112. }
  113. }
  114. //+---------------------------------------------------------------------------
  115. //
  116. // Member: CInvokeInfoHelper::~CInvokeInfoHelper, public
  117. //
  118. // Synopsis: Destructor, frees up member variables
  119. //
  120. // Arguments: (none)
  121. //
  122. // Returns: (none)
  123. //
  124. // Notes:
  125. //
  126. //----------------------------------------------------------------------------
  127. CInvokeInfoHelper::~CInvokeInfoHelper ()
  128. {
  129. DELETE_OBJECT(m_pszSubject);
  130. DELETE_OBJECT(m_pszPublisher);
  131. DELETE_OBJECT(m_pszPublisherCertIssuer);
  132. DELETE_OBJECT(m_pszAdvancedLink);
  133. DELETE_OBJECT(m_pszControlWebPage);
  134. DELETE_OBJECT(m_pszCAWebPage);
  135. DELETE_OBJECT(m_pszTestCertInChain);
  136. DELETE_OBJECT(m_pszCertTimestamp);
  137. DELETE_OBJECT(m_pszErrorStatement);
  138. if ( m_hModCVPA != NULL )
  139. {
  140. FreeLibrary(m_hModCVPA);
  141. }
  142. }
  143. //+---------------------------------------------------------------------------
  144. //
  145. // Member: CInvokeInfoHelper::AddPublisherToPersonalTrust, public
  146. //
  147. // Synopsis: adds the current publisher to the personal trust database
  148. //
  149. // Arguments: (none)
  150. //
  151. // Returns: hr == S_OK, publisher added to personal trust database
  152. // hr != S_OK, publisher NOT added to personal trust database
  153. //
  154. // Notes:
  155. //
  156. //----------------------------------------------------------------------------
  157. HRESULT
  158. CInvokeInfoHelper::AddPublisherToPersonalTrust ()
  159. {
  160. HRESULT hr = S_OK;
  161. IPersonalTrustDB* pTrustDB = NULL;
  162. //
  163. // Get the personal trust database interface
  164. //
  165. hr = m_pInvokeInfo->pPersonalTrustDB->QueryInterface(
  166. IID_IPersonalTrustDB,
  167. (LPVOID *)&pTrustDB
  168. );
  169. //
  170. // Add the publisher cert to the database
  171. //
  172. if ( hr == S_OK )
  173. {
  174. CRYPT_PROVIDER_SGNR *pSgnr;
  175. CRYPT_PROVIDER_CERT *pCert;
  176. if (pSgnr = WTHelperGetProvSignerFromChain(ProviderData(), 0, FALSE, 0))
  177. {
  178. if (pCert = WTHelperGetProvCertFromChain(pSgnr, 0))
  179. {
  180. hr = pTrustDB->AddTrustCert(
  181. pCert->pCert,
  182. 0,
  183. FALSE
  184. );
  185. }
  186. }
  187. pTrustDB->Release();
  188. }
  189. return( hr );
  190. }
  191. //+---------------------------------------------------------------------------
  192. //
  193. // Member: CInvokeInfoHelper::GetUIControl, public
  194. //
  195. // Synopsis: gets the UI control
  196. //
  197. // Arguments: [ppUI] -- UI returned here
  198. //
  199. // Returns: S_OK for success, any other valid HRESULT otherwise
  200. //
  201. // Notes:
  202. //
  203. //----------------------------------------------------------------------------
  204. HRESULT
  205. CInvokeInfoHelper::GetUIControl (IACUIControl** ppUI)
  206. {
  207. HRESULT hr = S_OK;
  208. IACUIControl* pUI = NULL;
  209. //
  210. // Get the right UI control
  211. //
  212. switch (m_pInvokeInfo->hrInvokeReason)
  213. {
  214. case S_OK:
  215. pUI = new CVerifiedTrustUI(*this, hr);
  216. break;
  217. case CERT_E_EXPIRED:
  218. case CERT_E_PURPOSE:
  219. case CERT_E_WRONG_USAGE:
  220. case CERT_E_CN_NO_MATCH:
  221. case CERT_E_INVALID_NAME:
  222. case CERT_E_INVALID_POLICY:
  223. case CERT_E_REVOCATION_FAILURE:
  224. case CRYPT_E_NO_REVOCATION_CHECK:
  225. case CRYPT_E_REVOCATION_OFFLINE:
  226. pUI = new CUnverifiedTrustUI(*this, hr);
  227. break;
  228. #if (0)
  229. case CRYPT_E_FILE_ERROR:
  230. case TRUST_E_PROVIDER_UNKNOWN:
  231. case TRUST_E_SUBJECT_FORM_UNKNOWN:
  232. case TRUST_E_NOSIGNATURE:
  233. case CERT_E_CHAINING:
  234. case CERT_E_UNTRUSTEDROOT:
  235. case CERT_E_UNTRUSTEDTESTROOT:
  236. #endif
  237. default:
  238. pUI = new CNoSignatureUI(*this, hr);
  239. break;
  240. }
  241. //
  242. // Set the out parameter and return value
  243. //
  244. if ( ( pUI != NULL ) && ( hr == S_OK ) )
  245. {
  246. *ppUI = pUI;
  247. }
  248. else if ( pUI == NULL )
  249. {
  250. hr = E_OUTOFMEMORY;
  251. }
  252. else
  253. {
  254. delete pUI;
  255. }
  256. return( hr );
  257. }
  258. //+---------------------------------------------------------------------------
  259. //
  260. // Member: CInvokeInfoHelper::ReleaseUIControl, public
  261. //
  262. // Synopsis: frees the UI control
  263. //
  264. // Arguments: [pUI] -- UI control
  265. //
  266. // Returns: (none)
  267. //
  268. // Notes:
  269. //
  270. //----------------------------------------------------------------------------
  271. VOID
  272. CInvokeInfoHelper::ReleaseUIControl (IACUIControl* pUI)
  273. {
  274. delete pUI;
  275. }
  276. VOID CInvokeInfoHelper::InitControlWebPage ()
  277. {
  278. WCHAR *pwsz;
  279. if (!(m_pInvokeInfo->pOpusInfo))
  280. {
  281. return;
  282. }
  283. if (!(m_pInvokeInfo->pOpusInfo->pMoreInfo))
  284. {
  285. return;
  286. }
  287. pwsz = GetGoLink(m_pInvokeInfo->pOpusInfo->pMoreInfo);
  288. if (!(pwsz))
  289. {
  290. return;
  291. }
  292. m_pszControlWebPage = new WCHAR[wcslen(pwsz) + 1];
  293. if (m_pszControlWebPage != NULL)
  294. {
  295. wcscpy(m_pszControlWebPage, pwsz);
  296. }
  297. }
  298. VOID CInvokeInfoHelper::InitCAWebPage ()
  299. {
  300. //
  301. // until IE submits.... don't do it!
  302. //
  303. return;
  304. WCHAR *pwsz;
  305. DWORD cb;
  306. CRYPT_PROVIDER_SGNR *pSgnr;
  307. CRYPT_PROVIDER_CERT *pCert;
  308. SPC_SP_AGENCY_INFO *pAgencyInfo;
  309. if (!(pSgnr = WTHelperGetProvSignerFromChain(ProviderData(), 0, FALSE, 0)))
  310. {
  311. return;
  312. }
  313. if (!(pCert = WTHelperGetProvCertFromChain(pSgnr, 0))) // try the publisher's cert first!
  314. {
  315. return;
  316. }
  317. cb = 0;
  318. WTHelperGetAgencyInfo(pCert->pCert, &cb, NULL);
  319. if (cb < 1)
  320. {
  321. if (!(pCert = WTHelperGetProvCertFromChain(pSgnr, 1))) // try the issuer's next
  322. {
  323. return;
  324. }
  325. cb = 0;
  326. WTHelperGetAgencyInfo(pCert->pCert, &cb, NULL);
  327. if (cb < 1)
  328. {
  329. return;
  330. }
  331. }
  332. if (!(pAgencyInfo = (SPC_SP_AGENCY_INFO *)new BYTE[cb]))
  333. {
  334. return;
  335. }
  336. if (!(WTHelperGetAgencyInfo(pCert->pCert, &cb, pAgencyInfo)))
  337. {
  338. delete pAgencyInfo;
  339. return;
  340. }
  341. pwsz = GetGoLink(pAgencyInfo->pPolicyInformation);
  342. m_pszCAWebPage = new WCHAR[wcslen(pwsz) + 1];
  343. if (m_pszCAWebPage != NULL)
  344. {
  345. wcscpy(m_pszCAWebPage, pwsz);
  346. }
  347. delete pAgencyInfo;
  348. }
  349. //+---------------------------------------------------------------------------
  350. //
  351. // Member: CInvokeInfoHelper::InitSubject, private
  352. //
  353. // Synopsis: Initialize m_pszSubject
  354. //
  355. // Arguments: (none)
  356. //
  357. // Returns: hr == S_OK, initialize succeeded
  358. // hr != S_OK, initialize failed
  359. //
  360. // Notes:
  361. //
  362. //----------------------------------------------------------------------------
  363. HRESULT
  364. CInvokeInfoHelper::InitSubject ()
  365. {
  366. HRESULT hr = S_OK;
  367. LPCWSTR pwszSubject = NULL;
  368. //
  369. // Find out what we will use as the subject name
  370. //
  371. if ( ( m_pInvokeInfo->pOpusInfo != NULL ) &&
  372. ( m_pInvokeInfo->pOpusInfo->pwszProgramName != NULL ) )
  373. {
  374. pwszSubject = m_pInvokeInfo->pOpusInfo->pwszProgramName;
  375. }
  376. else
  377. {
  378. pwszSubject = m_pInvokeInfo->pwcsAltDisplayName;
  379. }
  380. //
  381. // At this point we must have a valid subject name
  382. //
  383. assert( pwszSubject != NULL );
  384. //
  385. // Fill in the subject member by converting the one we found from
  386. // UNICODE to MBS
  387. //
  388. m_pszSubject = new WCHAR[wcslen(pwszSubject) + 1];
  389. if ( m_pszSubject != NULL )
  390. {
  391. wcscpy(m_pszSubject, pwszSubject);
  392. }
  393. else
  394. {
  395. hr = E_OUTOFMEMORY;
  396. }
  397. return( hr );
  398. }
  399. VOID
  400. CInvokeInfoHelper::InitTestCertInChain ()
  401. {
  402. WCHAR szTestCertInChain[MAX_LOADSTRING_BUFFER + 1];
  403. if (IsTestCertInPublisherChain())
  404. {
  405. if ( LoadStringU(
  406. g_hModule,
  407. IDS_TESTCERTINCHAIN,
  408. szTestCertInChain,
  409. MAX_LOADSTRING_BUFFER
  410. ) == 0 )
  411. {
  412. return;
  413. }
  414. m_pszTestCertInChain = new WCHAR[wcslen(szTestCertInChain) + 1];
  415. if (m_pszTestCertInChain != NULL)
  416. {
  417. wcscpy(m_pszTestCertInChain, szTestCertInChain);
  418. }
  419. }
  420. }
  421. VOID
  422. CInvokeInfoHelper::InitAdvancedLink ()
  423. {
  424. ULONG cbAL;
  425. if ((ProviderData()) &&
  426. (WVT_IS_CBSTRUCT_GT_MEMBEROFFSET(CRYPT_PROVIDER_FUNCTIONS, ProviderData()->psPfns->cbStruct, psUIpfns)) &&
  427. (ProviderData()->psPfns->psUIpfns) &&
  428. (ProviderData()->psPfns->psUIpfns->psUIData) &&
  429. (ProviderData()->psPfns->psUIpfns->psUIData->pAdvancedLinkText))
  430. {
  431. m_pszAdvancedLink = new WCHAR[wcslen(ProviderData()->psPfns->psUIpfns->psUIData->pAdvancedLinkText) + 1];
  432. if (m_pszAdvancedLink != NULL)
  433. {
  434. wcscpy(m_pszAdvancedLink, ProviderData()->psPfns->psUIpfns->psUIData->pAdvancedLinkText);
  435. }
  436. }
  437. }
  438. //+---------------------------------------------------------------------------
  439. //
  440. // Member: CInvokeInfoHelper::InitPublisher, private
  441. //
  442. // Synopsis: Initialize m_pszPublisher
  443. //
  444. // Arguments: (none)
  445. //
  446. // Returns: hr == S_OK, initialize succeeded
  447. // hr != S_OK, initialize failed
  448. //
  449. // Notes:
  450. //
  451. //----------------------------------------------------------------------------
  452. HRESULT
  453. CInvokeInfoHelper::InitPublisher ()
  454. {
  455. HRESULT hr = S_OK;
  456. ULONG cchPublisher;
  457. LPWSTR pwszPublisher = NULL;
  458. WCHAR szPublisher[MAX_LOADSTRING_BUFFER];
  459. //
  460. // Load the unknown publisher string
  461. //
  462. if ( LoadStringU(
  463. g_hModule,
  464. IDS_UNKNOWNPUBLISHER,
  465. szPublisher,
  466. MAX_LOADSTRING_BUFFER
  467. ) == 0 )
  468. {
  469. return( HRESULT_FROM_WIN32(GetLastError()) );
  470. }
  471. //
  472. // Since the publisher is the subject of the signer certificate, we try to
  473. // find the publisher name in the common name extensions of that cert
  474. //
  475. CRYPT_PROVIDER_SGNR *pSgnr;
  476. CRYPT_PROVIDER_CERT *pCert;
  477. if (pSgnr = WTHelperGetProvSignerFromChain(ProviderData(), 0, FALSE, 0))
  478. {
  479. if (pCert = WTHelperGetProvCertFromChain(pSgnr, 0))
  480. {
  481. cchPublisher = CertGetNameStringW(pCert->pCert, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, NULL, NULL, 0);
  482. if (cchPublisher > 1)
  483. {
  484. pwszPublisher = new WCHAR[cchPublisher];
  485. if ( pwszPublisher == NULL )
  486. {
  487. return (E_OUTOFMEMORY);
  488. }
  489. cchPublisher = CertGetNameStringW(pCert->pCert, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, NULL,
  490. pwszPublisher, cchPublisher);
  491. }
  492. }
  493. }
  494. //
  495. // If we still don't have a publisher, use the unknown publisher string
  496. //
  497. if ( pwszPublisher == NULL )
  498. {
  499. m_fKnownPublisher = FALSE;
  500. cchPublisher = wcslen(szPublisher) + 1;
  501. }
  502. else
  503. {
  504. m_fKnownPublisher = TRUE;
  505. cchPublisher = wcslen(pwszPublisher) + 1;
  506. }
  507. //
  508. // Fill in the publisher member by converting from UNICODE to MBS
  509. // or by copying the unknown publisher string
  510. //
  511. m_pszPublisher = new WCHAR[cchPublisher];
  512. if ( m_pszPublisher != NULL )
  513. {
  514. if ( m_fKnownPublisher == FALSE )
  515. {
  516. wcscpy(m_pszPublisher, szPublisher);
  517. }
  518. else
  519. {
  520. wcscpy(m_pszPublisher, pwszPublisher);
  521. }
  522. }
  523. else
  524. {
  525. hr = E_OUTOFMEMORY;
  526. }
  527. if ( pwszPublisher != NULL )
  528. {
  529. delete[] pwszPublisher;
  530. }
  531. return( hr );
  532. }
  533. //+---------------------------------------------------------------------------
  534. //
  535. // Member: CInvokeInfoHelper::InitPublisherCertIssuer, private
  536. //
  537. // Synopsis: Initialize m_pszPublisherCertIssuer
  538. //
  539. // Arguments: (none)
  540. //
  541. // Returns: hr == S_OK, initialize succeeded
  542. // hr != S_OK, initialize failed
  543. //
  544. // Notes:
  545. //
  546. //----------------------------------------------------------------------------
  547. HRESULT
  548. CInvokeInfoHelper::InitPublisherCertIssuer ()
  549. {
  550. HRESULT hr = S_OK;
  551. ULONG cchCertIssuer;
  552. LPWSTR pwszCertIssuer = NULL;
  553. WCHAR szCertIssuer[MAX_LOADSTRING_BUFFER];
  554. BOOL fKnownCertIssuer;
  555. //
  556. // Load the unknown cert issuer string
  557. //
  558. if ( LoadStringU(
  559. g_hModule,
  560. IDS_UNKNOWNPUBLISHERCERTISSUER,
  561. szCertIssuer,
  562. MAX_LOADSTRING_BUFFER
  563. ) == 0 )
  564. {
  565. return( HRESULT_FROM_WIN32(GetLastError()) );
  566. }
  567. //
  568. // Since the publisher cert issuer is the issuer of the signer certificate,
  569. // we try to find the name in the RDN attributes of the cert issuer
  570. //
  571. CRYPT_PROVIDER_SGNR *pSgnr;
  572. CRYPT_PROVIDER_CERT *pCert;
  573. if (pSgnr = WTHelperGetProvSignerFromChain(ProviderData(), 0, FALSE, 0))
  574. {
  575. if (pCert = WTHelperGetProvCertFromChain(pSgnr, 0))
  576. {
  577. cchCertIssuer = CertGetNameStringW(pCert->pCert, CERT_NAME_SIMPLE_DISPLAY_TYPE, CERT_NAME_ISSUER_FLAG, NULL,
  578. NULL, 0);
  579. if (cchCertIssuer > 1)
  580. {
  581. pwszCertIssuer = new WCHAR[cchCertIssuer];
  582. if ( pwszCertIssuer == NULL)
  583. {
  584. return (E_OUTOFMEMORY);
  585. }
  586. cchCertIssuer = CertGetNameStringW(pCert->pCert, CERT_NAME_SIMPLE_DISPLAY_TYPE, CERT_NAME_ISSUER_FLAG, NULL,
  587. pwszCertIssuer, cchCertIssuer);
  588. }
  589. }
  590. }
  591. //
  592. // If we still don't have a name, we set the unknown issuer string
  593. //
  594. if ( pwszCertIssuer == NULL )
  595. {
  596. fKnownCertIssuer = FALSE;
  597. cchCertIssuer = wcslen(szCertIssuer) + 1;
  598. }
  599. else
  600. {
  601. fKnownCertIssuer = TRUE;
  602. cchCertIssuer = wcslen(pwszCertIssuer) + 1;
  603. }
  604. //
  605. // Fill in the publisher cert issuer member by converting from UNICODE
  606. // to MBS or by copying the unknown issuer string
  607. //
  608. m_pszPublisherCertIssuer = new WCHAR[cchCertIssuer];
  609. if ( m_pszPublisherCertIssuer != NULL )
  610. {
  611. if ( fKnownCertIssuer == FALSE )
  612. {
  613. wcscpy(m_pszPublisherCertIssuer, szCertIssuer);
  614. }
  615. else
  616. {
  617. wcscpy(m_pszPublisherCertIssuer, pwszCertIssuer);
  618. }
  619. }
  620. else
  621. {
  622. hr = E_OUTOFMEMORY;
  623. }
  624. if ( pwszCertIssuer != NULL )
  625. {
  626. delete[] pwszCertIssuer;
  627. }
  628. return( hr );
  629. }
  630. //+---------------------------------------------------------------------------
  631. //
  632. // Member: CInvokeInfoHelper::InitErrorStatement, private
  633. //
  634. // Synopsis: Initialize m_pszErrorStatement
  635. //
  636. // Arguments: (none)
  637. //
  638. // Returns: hr == S_OK, initialize succeeded
  639. // hr != S_OK, initialize failed
  640. //
  641. // Notes:
  642. //
  643. //----------------------------------------------------------------------------
  644. HRESULT
  645. CInvokeInfoHelper::InitErrorStatement ()
  646. {
  647. return( ACUIMapErrorToString(
  648. m_pInvokeInfo->hrInvokeReason,
  649. &m_pszErrorStatement
  650. ) );
  651. }
  652. //+---------------------------------------------------------------------------
  653. //
  654. // Member: CInvokeInfoHelper::InitCertTimestamp, public
  655. //
  656. // Synopsis: initialize the certificate timestamp string
  657. //
  658. //----------------------------------------------------------------------------
  659. HRESULT
  660. CInvokeInfoHelper::InitCertTimestamp ()
  661. {
  662. HRESULT hr = S_OK;
  663. WCHAR szCertTimestamp[MAX_LOADSTRING_BUFFER];
  664. FILETIME ftTimestamp;
  665. SYSTEMTIME stTimestamp;
  666. //
  667. // Get the time stamp
  668. //
  669. // TBDTBD: change to a loop!!!! pberkman
  670. CRYPT_PROVIDER_SGNR *pSgnr;
  671. CRYPT_PROVIDER_SGNR *pTimeSgnr;
  672. if ((pTimeSgnr =
  673. WTHelperGetProvSignerFromChain(ProviderData(), 0, TRUE, 0)) &&
  674. (pTimeSgnr->dwSignerType & SGNR_TYPE_TIMESTAMP) &&
  675. (pSgnr = WTHelperGetProvSignerFromChain(ProviderData(), 0, FALSE, 0)))
  676. {
  677. // convert UTC to local
  678. FileTimeToLocalFileTime(&pSgnr->sftVerifyAsOf, &ftTimestamp);
  679. // make it system format
  680. FileTimeToSystemTime(&ftTimestamp, &stTimestamp);
  681. m_pszCertTimestamp = GetFormattedCertTimestamp(&stTimestamp);
  682. if ( m_pszCertTimestamp == NULL )
  683. {
  684. hr = E_OUTOFMEMORY;
  685. }
  686. }
  687. else
  688. {
  689. m_pszCertTimestamp = NULL;
  690. }
  691. return( hr );
  692. }
  693. //+---------------------------------------------------------------------------
  694. //
  695. // Member: CInvokeInfoHelper::InitCertViewPropertiesEntryPoint, public
  696. //
  697. // Synopsis: initialize the cert view properties entry point
  698. //
  699. // Arguments: (none)
  700. //
  701. // Returns: (none)
  702. //
  703. // Notes:
  704. //
  705. //----------------------------------------------------------------------------
  706. VOID
  707. CInvokeInfoHelper::InitCertViewPropertiesEntryPoint ()
  708. {
  709. m_hModCVPA = LoadLibraryA(CVP_DLL);
  710. if ( m_hModCVPA != NULL )
  711. {
  712. m_pfnCVPA = (pfnCertViewProperties)GetProcAddress(m_hModCVPA, CVP_FUNC_NAME);
  713. }
  714. }
  715. //+---------------------------------------------------------------------------
  716. //
  717. // Member: CInvokeInfoHelper::GetFormattedCertTimestamp, public
  718. //
  719. // Synopsis: gets the formatted cert timestamp string which will be
  720. // allocated using the new operator
  721. //
  722. //----------------------------------------------------------------------------
  723. LPWSTR
  724. CInvokeInfoHelper::GetFormattedCertTimestamp (LPSYSTEMTIME pst)
  725. {
  726. LPWSTR psz;
  727. int cDate;
  728. int cTime;
  729. if ( ( cDate = GetDateFormatU(
  730. LOCALE_USER_DEFAULT,
  731. DATE_SHORTDATE,
  732. pst,
  733. NULL,
  734. NULL,
  735. 0
  736. ) ) == 0 )
  737. {
  738. return( NULL );
  739. }
  740. cDate--;
  741. if ( ( cTime = GetTimeFormatU(
  742. LOCALE_USER_DEFAULT,
  743. TIME_NOSECONDS,
  744. pst,
  745. NULL,
  746. NULL,
  747. 0
  748. ) ) == 0 )
  749. {
  750. return( NULL );
  751. }
  752. cTime--;
  753. psz = new WCHAR [ cDate + cTime + 2 ];
  754. if ( psz == NULL )
  755. {
  756. return( NULL );
  757. }
  758. if ( GetDateFormatU(
  759. LOCALE_USER_DEFAULT,
  760. DATE_SHORTDATE,
  761. pst,
  762. NULL,
  763. psz,
  764. cDate + 1
  765. ) == 0 )
  766. {
  767. delete[] psz;
  768. return( NULL );
  769. }
  770. psz[cDate] = L' ';
  771. if ( GetTimeFormatU(
  772. LOCALE_USER_DEFAULT,
  773. TIME_NOSECONDS,
  774. pst,
  775. NULL,
  776. &psz[cDate+1],
  777. cTime + 1
  778. ) == 0 )
  779. {
  780. delete[] psz;
  781. return( NULL );
  782. }
  783. return( psz );
  784. }
  785. //+---------------------------------------------------------------------------
  786. //
  787. // Member: CInvokeInfoHelper::IsTestCertInChain, public
  788. //
  789. // Synopsis: is there a test cert in the publisher's chain
  790. //
  791. //----------------------------------------------------------------------------
  792. BOOL
  793. CInvokeInfoHelper::IsTestCertInPublisherChain ()
  794. {
  795. ULONG cCount;
  796. CRYPT_PROVIDER_SGNR *pSgnr;
  797. CRYPT_PROVIDER_CERT *pCert;
  798. if (pSgnr = WTHelperGetProvSignerFromChain(ProviderData(), 0, FALSE, 0))
  799. {
  800. for (cCount = 0; cCount < pSgnr->csCertChain; cCount++)
  801. {
  802. if (pCert = WTHelperGetProvCertFromChain(pSgnr, cCount))
  803. {
  804. if (pCert->fTestCert)
  805. {
  806. return(TRUE);
  807. }
  808. }
  809. }
  810. }
  811. return(FALSE);
  812. }
  813. //+---------------------------------------------------------------------------
  814. //
  815. // Function: ACUIMapErrorToString
  816. //
  817. // Synopsis: maps error to string
  818. //
  819. // Arguments: [hr] -- error
  820. // [ppsz] -- error string goes here
  821. //
  822. // Returns: S_OK if successful, any valid HRESULT otherwise
  823. //
  824. //----------------------------------------------------------------------------
  825. HRESULT ACUIMapErrorToString (HRESULT hr, LPWSTR* ppsz)
  826. {
  827. UINT ResourceId = 0;
  828. WCHAR psz[MAX_LOADSTRING_BUFFER];
  829. //
  830. // See if it maps to some non system error code
  831. //
  832. switch (hr)
  833. {
  834. case TRUST_E_SYSTEM_ERROR:
  835. case ERROR_NOT_ENOUGH_MEMORY:
  836. case ERROR_INVALID_PARAMETER:
  837. //
  838. // leave the resourceid zero... these will be mapped to
  839. // IDS_SPC_UNKNOWN and the error code displayed.
  840. //
  841. break;
  842. case CRYPT_E_FILE_ERROR:
  843. ResourceId = IDS_FILE_NOT_FOUND;
  844. break;
  845. case TRUST_E_PROVIDER_UNKNOWN:
  846. ResourceId = IDS_SPC_PROVIDER;
  847. break;
  848. case TRUST_E_SUBJECT_FORM_UNKNOWN:
  849. ResourceId = IDS_SPC_SUBJECT;
  850. break;
  851. case TRUST_E_NOSIGNATURE:
  852. ResourceId = IDS_SPC_NO_SIGNATURE;
  853. break;
  854. case CRYPT_E_BAD_MSG:
  855. ResourceId = IDS_SPC_BAD_SIGNATURE;
  856. break;
  857. case TRUST_E_BAD_DIGEST:
  858. ResourceId = IDS_SPC_BAD_FILE_DIGEST;
  859. break;
  860. case CRYPT_E_NO_SIGNER:
  861. ResourceId = IDS_SPC_NO_VALID_SIGNER;
  862. break;
  863. case TRUST_E_NO_SIGNER_CERT:
  864. ResourceId = IDS_SPC_SIGNER_CERT;
  865. break;
  866. case TRUST_E_COUNTER_SIGNER:
  867. ResourceId = IDS_SPC_VALID_COUNTERSIGNER;
  868. break;
  869. case CERT_E_EXPIRED:
  870. ResourceId = IDS_SPC_CERT_EXPIRED;
  871. break;
  872. case TRUST_E_CERT_SIGNATURE:
  873. ResourceId = IDS_SPC_CERT_SIGNATURE;
  874. break;
  875. case CERT_E_CHAINING:
  876. ResourceId = IDS_SPC_CHAINING;
  877. break;
  878. case CERT_E_UNTRUSTEDROOT:
  879. ResourceId = IDS_SPC_UNTRUSTED_ROOT;
  880. break;
  881. case CERT_E_UNTRUSTEDTESTROOT:
  882. ResourceId = IDS_SPC_UNTRUSTED_TEST_ROOT;
  883. break;
  884. case CERT_E_VALIDITYPERIODNESTING:
  885. ResourceId = IDS_SPC_INVALID_CERT_NESTING;
  886. break;
  887. case CERT_E_PURPOSE:
  888. ResourceId = IDS_SPC_INVALID_PURPOSE;
  889. break;
  890. case TRUST_E_BASIC_CONSTRAINTS:
  891. ResourceId = IDS_SPC_INVALID_BASIC_CONSTRAINTS;
  892. break;
  893. case TRUST_E_FINANCIAL_CRITERIA:
  894. ResourceId = IDS_SPC_INVALID_FINANCIAL;
  895. break;
  896. case TRUST_E_TIME_STAMP:
  897. ResourceId = IDS_SPC_TIMESTAMP;
  898. break;
  899. case CERT_E_REVOKED:
  900. ResourceId = IDS_SPC_CERT_REVOKED;
  901. break;
  902. case CERT_E_REVOCATION_FAILURE:
  903. ResourceId = IDS_SPC_REVOCATION_ERROR;
  904. break;
  905. case CRYPT_E_SECURITY_SETTINGS:
  906. ResourceId = IDS_SPC_SECURITY_SETTINGS;
  907. break;
  908. case CERT_E_MALFORMED:
  909. ResourceId = IDS_SPC_INVALID_EXTENSION;
  910. break;
  911. case CERT_E_WRONG_USAGE:
  912. ResourceId = IDS_WRONG_USAGE;
  913. break;
  914. }
  915. //
  916. // If it does, load the string out of our resource string tables and
  917. // return that. Otherwise, try to format the message from the system
  918. //
  919. DWORD_PTR MessageArgument;
  920. CHAR szError[13]; // for good luck
  921. WCHAR wszError[13]; // for good luck
  922. LPVOID pvMsg;
  923. pvMsg = NULL;
  924. if ( ResourceId != 0 )
  925. {
  926. if ( LoadStringU(
  927. g_hModule,
  928. ResourceId,
  929. psz,
  930. MAX_LOADSTRING_BUFFER
  931. ) == 0 )
  932. {
  933. return( HRESULT_FROM_WIN32(GetLastError()) );
  934. }
  935. *ppsz = new WCHAR[wcslen(psz) + 1];
  936. if ( *ppsz != NULL )
  937. {
  938. wcscpy(*ppsz, psz);
  939. }
  940. else
  941. {
  942. return( E_OUTOFMEMORY );
  943. }
  944. }
  945. else if ( ( hr >= 0x80093000 ) && ( hr <= 0x80093999 ) )
  946. {
  947. if ( LoadStringU(
  948. g_hModule,
  949. IDS_SPC_OSS_ERROR,
  950. psz,
  951. MAX_LOADSTRING_BUFFER
  952. ) == 0 )
  953. {
  954. return( HRESULT_FROM_WIN32(GetLastError()) );
  955. }
  956. sprintf(szError, "%lx", hr);
  957. MultiByteToWideChar(0, 0, szError, -1, &wszError[0], 13);
  958. MessageArgument = (DWORD_PTR)wszError;
  959. if ( FormatMessageU(
  960. FORMAT_MESSAGE_ALLOCATE_BUFFER |
  961. FORMAT_MESSAGE_FROM_STRING |
  962. FORMAT_MESSAGE_ARGUMENT_ARRAY,
  963. psz,
  964. 0,
  965. 0,
  966. (LPWSTR)&pvMsg,
  967. 0,
  968. (va_list *)&MessageArgument
  969. ) == 0 )
  970. {
  971. return( HRESULT_FROM_WIN32(GetLastError()) );
  972. }
  973. }
  974. else
  975. {
  976. if ( FormatMessageU(
  977. FORMAT_MESSAGE_ALLOCATE_BUFFER |
  978. FORMAT_MESSAGE_IGNORE_INSERTS |
  979. FORMAT_MESSAGE_FROM_SYSTEM,
  980. NULL,
  981. hr,
  982. 0,
  983. (LPWSTR)&pvMsg,
  984. 0,
  985. NULL
  986. ) == 0 )
  987. {
  988. if ( LoadStringU(
  989. g_hModule,
  990. IDS_SPC_UNKNOWN,
  991. psz,
  992. MAX_LOADSTRING_BUFFER
  993. ) == 0 )
  994. {
  995. return( HRESULT_FROM_WIN32(GetLastError()) );
  996. }
  997. sprintf(szError, "%lx", hr);
  998. MultiByteToWideChar(0, 0, szError, -1, &wszError[0], 13);
  999. MessageArgument = (DWORD_PTR)wszError;
  1000. if ( FormatMessageU(
  1001. FORMAT_MESSAGE_ALLOCATE_BUFFER |
  1002. FORMAT_MESSAGE_FROM_STRING |
  1003. FORMAT_MESSAGE_ARGUMENT_ARRAY,
  1004. psz,
  1005. 0,
  1006. 0,
  1007. (LPWSTR)&pvMsg,
  1008. 0,
  1009. (va_list *)&MessageArgument
  1010. ) == 0 )
  1011. {
  1012. return( HRESULT_FROM_WIN32(GetLastError()) );
  1013. }
  1014. }
  1015. }
  1016. if (pvMsg)
  1017. {
  1018. *ppsz = new WCHAR[wcslen((WCHAR *)pvMsg) + 1];
  1019. if (*ppsz)
  1020. {
  1021. wcscpy(*ppsz, (WCHAR *)pvMsg);
  1022. }
  1023. LocalFree(pvMsg);
  1024. }
  1025. return( S_OK );
  1026. }