?
Solved

WinVerifyTrust() code sample

Posted on 2002-07-01
2
Medium Priority
?
2,591 Views
Last Modified: 2011-09-20
I want to check if a file is digital signed. That's why I need a WinVerifyTrust() code sample for Delphi. (I have Delphi 4.0.)
Thank you!
0
Comment
Question by:Kann
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 26

Accepted Solution

by:
Russell Libby earned 1600 total points
ID: 7123264
Kann,

The wintrust.pas file is a conversion from the C winbase.h source code, and the VerifyTrust function was ripped off from an MSDN C code example. What you need to do is create a seperate unit called wintrust.pas, then copy the code below into it. Then in your project, place "wintrust" in the uses clause. The verification routine is defined as

function  VerifyTrust(szFile: String; SubjectType: TSubjectType; UIOnBadVerify: Boolean): Integer;

The TSubjectType is defined as
TSubjectType   = (stRaw, stPEFile, stJava, stCabinet)

So, calling it is as simple as

var
 ret:   Integer;

 ret:=VerifyTrust('c:\yourfile.exe', stPEFile, False);
 if (ret = 0) then
 begin
   ...
   // Do whatever. Zero (S_OK) indicates sucess
   ...
 end;

Hope this helps
Russell

Code to copy
----------------------------------------------------------
unit wintrust;

interface

uses
  Windows;

// WINTRUST.DLL library
const
  WINTRUST_LIB                        =  'WINTRUST.DLL';

// Windows Certificate
type
  WIN_CERTIFICATE                           =  packed record
     dwLength:            DWORD;
     wRevision:           WORD;
     wCertificateType:    WORD;
     bCertificate:        Array [0..0] of Byte;
  end;
  LPWIN_CERTIFICATE                         =  ^WIN_CERTIFICATE;

// Not sure if defined in <= Delphi 5
type
  PGUID                   =  ^TGUID;

// Type defs for API calls
type
  TWinVerifyTrust         =  function(hwnd: THandle; ActionID: PGUID; ActionData: Pointer): HResult; stdcall;
  TWinLoadTrustProvider   =  function(ActionID: PGUID): BOOL; stdcall;

// Data type commonly used in ActionData structures
type
  WIN_TRUST_SUBJECT       =  Pointer;

// Two commonly used ActionData structures
type
  WIN_TRUST_ACTDATA_CONTEXT_WITH_SUBJECT    =  packed record
     hClientToken:     THandle;
     SubjectType:      PGUID;
     Subject:          WIN_TRUST_SUBJECT;
  end;
  LPWIN_TRUST_ACTDATA_CONTEXT_WITH_SUBJECT  =  ^WIN_TRUST_ACTDATA_CONTEXT_WITH_SUBJECT;

  WIN_TRUST_ACTDATA_SUBJECT_ONLY            =  packed record
     SubjectType:      PGUID;
     Subject:          WIN_TRUST_SUBJECT;
  end;
  LPWIN_TRUST_ACTDATA_SUBJECT_ONLY          =  ^WIN_TRUST_ACTDATA_SUBJECT_ONLY;

// Currently defined Subject Type Identifiers.  All of the below
// use the WIN_TRUST_SUBJECT_FILE subject form, defined below.
const
  WIN_TRUST_SUBJTYPE_RAW_FILE:     TGUID =  '{959dc450-8d9e-11cf-8736-00aa00a485eb}';
  WIN_TRUST_SUBJTYPE_PE_IMAGE:     TGUID =  '{43c9a1e0-8da0-11cf-8736-00aa00a485eb}';
  WIN_TRUST_SUBJTYPE_JAVA_CLASS:   TGUID =  '{08ad3990-8da1-11cf-8736-00aa00a485eb}';
  WIN_TRUST_SUBJTYPE_CABINET:      TGUID =  '{d17c5374-a392-11cf-9df5-00aa00c184e0}';

// Associated Subject Data Structure:
type
  WIN_TRUST_SUBJECT_FILE                    =  packed record
     hFile:            THandle;
     lpPath:           PWideChar;
  end;
  LPWIN_TRUST_SUBJECT_FILE                  =  ^WIN_TRUST_SUBJECT_FILE;

// The following subject types use the
// WIN_TRUST_SUBJECT_FILE_AND_DISPLAY subject type, defined
// below.
const
  WIN_TRUST_SUBJTYPE_RAW_FILEEX:   TGUID =  '{6f458110-c2f1-11cf-8a69-00aa006c3706}';
  WIN_TRUST_SUBJTYPE_PE_IMAGEEX:   TGUID =  '{6f458111-c2f1-11cf-8a69-00aa006c3706}';
  WIN_TRUST_SUBJTYPE_JAVA_CLASSEX: TGUID =  '{6f458113-c2f1-11cf-8a69-00aa006c3706}';
  WIN_TRUST_SUBJTYPE_CABINETEX:    TGUID =  '{6f458114-c2f1-11cf-8a69-00aa006c3706}';

// Associated Subject Data Structure:
type
  WIN_TRUST_SUBJECT_FILE_AND_DISPLAY        =  packed record
     hFile:            THandle;
     lpPath:           PWideChar;
     lpDisplayName:    PWideChar;
  end;
  LPWIN_TRUST_SUBJECT_FILE_AND_DISPLAY      =  ^WIN_TRUST_SUBJECT_FILE_AND_DISPLAY;

// Other subject types:                                            /
const
  WIN_TRUST_SUBJTYPE_OLE_STORAGE:  TGUID =  '{c257e740-8da0-11cf-8736-00aa00a485eb}';

// Actions:
const
  WIN_SPUB_ACTION_TRUSTED_PUBLISHER:  TGUID =  '{66426730-8da1-11cf-8736-00aa00a485eb}';
  TrustedPublisher:                   TGUID =  '{66426730-8da1-11cf-8736-00aa00a485eb}';
  WIN_SPUB_ACTION_NT_ACTIVATE_IMAGE:  TGUID =  '{8bc96b00-8da1-11cf-8736-00aa00a485eb}';
  NtActivateImage:                    TGUID =  '{8bc96b00-8da1-11cf-8736-00aa00a485eb}';
  WIN_SPUB_ACTION_PUBLISHED_SOFTWARE: TGUID =  '{64b9d180-8da2-11cf-8736-00aa00a485eb}';
  PublishedSoftware:                  TGUID =  '{64b9d180-8da2-11cf-8736-00aa00a485eb}';
  // From MSDN Example
  WIN_SPUB_ACTION_PUBLISHED_SOFTWARE_NOBADUI:  TGUID = '{c6b2e8d0-e005-11cf-a134-00c04fd7bf43}';
  PublishedSoftwareNoBadUI:           TGUID =  '{c6b2e8d0-e005-11cf-a134-00c04fd7bf43}';

// Data Structures:
//
// WIN_SPUB_ACTION_TRUSTED_PUBLISHER:
//
//      Uses WIN_SPUB_TRUSTED_PUBLISHER_DATA
//
// WIN_SPUB_ACTION_NT_ACTIVATE_IMAGE:
//
//      Uses WIN_TRUST_ACTDATA_CONTEXT_WITH_SUBJECT
//
// WIN_SPUB_ACTION_PUBLISHED_SOFTWARE:
//
//      Uses WIN_TRUST_ACTDATA_CONTEXT_WITH_SUBJECT
type
  WIN_SPUB_TRUSTED_PUBLISHER_DATA           =  packed record
     hClientToken:           THandle;
     lpCertificate:          LPWIN_CERTIFICATE;
  end;
  LPWIN_SPUB_TRUSTED_PUBLISHER_DATA         =  ^WIN_SPUB_TRUSTED_PUBLISHER_DATA;

// Type definition for subject types used in VerifyTrust
type
  TSubjectType   = (stRaw, stPEFile, stJava, stCabinet);

// The verification routine
function  VerifyTrust(szFile: String; SubjectType: TSubjectType; UIOnBadVerify: Boolean): Integer;

implementation

var
  hWinTrust:           THandle;
  gdwError:            Integer;

function VerifyTrust(szFile: String; SubjectType: TSubjectType; UIOnBadVerify: Boolean): Integer;
var  pwvt:             TWinVerifyTrust;
     pwFile:           PWideChar;
     ActionGuid:       TGUID;
     ActionData:       WIN_TRUST_ACTDATA_CONTEXT_WITH_SUBJECT;
     Subject:          WIN_TRUST_SUBJECT_FILE;
     SubjectRaw:       TGUID;
     SubjectPeImage:   TGUID;
     SubjectJava:      TGUID;
     SubjectCAB:       TGUID;
begin

  // Library should be loaded
  if (hWinTrust = 0) then
  begin
     result:=gdwError;
     exit;
  end;

  // Get the address for WinVerifyTrust
  @pwvt:=GetProcAddress(hWinTrust, 'WinVerifyTrust');
  if (@pwvt = nil) then
  begin
     result:=GetLastError;
     exit;
  end;

  // Set subject variables
  SubjectRaw:=WIN_TRUST_SUBJTYPE_RAW_FILE;
  SubjectPeImage:=WIN_TRUST_SUBJTYPE_PE_IMAGE;
  SubjectJava:=WIN_TRUST_SUBJTYPE_JAVA_CLASS;
  SubjectCAB:=WIN_TRUST_SUBJTYPE_CABINET;

  // Convert the file name to pwidechar
  GetMem(pwFile, 1024);
  StringToWideChar(szFile, pwFile, 1024);

  // Determine the action
  if not(UIOnBadVerify) then
     ActionGUID:=PublishedSoftware
  else
     ActionGUID:=PublishedSoftwareNoBadUI;

  // Fill in the subject structure
  Subject.hFile:=INVALID_HANDLE_VALUE;
  Subject.lpPath:=pwFile;

  // Fill in the action data structure
  ActionData.Subject:=@Subject;
  ActionData.hClientToken:=0;
  case SubjectType of
     stRaw    :  ActionData.SubjectType:=@SubjectRaw;
     stPEFile :  ActionData.SubjectType:=@SubjectPeImage;
     stJava   :  ActionData.SubjectType:=@SubjectJava;
     stCabinet:  ActionData.SubjectType:=@SubjectCAB;
  else
     ActionData.SubjectType:=@SubjectPeImage;
  end;

  // Call WinVerifyTrust function
  result:=pwvt(0, @ActionGUID, @ActionData);

  // Cleanup allocated memory
  FreeMem(pwFile);

end;

initialization

  hWinTrust:=LoadLibrary(WINTRUST_LIB);
  gdwError:=GetLastError;

finalization

  if (hWinTrust <> 0) then FreeLibrary(hWinTrust);

end.
0
 

Expert Comment

by:mwanzi
ID: 14575185
Now suppose that you were on a network that did not allow outbound connections to crl.verisign.com and crl.thawte.com, i'm looking to setup a page that can respond to the request, so that my app doesn't hang.  As anyone run into this situation before?

DK
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A lot of questions regard threads in Delphi.   One of the more specific questions is how to show progress of the thread.   Updating a progressbar from inside a thread is a mistake. A solution to this would be to send a synchronized message to the…
This article explains how to create forms/units independent of other forms/units object names in a delphi project. Have you ever created a form for user input in a Delphi project and then had the need to have that same form in a other Delphi proj…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Suggested Courses
Course of the Month13 days, 8 hours left to enroll

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question