archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/enduser/windows.com/inc/trust.h

123 lines
4.3 KiB
Raw Normal View History

Add source files
4 years ago
  1. //////////////////////////////////////////////////////////////////////////////
  2. //
  3. // Copyright (c) 1998-2000 Microsoft Corporation. All Rights Reserved.
  4. //
  5. // No portion of this source code may be reproduced
  6. // without express written permission of Microsoft Corporation.
  7. //
  8. // This source code is proprietary and confidential.
  9. //
  10. // SYSTEM: Industry Update
  11. //
  12. // CLASS: N/A
  13. // MODULE: TRUST.LIB
  14. // FILE: TRUST.H
  15. //
  16. /////////////////////////////////////////////////////////////////////
  17. //
  18. // DESC: this header file declares functions used to make cabs
  19. // signed by certain providers trusted.
  20. //
  21. // AUTHOR: Charles Ma, converted from WU CDMLIB
  22. // DATE: 10/4/2000
  23. //
  24. /////////////////////////////////////////////////////////////////////
  25. //
  26. // Revision History:
  27. //
  28. // Date Author Description
  29. // ~~~~ ~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  30. // 2002-01-18 KenSh Added revocation check param to VerifyFileTrust
  31. //
  32. /////////////////////////////////////////////////////////////////////
  33. //
  35. #pragma once
  38. //
  39. // define the number of bytes needed to store a SHA1 hashing value
  40. // of the public key
  41. //
  42. const UINT HASH_VAL_SIZE = 20;
  44. //
  45. // define structure used to pass in the hash values to the following
  46. // function in order to detect if one of the hash matches the
  47. // public key of the leaf cert of a file.
  48. //
  49. typedef struct _HASH_STRUCT {
  50. UINT uiCount;
  51. PBYTE pCerts;
  52. } CERT_HASH_ARRAY, *pCERT_HASH_ARRAY;
  55. /////////////////////////////////////////////////////////////////////////////
  56. //
  57. // Public Function VerifyFileTrust()
  58. //
  59. // This is a wrapper function for CheckWinTrust that both Whistler
  60. // and WU classic code should use.
  61. //
  62. // Input: szFileName - the file with complete path
  63. // pbSha1HashVae - a pointer to a 20 byte long buffer, containing
  64. // the signature SHA1 hashing value that should
  65. // be used to check this file, or NULL for checking
  66. // known Microsoft cert.
  67. // fShowBadUI - whether pop up UI in cases
  68. // (1) inproperly signed signature, or
  69. // (2) properly signed with a non-MS cert
  70. // fCheckRevocation - whether the certificat revocation list (CRL) is
  71. // checked to see whether any of the certs in the chain
  72. // have been revoked. Never prompts the user to initiate
  73. // a dial-up connection. Default = FALSE.
  74. //
  75. // Return: HRESULT - S_OK the file is signed with a valid cert
  76. // or error code.
  77. // If the file is signed correctly but cert is not
  78. // a known Microsoft cert, or it's SHA1 hash does not match
  79. // the one passed in, then CERT_UNTRUSTED_ROOT is returned.
  80. //
  81. // Good Cert: Here is the deifnition of a good cert, in addition to the fact
  82. // that the signature must be valid and not expired.
  83. // (1) The signature was signed with a cert that has
  84. // "Microsoft Root Authority" as root, or
  85. // (2) Parameter pbSha1HashVal is not NULL, and the file's SHA1
  86. // hashing value of signature matches this value, or
  87. // (3) The signature was signed with one of the following known
  88. // Microsoft cert's (they are not rooted to MS) and
  89. // pbSha1HashVal is NULL.
  90. // * Microsoft Corporation
  91. // * Microsoft Corporation MSN
  92. // * MSNBC Interactive News LLC
  93. // * Microsoft Corporation MSN (Europe)
  94. // * Microsoft Corporation (Europe)
  95. //
  96. // Note: If _WUV3TEST flag is set (for test build), then fShowBadUI is
  97. // ignored:
  98. // if reg key SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\wuv3test\WinTrustUI
  99. // is set to 1, then no UI is shown, and this function always return S_OK;
  100. // otherwise, UI always show no matter what cert, and return value is same
  101. // as the live build.
  102. //
  103. /////////////////////////////////////////////////////////////////////////////
  104. HRESULT VerifyFileTrust(
  105. IN LPCTSTR szFileName,
  106. IN pCERT_HASH_ARRAY pHashArray,
  107. BOOL fShowBadUI,
  108. BOOL fCheckRevocation = FALSE
  109. );
  112. /////////////////////////////////////////////////////////////////////////////
  113. //
  114. // Public Function ReadWUPolicyShowTrustUI()
  115. //
  116. // Input: void
  117. //
  118. // Return: BOOL - FALSE means ShowTrustUI regkey is not present, or is set to 0
  119. // TRUE means ShowTrustUI regkey is present and is set to 1
  120. //
  121. //
  122. /////////////////////////////////////////////////////////////////////////////
  123. BOOL ReadWUPolicyShowTrustUI();