search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
msvcrt: Use fpclass constants from public header.
[wine/zf.git] / dlls / wintrust / wintrust_main.c
blob768522ea4a055ab1487300c6524885ab4c5cd0d7
1 /*
2 * Copyright 2001 Rein Klazes
3 * Copyright 2007 Juan Lang
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
18 */
19
20 #include <stdarg.h>
21
22 #define NONAMELESSUNION
23
24 #include "windef.h"
25 #include "winbase.h"
26 #include "winerror.h"
27 #include "winreg.h"
28 #include "guiddef.h"
29 #include "wintrust.h"
30 #include "softpub.h"
31 #include "mscat.h"
32 #include "objbase.h"
33 #include "winuser.h"
34 #include "cryptdlg.h"
35 #include "cryptuiapi.h"
36 #include "wintrust_priv.h"
37 #include "wine/debug.h"
38
39 WINE_DEFAULT_DEBUG_CHANNEL(wintrust);
40
41
42 /* Utility functions */
43 void * WINAPI WINTRUST_Alloc(DWORD cb)
44 {
45 return HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, cb);
46 }
47
48 static void* WINTRUST_ReAlloc(void *ptr, DWORD cb) __WINE_ALLOC_SIZE(2);
49 static void* WINTRUST_ReAlloc(void *ptr, DWORD cb)
50 {
51 return HeapReAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, ptr, cb);
52 }
53
54 void WINAPI WINTRUST_Free(void *p)
55 {
56 HeapFree(GetProcessHeap(), 0, p);
57 }
58
59 /***********************************************************************
60 * TrustIsCertificateSelfSigned (WINTRUST.@)
61 */
62 BOOL WINAPI TrustIsCertificateSelfSigned( PCCERT_CONTEXT cert )
63 {
64 PCERT_EXTENSION ext;
65 DWORD size;
66 BOOL ret;
67
68 TRACE("%p\n", cert);
69 if ((ext = CertFindExtension(szOID_AUTHORITY_KEY_IDENTIFIER2,
70 cert->pCertInfo->cExtension, cert->pCertInfo->rgExtension)))
71 {
72 CERT_AUTHORITY_KEY_ID2_INFO *info;
73
74 ret = CryptDecodeObjectEx(cert->dwCertEncodingType,
75 X509_AUTHORITY_KEY_ID2, ext->Value.pbData, ext->Value.cbData,
76 CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_NOCOPY_FLAG, NULL,
77 &info, &size);
78 if (ret)
79 {
80 if (info->AuthorityCertIssuer.cAltEntry &&
81 info->AuthorityCertSerialNumber.cbData)
82 {
83 PCERT_ALT_NAME_ENTRY directoryName = NULL;
84 DWORD i;
85
86 for (i = 0; !directoryName &&
87 i < info->AuthorityCertIssuer.cAltEntry; i++)
88 if (info->AuthorityCertIssuer.rgAltEntry[i].dwAltNameChoice
89 == CERT_ALT_NAME_DIRECTORY_NAME)
90 directoryName =
91 &info->AuthorityCertIssuer.rgAltEntry[i];
92 if (directoryName)
93 {
94 ret = CertCompareCertificateName(cert->dwCertEncodingType,
95 &directoryName->u.DirectoryName, &cert->pCertInfo->Issuer)
96 && CertCompareIntegerBlob(&info->AuthorityCertSerialNumber,
97 &cert->pCertInfo->SerialNumber);
98 }
99 else
100 {
101 FIXME("no supported name type in authority key id2\n");
102 ret = FALSE;
103 }
104 }
105 else if (info->KeyId.cbData)
106 {
107 ret = CertGetCertificateContextProperty(cert,
108 CERT_KEY_IDENTIFIER_PROP_ID, NULL, &size);
109 if (ret && size == info->KeyId.cbData)
110 {
111 LPBYTE buf = CryptMemAlloc(size);
112
113 if (buf)
114 {
115 CertGetCertificateContextProperty(cert,
116 CERT_KEY_IDENTIFIER_PROP_ID, buf, &size);
117 ret = !memcmp(buf, info->KeyId.pbData, size);
118 CryptMemFree(buf);
119 }
120 else
121 ret = FALSE;
122 }
123 else
124 ret = FALSE;
125 }
126 LocalFree(info);
127 }
128 }
129 else if ((ext = CertFindExtension(szOID_AUTHORITY_KEY_IDENTIFIER,
130 cert->pCertInfo->cExtension, cert->pCertInfo->rgExtension)))
131 {
132 CERT_AUTHORITY_KEY_ID_INFO *info;
133
134 ret = CryptDecodeObjectEx(cert->dwCertEncodingType,
135 X509_AUTHORITY_KEY_ID, ext->Value.pbData, ext->Value.cbData,
136 CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_NOCOPY_FLAG, NULL,
137 &info, &size);
138 if (ret)
139 {
140 if (info->CertIssuer.cbData && info->CertSerialNumber.cbData)
141 {
142 ret = CertCompareCertificateName(cert->dwCertEncodingType,
143 &info->CertIssuer, &cert->pCertInfo->Issuer) &&
144 CertCompareIntegerBlob(&info->CertSerialNumber,
145 &cert->pCertInfo->SerialNumber);
146 }
147 else if (info->KeyId.cbData)
148 {
149 ret = CertGetCertificateContextProperty(cert,
150 CERT_KEY_IDENTIFIER_PROP_ID, NULL, &size);
151 if (ret && size == info->KeyId.cbData)
152 {
153 LPBYTE buf = CryptMemAlloc(size);
154
155 if (buf)
156 {
157 CertGetCertificateContextProperty(cert,
158 CERT_KEY_IDENTIFIER_PROP_ID, buf, &size);
159 ret = !memcmp(buf, info->KeyId.pbData, size);
160 CryptMemFree(buf);
161 }
162 else
163 ret = FALSE;
164 }
165 else
166 ret = FALSE;
167 }
168 else
169 ret = FALSE;
170 LocalFree(info);
171 }
172 }
173 else
174 ret = CertCompareCertificateName(cert->dwCertEncodingType,
175 &cert->pCertInfo->Subject, &cert->pCertInfo->Issuer);
176 return ret;
177 }
178
179 typedef HRESULT (WINAPI *wintrust_step_func)(CRYPT_PROVIDER_DATA *data);
180
181 struct wintrust_step
182 {
183 wintrust_step_func func;
184 DWORD error_index;
185 };
186
187 static DWORD WINTRUST_ExecuteSteps(const struct wintrust_step *steps,
188 DWORD numSteps, CRYPT_PROVIDER_DATA *provData)
189 {
190 DWORD i, err = ERROR_SUCCESS;
191
192 for (i = 0; !err && i < numSteps; i++)
193 {
194 err = steps[i].func(provData);
195 if (err)
196 err = provData->padwTrustStepErrors[steps[i].error_index];
197 }
198 return err;
199 }
200
201 static CRYPT_PROVIDER_DATA *WINTRUST_AllocateProviderData(void)
202 {
203 CRYPT_PROVIDER_DATA *provData;
204
205 provData = WINTRUST_Alloc(sizeof(CRYPT_PROVIDER_DATA));
206 if (!provData)
207 goto oom;
208 provData->cbStruct = sizeof(CRYPT_PROVIDER_DATA);
209
210 provData->padwTrustStepErrors =
211 WINTRUST_Alloc(TRUSTERROR_MAX_STEPS * sizeof(DWORD));
212 if (!provData->padwTrustStepErrors)
213 goto oom;
214 provData->cdwTrustStepErrors = TRUSTERROR_MAX_STEPS;
215
216 provData->u.pPDSip = WINTRUST_Alloc(sizeof(PROVDATA_SIP));
217 if (!provData->u.pPDSip)
218 goto oom;
219 provData->u.pPDSip->cbStruct = sizeof(PROVDATA_SIP);
220
221 provData->psPfns = WINTRUST_Alloc(sizeof(CRYPT_PROVIDER_FUNCTIONS));
222 if (!provData->psPfns)
223 goto oom;
224 provData->psPfns->cbStruct = sizeof(CRYPT_PROVIDER_FUNCTIONS);
225 return provData;
226
227 oom:
228 if (provData)
229 {
230 WINTRUST_Free(provData->padwTrustStepErrors);
231 WINTRUST_Free(provData->u.pPDSip);
232 WINTRUST_Free(provData->psPfns);
233 WINTRUST_Free(provData);
234 }
235 return NULL;
236 }
237
238 /* Adds trust steps for each function in psPfns. Assumes steps has at least
239 * 5 entries. Returns the number of steps added.
240 */
241 static DWORD WINTRUST_AddTrustStepsFromFunctions(struct wintrust_step *steps,
242 const CRYPT_PROVIDER_FUNCTIONS *psPfns)
243 {
244 DWORD numSteps = 0;
245
246 if (psPfns->pfnInitialize)
247 {
248 steps[numSteps].func = psPfns->pfnInitialize;
249 steps[numSteps++].error_index = TRUSTERROR_STEP_FINAL_WVTINIT;
250 }
251 if (psPfns->pfnObjectTrust)
252 {
253 steps[numSteps].func = psPfns->pfnObjectTrust;
254 steps[numSteps++].error_index = TRUSTERROR_STEP_FINAL_OBJPROV;
255 }
256 if (psPfns->pfnSignatureTrust)
257 {
258 steps[numSteps].func = psPfns->pfnSignatureTrust;
259 steps[numSteps++].error_index = TRUSTERROR_STEP_FINAL_SIGPROV;
260 }
261 if (psPfns->pfnCertificateTrust)
262 {
263 steps[numSteps].func = psPfns->pfnCertificateTrust;
264 steps[numSteps++].error_index = TRUSTERROR_STEP_FINAL_CERTPROV;
265 }
266 if (psPfns->pfnFinalPolicy)
267 {
268 steps[numSteps].func = psPfns->pfnFinalPolicy;
269 steps[numSteps++].error_index = TRUSTERROR_STEP_FINAL_POLICYPROV;
270 }
271 return numSteps;
272 }
273
274 static LONG WINTRUST_DefaultVerify(HWND hwnd, GUID *actionID,
275 WINTRUST_DATA *data)
276 {
277 DWORD err = ERROR_SUCCESS, numSteps = 0;
278 CRYPT_PROVIDER_DATA *provData;
279 BOOL ret;
280 struct wintrust_step verifySteps[5];
281
282 TRACE("(%p, %s, %p)\n", hwnd, debugstr_guid(actionID), data);
283
284 provData = WINTRUST_AllocateProviderData();
285 if (!provData)
286 return ERROR_OUTOFMEMORY;
287
288 ret = WintrustLoadFunctionPointers(actionID, provData->psPfns);
289 if (!ret)
290 {
291 err = GetLastError();
292 goto error;
293 }
294
295 data->hWVTStateData = provData;
296 provData->pWintrustData = data;
297 if (hwnd == INVALID_HANDLE_VALUE)
298 provData->hWndParent = GetDesktopWindow();
299 else
300 provData->hWndParent = hwnd;
301 provData->pgActionID = actionID;
302 WintrustGetRegPolicyFlags(&provData->dwRegPolicySettings);
303
304 numSteps = WINTRUST_AddTrustStepsFromFunctions(verifySteps,
305 provData->psPfns);
306 err = WINTRUST_ExecuteSteps(verifySteps, numSteps, provData);
307 goto done;
308
309 error:
310 WINTRUST_Free(provData->padwTrustStepErrors);
311 WINTRUST_Free(provData->u.pPDSip);
312 WINTRUST_Free(provData->psPfns);
313 WINTRUST_Free(provData);
314
315 done:
316 TRACE("returning %08x\n", err);
317 return err;
318 }
319
320 static LONG WINTRUST_DefaultClose(HWND hwnd, GUID *actionID,
321 WINTRUST_DATA *data)
322 {
323 DWORD err = ERROR_SUCCESS;
324 CRYPT_PROVIDER_DATA *provData = data->hWVTStateData;
325
326 TRACE("(%p, %s, %p)\n", hwnd, debugstr_guid(actionID), data);
327
328 if (provData)
329 {
330 if (provData->psPfns->pfnCleanupPolicy)
331 err = provData->psPfns->pfnCleanupPolicy(provData);
332
333 WINTRUST_Free(provData->padwTrustStepErrors);
334 WINTRUST_Free(provData->u.pPDSip);
335 WINTRUST_Free(provData->psPfns);
336 WINTRUST_Free(provData);
337 data->hWVTStateData = NULL;
338 }
339 TRACE("returning %08x\n", err);
340 return err;
341 }
342
343 static LONG WINTRUST_DefaultVerifyAndClose(HWND hwnd, GUID *actionID,
344 WINTRUST_DATA *data)
345 {
346 LONG err;
347
348 TRACE("(%p, %s, %p)\n", hwnd, debugstr_guid(actionID), data);
349
350 err = WINTRUST_DefaultVerify(hwnd, actionID, data);
351 WINTRUST_DefaultClose(hwnd, actionID, data);
352 TRACE("returning %08x\n", err);
353 return err;
354 }
355
356 static LONG WINTRUST_PublishedSoftware(HWND hwnd, GUID *actionID,
357 WINTRUST_DATA *data)
358 {
359 WINTRUST_DATA wintrust_data = { sizeof(wintrust_data), 0 };
360 /* Undocumented: the published software action is passed a path,
361 * and pSIPClientData points to a WIN_TRUST_SUBJECT_FILE.
362 */
363 LPWIN_TRUST_SUBJECT_FILE subjectFile = data->pSIPClientData;
364 WINTRUST_FILE_INFO fileInfo = { sizeof(fileInfo), 0 };
365
366 TRACE("subjectFile->hFile: %p\n", subjectFile->hFile);
367 TRACE("subjectFile->lpPath: %s\n", debugstr_w(subjectFile->lpPath));
368 fileInfo.pcwszFilePath = subjectFile->lpPath;
369 fileInfo.hFile = subjectFile->hFile;
370 wintrust_data.u.pFile = &fileInfo;
371 wintrust_data.dwUnionChoice = WTD_CHOICE_FILE;
372 wintrust_data.dwUIChoice = WTD_UI_NONE;
373
374 return WINTRUST_DefaultVerifyAndClose(hwnd, actionID, &wintrust_data);
375 }
376
377 /* Sadly, the function to load the cert for the CERT_CERTIFICATE_ACTION_VERIFY
378 * action is not stored in the registry and is located in wintrust, not in
379 * cryptdlg along with the rest of the implementation (verified by running the
380 * action with a native wintrust.dll.)
381 */
382 static HRESULT WINAPI WINTRUST_CertVerifyObjTrust(CRYPT_PROVIDER_DATA *data)
383 {
384 BOOL ret;
385
386 TRACE("(%p)\n", data);
387
388 if (!data->padwTrustStepErrors)
389 return S_FALSE;
390
391 switch (data->pWintrustData->dwUnionChoice)
392 {
393 case WTD_CHOICE_BLOB:
394 if (data->pWintrustData->u.pBlob &&
395 WVT_IS_CBSTRUCT_GT_MEMBEROFFSET(WINTRUST_BLOB_INFO,
396 data->pWintrustData->u.pBlob->cbStruct, pbMemObject) &&
397 data->pWintrustData->u.pBlob->cbMemObject ==
398 sizeof(CERT_VERIFY_CERTIFICATE_TRUST) &&
399 data->pWintrustData->u.pBlob->pbMemObject)
400 {
401 CERT_VERIFY_CERTIFICATE_TRUST *pCert =
402 (CERT_VERIFY_CERTIFICATE_TRUST *)
403 data->pWintrustData->u.pBlob->pbMemObject;
404
405 if (pCert->cbSize == sizeof(CERT_VERIFY_CERTIFICATE_TRUST) &&
406 pCert->pccert)
407 {
408 CRYPT_PROVIDER_SGNR signer = { sizeof(signer), { 0 } };
409 DWORD i;
410 SYSTEMTIME sysTime;
411
412 /* Add a signer with nothing but the time to verify, so we can
413 * add a cert to it
414 */
415 GetSystemTime(&sysTime);
416 SystemTimeToFileTime(&sysTime, &signer.sftVerifyAsOf);
417 ret = data->psPfns->pfnAddSgnr2Chain(data, FALSE, 0, &signer);
418 if (!ret)
419 goto error;
420 ret = data->psPfns->pfnAddCert2Chain(data, 0, FALSE, 0,
421 pCert->pccert);
422 if (!ret)
423 goto error;
424 for (i = 0; ret && i < pCert->cRootStores; i++)
425 ret = data->psPfns->pfnAddStore2Chain(data,
426 pCert->rghstoreRoots[i]);
427 for (i = 0; ret && i < pCert->cStores; i++)
428 ret = data->psPfns->pfnAddStore2Chain(data,
429 pCert->rghstoreCAs[i]);
430 for (i = 0; ret && i < pCert->cTrustStores; i++)
431 ret = data->psPfns->pfnAddStore2Chain(data,
432 pCert->rghstoreTrust[i]);
433 }
434 else
435 {
436 SetLastError(ERROR_INVALID_PARAMETER);
437 ret = FALSE;
438 }
439 }
440 else
441 {
442 SetLastError(ERROR_INVALID_PARAMETER);
443 ret = FALSE;
444 }
445 break;
446 default:
447 FIXME("unimplemented for %d\n", data->pWintrustData->dwUnionChoice);
448 SetLastError(ERROR_INVALID_PARAMETER);
449 ret = FALSE;
450 }
451
452 error:
453 if (!ret)
454 data->padwTrustStepErrors[TRUSTERROR_STEP_FINAL_OBJPROV] =
455 GetLastError();
456 TRACE("returning %d (%08x)\n", ret ? S_OK : S_FALSE,
457 data->padwTrustStepErrors[TRUSTERROR_STEP_FINAL_OBJPROV]);
458 return ret ? S_OK : S_FALSE;
459 }
460
461 static LONG WINTRUST_CertVerify(HWND hwnd, GUID *actionID,
462 WINTRUST_DATA *data)
463 {
464 DWORD err = ERROR_SUCCESS, numSteps = 0;
465 CRYPT_PROVIDER_DATA *provData;
466 BOOL ret;
467 struct wintrust_step verifySteps[5];
468
469 TRACE("(%p, %s, %p)\n", hwnd, debugstr_guid(actionID), data);
470
471 provData = WINTRUST_AllocateProviderData();
472 if (!provData)
473 return ERROR_OUTOFMEMORY;
474
475 ret = WintrustLoadFunctionPointers(actionID, provData->psPfns);
476 if (!ret)
477 {
478 err = GetLastError();
479 goto error;
480 }
481 if (!provData->psPfns->pfnObjectTrust)
482 provData->psPfns->pfnObjectTrust = WINTRUST_CertVerifyObjTrust;
483 /* Not sure why, but native skips the policy check */
484 provData->psPfns->pfnCertCheckPolicy = NULL;
485
486 data->hWVTStateData = provData;
487 provData->pWintrustData = data;
488 if (hwnd == INVALID_HANDLE_VALUE)
489 provData->hWndParent = GetDesktopWindow();
490 else
491 provData->hWndParent = hwnd;
492 provData->pgActionID = actionID;
493 WintrustGetRegPolicyFlags(&provData->dwRegPolicySettings);
494
495 numSteps = WINTRUST_AddTrustStepsFromFunctions(verifySteps,
496 provData->psPfns);
497 err = WINTRUST_ExecuteSteps(verifySteps, numSteps, provData);
498 goto done;
499
500 error:
501 WINTRUST_Free(provData->padwTrustStepErrors);
502 WINTRUST_Free(provData->u.pPDSip);
503 WINTRUST_Free(provData->psPfns);
504 WINTRUST_Free(provData);
505
506 done:
507 TRACE("returning %08x\n", err);
508 return err;
509 }
510
511 static LONG WINTRUST_CertVerifyAndClose(HWND hwnd, GUID *actionID,
512 WINTRUST_DATA *data)
513 {
514 LONG err;
515
516 TRACE("(%p, %s, %p)\n", hwnd, debugstr_guid(actionID), data);
517
518 err = WINTRUST_CertVerify(hwnd, actionID, data);
519 WINTRUST_DefaultClose(hwnd, actionID, data);
520 TRACE("returning %08x\n", err);
521 return err;
522 }
523
524 static LONG WINTRUST_CertActionVerify(HWND hwnd, GUID *actionID,
525 WINTRUST_DATA *data)
526 {
527 DWORD stateAction;
528 LONG err = ERROR_SUCCESS;
529
530 if (WVT_ISINSTRUCT(WINTRUST_DATA, data->cbStruct, dwStateAction))
531 stateAction = data->dwStateAction;
532 else
533 {
534 TRACE("no dwStateAction, assuming WTD_STATEACTION_IGNORE\n");
535 stateAction = WTD_STATEACTION_IGNORE;
536 }
537 switch (stateAction)
538 {
539 case WTD_STATEACTION_IGNORE:
540 err = WINTRUST_CertVerifyAndClose(hwnd, actionID, data);
541 break;
542 case WTD_STATEACTION_VERIFY:
543 err = WINTRUST_CertVerify(hwnd, actionID, data);
544 break;
545 case WTD_STATEACTION_CLOSE:
546 err = WINTRUST_DefaultClose(hwnd, actionID, data);
547 break;
548 default:
549 FIXME("unimplemented for %d\n", data->dwStateAction);
550 }
551 return err;
552 }
553
554 static void dump_file_info(WINTRUST_FILE_INFO *pFile)
555 {
556 TRACE("%p\n", pFile);
557 if (pFile)
558 {
559 TRACE("cbStruct: %d\n", pFile->cbStruct);
560 TRACE("pcwszFilePath: %s\n", debugstr_w(pFile->pcwszFilePath));
561 TRACE("hFile: %p\n", pFile->hFile);
562 TRACE("pgKnownSubject: %s\n", debugstr_guid(pFile->pgKnownSubject));
563 }
564 }
565
566 static void dump_catalog_info(WINTRUST_CATALOG_INFO *catalog)
567 {
568 TRACE("%p\n", catalog);
569 if (catalog)
570 {
571 TRACE("cbStruct: %d\n", catalog->cbStruct);
572 TRACE("dwCatalogVersion: %d\n", catalog->dwCatalogVersion);
573 TRACE("pcwszCatalogFilePath: %s\n",
574 debugstr_w(catalog->pcwszCatalogFilePath));
575 TRACE("pcwszMemberTag: %s\n", debugstr_w(catalog->pcwszMemberTag));
576 TRACE("pcwszMemberFilePath: %s\n",
577 debugstr_w(catalog->pcwszMemberFilePath));
578 TRACE("hMemberFile: %p\n", catalog->hMemberFile);
579 TRACE("pbCalculatedFileHash: %p\n", catalog->pbCalculatedFileHash);
580 TRACE("cbCalculatedFileHash: %d\n", catalog->cbCalculatedFileHash);
581 TRACE("pcCatalogContext: %p\n", catalog->pcCatalogContext);
582 }
583 }
584
585 static void dump_blob_info(WINTRUST_BLOB_INFO *blob)
586 {
587 TRACE("%p\n", blob);
588 if (blob)
589 {
590 TRACE("cbStruct: %d\n", blob->cbStruct);
591 TRACE("gSubject: %s\n", debugstr_guid(&blob->gSubject));
592 TRACE("pcwszDisplayName: %s\n", debugstr_w(blob->pcwszDisplayName));
593 TRACE("cbMemObject: %d\n", blob->cbMemObject);
594 TRACE("pbMemObject: %p\n", blob->pbMemObject);
595 TRACE("cbMemSignedMsg: %d\n", blob->cbMemSignedMsg);
596 TRACE("pbMemSignedMsg: %p\n", blob->pbMemSignedMsg);
597 }
598 }
599
600 static void dump_sgnr_info(WINTRUST_SGNR_INFO *sgnr)
601 {
602 TRACE("%p\n", sgnr);
603 if (sgnr)
604 {
605 TRACE("cbStruct: %d\n", sgnr->cbStruct);
606 TRACE("pcwszDisplayName: %s\n", debugstr_w(sgnr->pcwszDisplayName));
607 TRACE("psSignerInfo: %p\n", sgnr->psSignerInfo);
608 TRACE("chStores: %d\n", sgnr->chStores);
609 }
610 }
611
612 static void dump_cert_info(WINTRUST_CERT_INFO *cert)
613 {
614 TRACE("%p\n", cert);
615 if (cert)
616 {
617 TRACE("cbStruct: %d\n", cert->cbStruct);
618 TRACE("pcwszDisplayName: %s\n", debugstr_w(cert->pcwszDisplayName));
619 TRACE("psCertContext: %p\n", cert->psCertContext);
620 TRACE("chStores: %d\n", cert->chStores);
621 TRACE("dwFlags: %08x\n", cert->dwFlags);
622 TRACE("psftVerifyAsOf: %p\n", cert->psftVerifyAsOf);
623 }
624 }
625
626 static void dump_wintrust_data(WINTRUST_DATA *data)
627 {
628 TRACE("%p\n", data);
629 if (data)
630 {
631 TRACE("cbStruct: %d\n", data->cbStruct);
632 TRACE("pPolicyCallbackData: %p\n", data->pPolicyCallbackData);
633 TRACE("pSIPClientData: %p\n", data->pSIPClientData);
634 TRACE("dwUIChoice: %d\n", data->dwUIChoice);
635 TRACE("fdwRevocationChecks: %08x\n", data->fdwRevocationChecks);
636 TRACE("dwUnionChoice: %d\n", data->dwUnionChoice);
637 switch (data->dwUnionChoice)
638 {
639 case WTD_CHOICE_FILE:
640 dump_file_info(data->u.pFile);
641 break;
642 case WTD_CHOICE_CATALOG:
643 dump_catalog_info(data->u.pCatalog);
644 break;
645 case WTD_CHOICE_BLOB:
646 dump_blob_info(data->u.pBlob);
647 break;
648 case WTD_CHOICE_SIGNER:
649 dump_sgnr_info(data->u.pSgnr);
650 break;
651 case WTD_CHOICE_CERT:
652 dump_cert_info(data->u.pCert);
653 break;
654 }
655 TRACE("dwStateAction: %d\n", data->dwStateAction);
656 TRACE("hWVTStateData: %p\n", data->hWVTStateData);
657 TRACE("pwszURLReference: %s\n", debugstr_w(data->pwszURLReference));
658 TRACE("dwProvFlags: %08x\n", data->dwProvFlags);
659 TRACE("dwUIContext: %d\n", data->dwUIContext);
660 }
661 }
662
663 /***********************************************************************
664 * WinVerifyTrust (WINTRUST.@)
665 *
666 * Verifies an object by calling the specified trust provider.
667 *
668 * PARAMS
669 * hwnd [I] Handle to a caller window.
670 * ActionID [I] Pointer to a GUID that identifies the action to perform.
671 * ActionData [I] Information used by the trust provider to verify the object.
672 *
673 * RETURNS
674 * Success: Zero.
675 * Failure: A TRUST_E_* error code.
676 *
677 * NOTES
678 * Trust providers can be found at:
679 * HKLM\SOFTWARE\Microsoft\Cryptography\Providers\Trust\
680 */
681 LONG WINAPI WinVerifyTrust( HWND hwnd, GUID *ActionID, LPVOID ActionData )
682 {
683 static const GUID unknown = { 0xC689AAB8, 0x8E78, 0x11D0, { 0x8C,0x47,
684 0x00,0xC0,0x4F,0xC2,0x95,0xEE } };
685 static const GUID published_software = WIN_SPUB_ACTION_PUBLISHED_SOFTWARE;
686 static const GUID generic_verify_v2 = WINTRUST_ACTION_GENERIC_VERIFY_V2;
687 static const GUID generic_cert_verify = WINTRUST_ACTION_GENERIC_CERT_VERIFY;
688 static const GUID generic_chain_verify = WINTRUST_ACTION_GENERIC_CHAIN_VERIFY;
689 static const GUID cert_action_verify = CERT_CERTIFICATE_ACTION_VERIFY;
690 LONG err = ERROR_SUCCESS;
691 WINTRUST_DATA *actionData = ActionData;
692
693 TRACE("(%p, %s, %p)\n", hwnd, debugstr_guid(ActionID), ActionData);
694 dump_wintrust_data(ActionData);
695
696 /* Support for known old-style callers: */
697 if (IsEqualGUID(ActionID, &published_software))
698 err = WINTRUST_PublishedSoftware(hwnd, ActionID, ActionData);
699 else if (IsEqualGUID(ActionID, &cert_action_verify))
700 err = WINTRUST_CertActionVerify(hwnd, ActionID, ActionData);
701 else
702 {
703 DWORD stateAction;
704
705 /* Check known actions to warn of possible problems */
706 if (!IsEqualGUID(ActionID, &unknown) &&
707 !IsEqualGUID(ActionID, &generic_verify_v2) &&
708 !IsEqualGUID(ActionID, &generic_cert_verify) &&
709 !IsEqualGUID(ActionID, &generic_chain_verify))
710 WARN("unknown action %s, default behavior may not be right\n",
711 debugstr_guid(ActionID));
712 if (WVT_ISINSTRUCT(WINTRUST_DATA, actionData->cbStruct, dwStateAction))
713 stateAction = actionData->dwStateAction;
714 else
715 {
716 TRACE("no dwStateAction, assuming WTD_STATEACTION_IGNORE\n");
717 stateAction = WTD_STATEACTION_IGNORE;
718 }
719 switch (stateAction)
720 {
721 case WTD_STATEACTION_IGNORE:
722 err = WINTRUST_DefaultVerifyAndClose(hwnd, ActionID, ActionData);
723 break;
724 case WTD_STATEACTION_VERIFY:
725 err = WINTRUST_DefaultVerify(hwnd, ActionID, ActionData);
726 break;
727 case WTD_STATEACTION_CLOSE:
728 err = WINTRUST_DefaultClose(hwnd, ActionID, ActionData);
729 break;
730 default:
731 FIXME("unimplemented for %d\n", actionData->dwStateAction);
732 }
733 }
734
735 if (err) SetLastError(err);
736 TRACE("returning %08x\n", err);
737 return err;
738 }
739
740 /***********************************************************************
741 * WinVerifyTrustEx (WINTRUST.@)
742 */
743 HRESULT WINAPI WinVerifyTrustEx( HWND hwnd, GUID *ActionID,
744 WINTRUST_DATA* ActionData )
745 {
746 return WinVerifyTrust(hwnd, ActionID, ActionData);
747 }
748
749 /***********************************************************************
750 * WTHelperGetProvSignerFromChain (WINTRUST.@)
751 */
752 CRYPT_PROVIDER_SGNR * WINAPI WTHelperGetProvSignerFromChain(
753 CRYPT_PROVIDER_DATA *pProvData, DWORD idxSigner, BOOL fCounterSigner,
754 DWORD idxCounterSigner)
755 {
756 CRYPT_PROVIDER_SGNR *sgnr;
757
758 TRACE("(%p %d %d %d)\n", pProvData, idxSigner, fCounterSigner,
759 idxCounterSigner);
760
761 if (idxSigner >= pProvData->csSigners || !pProvData->pasSigners)
762 return NULL;
763 sgnr = &pProvData->pasSigners[idxSigner];
764 if (fCounterSigner)
765 {
766 if (idxCounterSigner >= sgnr->csCounterSigners ||
767 !sgnr->pasCounterSigners)
768 return NULL;
769 sgnr = &sgnr->pasCounterSigners[idxCounterSigner];
770 }
771 TRACE("returning %p\n", sgnr);
772 return sgnr;
773 }
774
775 /***********************************************************************
776 * WTHelperGetProvCertFromChain (WINTRUST.@)
777 */
778 CRYPT_PROVIDER_CERT * WINAPI WTHelperGetProvCertFromChain(
779 CRYPT_PROVIDER_SGNR *pSgnr, DWORD idxCert)
780 {
781 CRYPT_PROVIDER_CERT *cert;
782
783 TRACE("(%p %d)\n", pSgnr, idxCert);
784
785 if (idxCert >= pSgnr->csCertChain || !pSgnr->pasCertChain)
786 return NULL;
787 cert = &pSgnr->pasCertChain[idxCert];
788 TRACE("returning %p\n", cert);
789 return cert;
790 }
791
792 CRYPT_PROVIDER_PRIVDATA *WINAPI WTHelperGetProvPrivateDataFromChain(
793 CRYPT_PROVIDER_DATA* pProvData,
794 GUID* pgProviderID)
795 {
796 CRYPT_PROVIDER_PRIVDATA *privdata = NULL;
797 DWORD i;
798
799 TRACE("(%p, %s)\n", pProvData, debugstr_guid(pgProviderID));
800
801 for (i = 0; i < pProvData->csProvPrivData; i++)
802 if (IsEqualGUID(pgProviderID, &pProvData->pasProvPrivData[i].gProviderID))
803 {
804 privdata = &pProvData->pasProvPrivData[i];
805 break;
806 }
807
808 return privdata;
809 }
810
811 /***********************************************************************
812 * WTHelperProvDataFromStateData (WINTRUST.@)
813 */
814 CRYPT_PROVIDER_DATA * WINAPI WTHelperProvDataFromStateData(HANDLE hStateData)
815 {
816 TRACE("%p\n", hStateData);
817 return hStateData;
818 }
819
820 /***********************************************************************
821 * WTHelperGetFileName(WINTRUST.@)
822 */
823 LPCWSTR WINAPI WTHelperGetFileName(WINTRUST_DATA *data)
824 {
825 TRACE("%p\n",data);
826 if (data->dwUnionChoice == WTD_CHOICE_FILE)
827 return data->u.pFile->pcwszFilePath;
828 else
829 return NULL;
830 }
831
832 /***********************************************************************
833 * WTHelperGetFileHandle(WINTRUST.@)
834 */
835 HANDLE WINAPI WTHelperGetFileHandle(WINTRUST_DATA *data)
836 {
837 TRACE("%p\n",data);
838 if (data->dwUnionChoice == WTD_CHOICE_FILE)
839 return data->u.pFile->hFile;
840 else
841 return INVALID_HANDLE_VALUE;
842 }
843
844 static BOOL WINAPI WINTRUST_enumUsages(PCCRYPT_OID_INFO pInfo, void *pvArg)
845 {
846 PCCRYPT_OID_INFO **usages = pvArg;
847 DWORD cUsages;
848 BOOL ret;
849
850 if (!*usages)
851 {
852 cUsages = 0;
853 *usages = WINTRUST_Alloc(2 * sizeof(PCCRYPT_OID_INFO));
854 }
855 else
856 {
857 PCCRYPT_OID_INFO *ptr;
858
859 /* Count the existing usages.
860 * FIXME: make sure the new usage doesn't duplicate any in the list?
861 */
862 for (cUsages = 0, ptr = *usages; *ptr; ptr++, cUsages++)
863 ;
864 *usages = WINTRUST_ReAlloc(*usages,
865 (cUsages + 2) * sizeof(PCCRYPT_OID_INFO));
866 }
867 if (*usages)
868 {
869 (*usages)[cUsages] = pInfo;
870 (*usages)[cUsages + 1] = NULL;
871 ret = TRUE;
872 }
873 else
874 {
875 SetLastError(ERROR_OUTOFMEMORY);
876 ret = FALSE;
877 }
878 return ret;
879 }
880
881 /***********************************************************************
882 * WTHelperGetKnownUsages(WINTRUST.@)
883 *
884 * Enumerates the known enhanced key usages as an array of PCCRYPT_OID_INFOs.
885 *
886 * PARAMS
887 * action [In] 1 => allocate and return known usages, 2 => free previously
888 * allocated usages.
889 * usages [In/Out] If action == 1, *usages is set to an array of
890 * PCCRYPT_OID_INFO *. The array is terminated with a NULL
891 * pointer.
892 * If action == 2, *usages is freed.
893 *
894 * RETURNS
895 * TRUE on success, FALSE on failure.
896 */
897 BOOL WINAPI WTHelperGetKnownUsages(DWORD action, PCCRYPT_OID_INFO **usages)
898 {
899 BOOL ret;
900
901 TRACE("(%d, %p)\n", action, usages);
902
903 if (!usages)
904 {
905 SetLastError(ERROR_INVALID_PARAMETER);
906 return FALSE;
907 }
908
909 if (action == 1)
910 {
911 *usages = NULL;
912 ret = CryptEnumOIDInfo(CRYPT_ENHKEY_USAGE_OID_GROUP_ID, 0, usages,
913 WINTRUST_enumUsages);
914 }
915 else if (action == 2)
916 {
917 WINTRUST_Free(*usages);
918 *usages = NULL;
919 ret = TRUE;
920 }
921 else
922 {
923 WARN("unknown action %d\n", action);
924 SetLastError(ERROR_INVALID_PARAMETER);
925 ret = FALSE;
926 }
927 return ret;
928 }
929
930 static const WCHAR Software_Publishing[] = {
931 'S','o','f','t','w','a','r','e','\\',
932 'M','i','c','r','o','s','o','f','t','\\',
933 'W','i','n','d','o','w','s','\\',
934 'C','u','r','r','e','n','t','V','e','r','s','i','o','n','\\',
935 'W','i','n','t','r','u','s','t','\\',
936 'T','r','u','s','t',' ','P','r','o','v','i','d','e','r','s','\\',
937 'S','o','f','t','w','a','r','e',' ',
938 'P','u','b','l','i','s','h','i','n','g',0 };
939 static const WCHAR State[] = { 'S','t','a','t','e',0 };
940
941 /***********************************************************************
942 * WintrustGetRegPolicyFlags (WINTRUST.@)
943 */
944 void WINAPI WintrustGetRegPolicyFlags( DWORD* pdwPolicyFlags )
945 {
946 HKEY key;
947 LONG r;
948
949 TRACE("%p\n", pdwPolicyFlags);
950
951 *pdwPolicyFlags = 0;
952 r = RegCreateKeyExW(HKEY_CURRENT_USER, Software_Publishing, 0, NULL, 0,
953 KEY_READ, NULL, &key, NULL);
954 if (!r)
955 {
956 DWORD size = sizeof(DWORD);
957
958 r = RegQueryValueExW(key, State, NULL, NULL, (LPBYTE)pdwPolicyFlags,
959 &size);
960 RegCloseKey(key);
961 if (r)
962 {
963 /* Failed to query, create and return default value */
964 *pdwPolicyFlags = WTPF_IGNOREREVOCATIONONTS |
965 WTPF_OFFLINEOKNBU_COM |
966 WTPF_OFFLINEOKNBU_IND |
967 WTPF_OFFLINEOK_COM |
968 WTPF_OFFLINEOK_IND;
969 WintrustSetRegPolicyFlags(*pdwPolicyFlags);
970 }
971 }
972 }
973
974 /***********************************************************************
975 * WintrustSetRegPolicyFlags (WINTRUST.@)
976 */
977 BOOL WINAPI WintrustSetRegPolicyFlags( DWORD dwPolicyFlags)
978 {
979 HKEY key;
980 LONG r;
981
982 TRACE("%x\n", dwPolicyFlags);
983
984 r = RegCreateKeyExW(HKEY_CURRENT_USER, Software_Publishing, 0,
985 NULL, 0, KEY_WRITE, NULL, &key, NULL);
986 if (!r)
987 {
988 r = RegSetValueExW(key, State, 0, REG_DWORD, (LPBYTE)&dwPolicyFlags,
989 sizeof(DWORD));
990 RegCloseKey(key);
991 }
992 if (r) SetLastError(r);
993 return r == ERROR_SUCCESS;
994 }
995
996 /* Utility functions */
997
998 BOOL WINAPI WINTRUST_AddStore(CRYPT_PROVIDER_DATA *data, HCERTSTORE store)
999 {
1000 BOOL ret = FALSE;
1001
1002 TRACE("(%p, %p)\n", data, store);
1003
1004 if (data->chStores)
1005 data->pahStores = WINTRUST_ReAlloc(data->pahStores,
1006 (data->chStores + 1) * sizeof(HCERTSTORE));
1007 else
1008 {
1009 data->pahStores = WINTRUST_Alloc(sizeof(HCERTSTORE));
1010 data->chStores = 0;
1011 }
1012 if (data->pahStores)
1013 {
1014 data->pahStores[data->chStores++] = CertDuplicateStore(store);
1015 ret = TRUE;
1016 }
1017 else
1018 SetLastError(ERROR_OUTOFMEMORY);
1019 return ret;
1020 }
1021
1022 BOOL WINAPI WINTRUST_AddSgnr(CRYPT_PROVIDER_DATA *data,
1023 BOOL fCounterSigner, DWORD idxSigner, CRYPT_PROVIDER_SGNR *sgnr)
1024 {
1025 BOOL ret = FALSE;
1026
1027 TRACE("(%p, %d, %d, %p)\n", data, fCounterSigner, idxSigner, sgnr);
1028
1029 if (sgnr->cbStruct > sizeof(CRYPT_PROVIDER_SGNR))
1030 {
1031 SetLastError(ERROR_INVALID_PARAMETER);
1032 return FALSE;
1033 }
1034 if (fCounterSigner)
1035 {
1036 FIXME("unimplemented for counter signers\n");
1037 SetLastError(ERROR_INVALID_PARAMETER);
1038 return FALSE;
1039 }
1040 if (data->csSigners)
1041 data->pasSigners = WINTRUST_ReAlloc(data->pasSigners,
1042 (data->csSigners + 1) * sizeof(CRYPT_PROVIDER_SGNR));
1043 else
1044 {
1045 data->pasSigners = WINTRUST_Alloc(sizeof(CRYPT_PROVIDER_SGNR));
1046 data->csSigners = 0;
1047 }
1048 if (data->pasSigners)
1049 {
1050 if (idxSigner < data->csSigners)
1051 memmove(&data->pasSigners[idxSigner],
1052 &data->pasSigners[idxSigner + 1],
1053 (data->csSigners - idxSigner) * sizeof(CRYPT_PROVIDER_SGNR));
1054 ret = TRUE;
1055 if (sgnr->cbStruct == sizeof(CRYPT_PROVIDER_SGNR))
1056 {
1057 /* The PSDK says psSigner should be allocated using pfnAlloc, but
1058 * it doesn't say anything about ownership. Since callers are
1059 * internal, assume ownership is passed, and just store the
1060 * pointer.
1061 */
1062 memcpy(&data->pasSigners[idxSigner], sgnr,
1063 sizeof(CRYPT_PROVIDER_SGNR));
1064 }
1065 else
1066 memset(&data->pasSigners[idxSigner], 0,
1067 sizeof(CRYPT_PROVIDER_SGNR));
1068 data->csSigners++;
1069 }
1070 else
1071 SetLastError(ERROR_OUTOFMEMORY);
1072 return ret;
1073 }
1074
1075 BOOL WINAPI WINTRUST_AddCert(CRYPT_PROVIDER_DATA *data, DWORD idxSigner,
1076 BOOL fCounterSigner, DWORD idxCounterSigner, PCCERT_CONTEXT pCert2Add)
1077 {
1078 BOOL ret = FALSE;
1079
1080 TRACE("(%p, %d, %d, %d, %p)\n", data, idxSigner, fCounterSigner,
1081 idxSigner, pCert2Add);
1082
1083 if (fCounterSigner)
1084 {
1085 FIXME("unimplemented for counter signers\n");
1086 SetLastError(ERROR_INVALID_PARAMETER);
1087 return FALSE;
1088 }
1089 if (data->pasSigners[idxSigner].csCertChain)
1090 data->pasSigners[idxSigner].pasCertChain =
1091 WINTRUST_ReAlloc(data->pasSigners[idxSigner].pasCertChain,
1092 (data->pasSigners[idxSigner].csCertChain + 1) *
1093 sizeof(CRYPT_PROVIDER_CERT));
1094 else
1095 {
1096 data->pasSigners[idxSigner].pasCertChain =
1097 WINTRUST_Alloc(sizeof(CRYPT_PROVIDER_CERT));
1098 data->pasSigners[idxSigner].csCertChain = 0;
1099 }
1100 if (data->pasSigners[idxSigner].pasCertChain)
1101 {
1102 CRYPT_PROVIDER_CERT *cert = &data->pasSigners[idxSigner].pasCertChain[
1103 data->pasSigners[idxSigner].csCertChain];
1104
1105 cert->cbStruct = sizeof(CRYPT_PROVIDER_CERT);
1106 cert->pCert = CertDuplicateCertificateContext(pCert2Add);
1107 data->pasSigners[idxSigner].csCertChain++;
1108 ret = TRUE;
1109 }
1110 else
1111 SetLastError(ERROR_OUTOFMEMORY);
1112 return ret;
1113 }
1114
1115 BOOL WINAPI WINTRUST_AddPrivData(CRYPT_PROVIDER_DATA *data,
1116 CRYPT_PROVIDER_PRIVDATA *pPrivData2Add)
1117 {
1118 BOOL ret = FALSE;
1119
1120 TRACE("(%p, %p)\n", data, pPrivData2Add);
1121
1122 if (pPrivData2Add->cbStruct > sizeof(CRYPT_PROVIDER_PRIVDATA))
1123 {
1124 SetLastError(ERROR_INVALID_PARAMETER);
1125 WARN("invalid struct size\n");
1126 return FALSE;
1127 }
1128 if (data->csProvPrivData)
1129 data->pasProvPrivData = WINTRUST_ReAlloc(data->pasProvPrivData,
1130 (data->csProvPrivData + 1) * sizeof(CRYPT_PROVIDER_SGNR));
1131 else
1132 {
1133 data->pasProvPrivData = WINTRUST_Alloc(sizeof(CRYPT_PROVIDER_SGNR));
1134 data->csProvPrivData = 0;
1135 }
1136 if (data->pasProvPrivData)
1137 {
1138 DWORD i;
1139
1140 for (i = 0; i < data->csProvPrivData; i++)
1141 if (IsEqualGUID(&pPrivData2Add->gProviderID, &data->pasProvPrivData[i]))
1142 break;
1143
1144 data->pasProvPrivData[i] = *pPrivData2Add;
1145 if (i == data->csProvPrivData)
1146 data->csProvPrivData++;
1147 }
1148 else
1149 SetLastError(ERROR_OUTOFMEMORY);
1150 return ret;
1151 }
1152
1153 /***********************************************************************
1154 * OpenPersonalTrustDBDialog (WINTRUST.@)
1155 *
1156 * Opens the certificate manager dialog, showing only the stores that
1157 * contain trusted software publishers.
1158 *
1159 * PARAMS
1160 * hwnd [I] handle of parent window
1161 *
1162 * RETURNS
1163 * TRUE if the dialog could be opened, FALSE if not.
1164 */
1165 BOOL WINAPI OpenPersonalTrustDBDialog(HWND hwnd)
1166 {
1167 CRYPTUI_CERT_MGR_STRUCT uiCertMgr;
1168
1169 uiCertMgr.dwSize = sizeof(uiCertMgr);
1170 uiCertMgr.hwndParent = hwnd;
1171 uiCertMgr.dwFlags = CRYPTUI_CERT_MGR_PUBLISHER_TAB;
1172 uiCertMgr.pwszTitle = NULL;
1173 uiCertMgr.pszInitUsageOID = NULL;
1174 return CryptUIDlgCertMgr(&uiCertMgr);
1175 }
1176
1177 /***********************************************************************
1178 * WTHelperCertCheckValidSignature
1179 */
1180 HRESULT WINAPI WTHelperCertCheckValidSignature(CRYPT_PROVIDER_DATA *pProvData)
1181 {
1182 FIXME("Stub\n");
1183 return S_OK;
1184 }
1185
1186 /***********************************************************************
1187 * IsCatalogFile
1188 */
1189 BOOL WINAPI IsCatalogFile(HANDLE hFile, WCHAR *pwszFileName)
1190 {
1191 static const GUID catGUID = { 0xDE351A43, 0x8E59, 0x11D0, { 0x8C,0x47,0x00,0xC0,0x4F,0xC2,0x95,0xEE }};
1192 GUID guid;
1193
1194 TRACE("(%p, %s)\n", hFile, debugstr_w(pwszFileName));
1195
1196 if (!CryptSIPRetrieveSubjectGuid(pwszFileName, hFile, &guid))
1197 return FALSE;
1198 return IsEqualGUID(&guid, &catGUID);
1199 }
1200
1201 /***********************************************************************
1202 * FindCertsByIssuer
1203 */
1204 HRESULT WINAPI FindCertsByIssuer(PCERT_CHAIN pCertChains, DWORD *pcbCertChains,
1205 DWORD *pcCertChains, BYTE* pbEncodedIssuerName, DWORD cbEncodedIssuerName,
1206 LPCWSTR pwszPurpose, DWORD dwKeySpec)
1207 {
1208 FIXME("(%p, %p, %p, %p, %d, %s, %d): stub\n", pCertChains, pcbCertChains,
1209 pcCertChains, pbEncodedIssuerName, cbEncodedIssuerName,
1210 debugstr_w(pwszPurpose), dwKeySpec);
1211 return E_FAIL;
1212 }
Zebediah Figura's local tree