Solved

WinVerifyTrust() code sample

Posted on 2002-07-01
2
2,455 Views
Last Modified: 2011-09-20
I want to check if a file is digital signed. That's why I need a WinVerifyTrust() code sample for Delphi. (I have Delphi 4.0.)
Thank you!
0
Comment
Question by:Kann
2 Comments
 
LVL 26

Accepted Solution

by:
Russell Libby earned 400 total points
Comment Utility
Kann,

The wintrust.pas file is a conversion from the C winbase.h source code, and the VerifyTrust function was ripped off from an MSDN C code example. What you need to do is create a seperate unit called wintrust.pas, then copy the code below into it. Then in your project, place "wintrust" in the uses clause. The verification routine is defined as

function  VerifyTrust(szFile: String; SubjectType: TSubjectType; UIOnBadVerify: Boolean): Integer;

The TSubjectType is defined as
TSubjectType   = (stRaw, stPEFile, stJava, stCabinet)

So, calling it is as simple as

var
 ret:   Integer;

 ret:=VerifyTrust('c:\yourfile.exe', stPEFile, False);
 if (ret = 0) then
 begin
   ...
   // Do whatever. Zero (S_OK) indicates sucess
   ...
 end;

Hope this helps
Russell

Code to copy
----------------------------------------------------------
unit wintrust;

interface

uses
  Windows;

// WINTRUST.DLL library
const
  WINTRUST_LIB                        =  'WINTRUST.DLL';

// Windows Certificate
type
  WIN_CERTIFICATE                           =  packed record
     dwLength:            DWORD;
     wRevision:           WORD;
     wCertificateType:    WORD;
     bCertificate:        Array [0..0] of Byte;
  end;
  LPWIN_CERTIFICATE                         =  ^WIN_CERTIFICATE;

// Not sure if defined in <= Delphi 5
type
  PGUID                   =  ^TGUID;

// Type defs for API calls
type
  TWinVerifyTrust         =  function(hwnd: THandle; ActionID: PGUID; ActionData: Pointer): HResult; stdcall;
  TWinLoadTrustProvider   =  function(ActionID: PGUID): BOOL; stdcall;

// Data type commonly used in ActionData structures
type
  WIN_TRUST_SUBJECT       =  Pointer;

// Two commonly used ActionData structures
type
  WIN_TRUST_ACTDATA_CONTEXT_WITH_SUBJECT    =  packed record
     hClientToken:     THandle;
     SubjectType:      PGUID;
     Subject:          WIN_TRUST_SUBJECT;
  end;
  LPWIN_TRUST_ACTDATA_CONTEXT_WITH_SUBJECT  =  ^WIN_TRUST_ACTDATA_CONTEXT_WITH_SUBJECT;

  WIN_TRUST_ACTDATA_SUBJECT_ONLY            =  packed record
     SubjectType:      PGUID;
     Subject:          WIN_TRUST_SUBJECT;
  end;
  LPWIN_TRUST_ACTDATA_SUBJECT_ONLY          =  ^WIN_TRUST_ACTDATA_SUBJECT_ONLY;

// Currently defined Subject Type Identifiers.  All of the below
// use the WIN_TRUST_SUBJECT_FILE subject form, defined below.
const
  WIN_TRUST_SUBJTYPE_RAW_FILE:     TGUID =  '{959dc450-8d9e-11cf-8736-00aa00a485eb}';
  WIN_TRUST_SUBJTYPE_PE_IMAGE:     TGUID =  '{43c9a1e0-8da0-11cf-8736-00aa00a485eb}';
  WIN_TRUST_SUBJTYPE_JAVA_CLASS:   TGUID =  '{08ad3990-8da1-11cf-8736-00aa00a485eb}';
  WIN_TRUST_SUBJTYPE_CABINET:      TGUID =  '{d17c5374-a392-11cf-9df5-00aa00c184e0}';

// Associated Subject Data Structure:
type
  WIN_TRUST_SUBJECT_FILE                    =  packed record
     hFile:            THandle;
     lpPath:           PWideChar;
  end;
  LPWIN_TRUST_SUBJECT_FILE                  =  ^WIN_TRUST_SUBJECT_FILE;

// The following subject types use the
// WIN_TRUST_SUBJECT_FILE_AND_DISPLAY subject type, defined
// below.
const
  WIN_TRUST_SUBJTYPE_RAW_FILEEX:   TGUID =  '{6f458110-c2f1-11cf-8a69-00aa006c3706}';
  WIN_TRUST_SUBJTYPE_PE_IMAGEEX:   TGUID =  '{6f458111-c2f1-11cf-8a69-00aa006c3706}';
  WIN_TRUST_SUBJTYPE_JAVA_CLASSEX: TGUID =  '{6f458113-c2f1-11cf-8a69-00aa006c3706}';
  WIN_TRUST_SUBJTYPE_CABINETEX:    TGUID =  '{6f458114-c2f1-11cf-8a69-00aa006c3706}';

// Associated Subject Data Structure:
type
  WIN_TRUST_SUBJECT_FILE_AND_DISPLAY        =  packed record
     hFile:            THandle;
     lpPath:           PWideChar;
     lpDisplayName:    PWideChar;
  end;
  LPWIN_TRUST_SUBJECT_FILE_AND_DISPLAY      =  ^WIN_TRUST_SUBJECT_FILE_AND_DISPLAY;

// Other subject types:                                            /
const
  WIN_TRUST_SUBJTYPE_OLE_STORAGE:  TGUID =  '{c257e740-8da0-11cf-8736-00aa00a485eb}';

// Actions:
const
  WIN_SPUB_ACTION_TRUSTED_PUBLISHER:  TGUID =  '{66426730-8da1-11cf-8736-00aa00a485eb}';
  TrustedPublisher:                   TGUID =  '{66426730-8da1-11cf-8736-00aa00a485eb}';
  WIN_SPUB_ACTION_NT_ACTIVATE_IMAGE:  TGUID =  '{8bc96b00-8da1-11cf-8736-00aa00a485eb}';
  NtActivateImage:                    TGUID =  '{8bc96b00-8da1-11cf-8736-00aa00a485eb}';
  WIN_SPUB_ACTION_PUBLISHED_SOFTWARE: TGUID =  '{64b9d180-8da2-11cf-8736-00aa00a485eb}';
  PublishedSoftware:                  TGUID =  '{64b9d180-8da2-11cf-8736-00aa00a485eb}';
  // From MSDN Example
  WIN_SPUB_ACTION_PUBLISHED_SOFTWARE_NOBADUI:  TGUID = '{c6b2e8d0-e005-11cf-a134-00c04fd7bf43}';
  PublishedSoftwareNoBadUI:           TGUID =  '{c6b2e8d0-e005-11cf-a134-00c04fd7bf43}';

// Data Structures:
//
// WIN_SPUB_ACTION_TRUSTED_PUBLISHER:
//
//      Uses WIN_SPUB_TRUSTED_PUBLISHER_DATA
//
// WIN_SPUB_ACTION_NT_ACTIVATE_IMAGE:
//
//      Uses WIN_TRUST_ACTDATA_CONTEXT_WITH_SUBJECT
//
// WIN_SPUB_ACTION_PUBLISHED_SOFTWARE:
//
//      Uses WIN_TRUST_ACTDATA_CONTEXT_WITH_SUBJECT
type
  WIN_SPUB_TRUSTED_PUBLISHER_DATA           =  packed record
     hClientToken:           THandle;
     lpCertificate:          LPWIN_CERTIFICATE;
  end;
  LPWIN_SPUB_TRUSTED_PUBLISHER_DATA         =  ^WIN_SPUB_TRUSTED_PUBLISHER_DATA;

// Type definition for subject types used in VerifyTrust
type
  TSubjectType   = (stRaw, stPEFile, stJava, stCabinet);

// The verification routine
function  VerifyTrust(szFile: String; SubjectType: TSubjectType; UIOnBadVerify: Boolean): Integer;

implementation

var
  hWinTrust:           THandle;
  gdwError:            Integer;

function VerifyTrust(szFile: String; SubjectType: TSubjectType; UIOnBadVerify: Boolean): Integer;
var  pwvt:             TWinVerifyTrust;
     pwFile:           PWideChar;
     ActionGuid:       TGUID;
     ActionData:       WIN_TRUST_ACTDATA_CONTEXT_WITH_SUBJECT;
     Subject:          WIN_TRUST_SUBJECT_FILE;
     SubjectRaw:       TGUID;
     SubjectPeImage:   TGUID;
     SubjectJava:      TGUID;
     SubjectCAB:       TGUID;
begin

  // Library should be loaded
  if (hWinTrust = 0) then
  begin
     result:=gdwError;
     exit;
  end;

  // Get the address for WinVerifyTrust
  @pwvt:=GetProcAddress(hWinTrust, 'WinVerifyTrust');
  if (@pwvt = nil) then
  begin
     result:=GetLastError;
     exit;
  end;

  // Set subject variables
  SubjectRaw:=WIN_TRUST_SUBJTYPE_RAW_FILE;
  SubjectPeImage:=WIN_TRUST_SUBJTYPE_PE_IMAGE;
  SubjectJava:=WIN_TRUST_SUBJTYPE_JAVA_CLASS;
  SubjectCAB:=WIN_TRUST_SUBJTYPE_CABINET;

  // Convert the file name to pwidechar
  GetMem(pwFile, 1024);
  StringToWideChar(szFile, pwFile, 1024);

  // Determine the action
  if not(UIOnBadVerify) then
     ActionGUID:=PublishedSoftware
  else
     ActionGUID:=PublishedSoftwareNoBadUI;

  // Fill in the subject structure
  Subject.hFile:=INVALID_HANDLE_VALUE;
  Subject.lpPath:=pwFile;

  // Fill in the action data structure
  ActionData.Subject:=@Subject;
  ActionData.hClientToken:=0;
  case SubjectType of
     stRaw    :  ActionData.SubjectType:=@SubjectRaw;
     stPEFile :  ActionData.SubjectType:=@SubjectPeImage;
     stJava   :  ActionData.SubjectType:=@SubjectJava;
     stCabinet:  ActionData.SubjectType:=@SubjectCAB;
  else
     ActionData.SubjectType:=@SubjectPeImage;
  end;

  // Call WinVerifyTrust function
  result:=pwvt(0, @ActionGUID, @ActionData);

  // Cleanup allocated memory
  FreeMem(pwFile);

end;

initialization

  hWinTrust:=LoadLibrary(WINTRUST_LIB);
  gdwError:=GetLastError;

finalization

  if (hWinTrust <> 0) then FreeLibrary(hWinTrust);

end.
0
 

Expert Comment

by:mwanzi
Comment Utility
Now suppose that you were on a network that did not allow outbound connections to crl.verisign.com and crl.thawte.com, i'm looking to setup a page that can respond to the request, so that my app doesn't hang.  As anyone run into this situation before?

DK
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

In this tutorial I will show you how to use the Windows Speech API in Delphi. I will only cover basic functions such as text to speech and controlling the speed of the speech. SAPI Installation First you need to install the SAPI type library, th…
In my programming career I have only very rarely run into situations where operator overloading would be of any use in my work.  Normally those situations involved math with either overly large numbers (hundreds of thousands of digits or accuracy re…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now