Solved

WinVerifyTrust() code sample

Posted on 2002-07-01
2
2,500 Views
Last Modified: 2011-09-20
I want to check if a file is digital signed. That's why I need a WinVerifyTrust() code sample for Delphi. (I have Delphi 4.0.)
Thank you!
0
Comment
Question by:Kann
2 Comments
 
LVL 26

Accepted Solution

by:
Russell Libby earned 400 total points
ID: 7123264
Kann,

The wintrust.pas file is a conversion from the C winbase.h source code, and the VerifyTrust function was ripped off from an MSDN C code example. What you need to do is create a seperate unit called wintrust.pas, then copy the code below into it. Then in your project, place "wintrust" in the uses clause. The verification routine is defined as

function  VerifyTrust(szFile: String; SubjectType: TSubjectType; UIOnBadVerify: Boolean): Integer;

The TSubjectType is defined as
TSubjectType   = (stRaw, stPEFile, stJava, stCabinet)

So, calling it is as simple as

var
 ret:   Integer;

 ret:=VerifyTrust('c:\yourfile.exe', stPEFile, False);
 if (ret = 0) then
 begin
   ...
   // Do whatever. Zero (S_OK) indicates sucess
   ...
 end;

Hope this helps
Russell

Code to copy
----------------------------------------------------------
unit wintrust;

interface

uses
  Windows;

// WINTRUST.DLL library
const
  WINTRUST_LIB                        =  'WINTRUST.DLL';

// Windows Certificate
type
  WIN_CERTIFICATE                           =  packed record
     dwLength:            DWORD;
     wRevision:           WORD;
     wCertificateType:    WORD;
     bCertificate:        Array [0..0] of Byte;
  end;
  LPWIN_CERTIFICATE                         =  ^WIN_CERTIFICATE;

// Not sure if defined in <= Delphi 5
type
  PGUID                   =  ^TGUID;

// Type defs for API calls
type
  TWinVerifyTrust         =  function(hwnd: THandle; ActionID: PGUID; ActionData: Pointer): HResult; stdcall;
  TWinLoadTrustProvider   =  function(ActionID: PGUID): BOOL; stdcall;

// Data type commonly used in ActionData structures
type
  WIN_TRUST_SUBJECT       =  Pointer;

// Two commonly used ActionData structures
type
  WIN_TRUST_ACTDATA_CONTEXT_WITH_SUBJECT    =  packed record
     hClientToken:     THandle;
     SubjectType:      PGUID;
     Subject:          WIN_TRUST_SUBJECT;
  end;
  LPWIN_TRUST_ACTDATA_CONTEXT_WITH_SUBJECT  =  ^WIN_TRUST_ACTDATA_CONTEXT_WITH_SUBJECT;

  WIN_TRUST_ACTDATA_SUBJECT_ONLY            =  packed record
     SubjectType:      PGUID;
     Subject:          WIN_TRUST_SUBJECT;
  end;
  LPWIN_TRUST_ACTDATA_SUBJECT_ONLY          =  ^WIN_TRUST_ACTDATA_SUBJECT_ONLY;

// Currently defined Subject Type Identifiers.  All of the below
// use the WIN_TRUST_SUBJECT_FILE subject form, defined below.
const
  WIN_TRUST_SUBJTYPE_RAW_FILE:     TGUID =  '{959dc450-8d9e-11cf-8736-00aa00a485eb}';
  WIN_TRUST_SUBJTYPE_PE_IMAGE:     TGUID =  '{43c9a1e0-8da0-11cf-8736-00aa00a485eb}';
  WIN_TRUST_SUBJTYPE_JAVA_CLASS:   TGUID =  '{08ad3990-8da1-11cf-8736-00aa00a485eb}';
  WIN_TRUST_SUBJTYPE_CABINET:      TGUID =  '{d17c5374-a392-11cf-9df5-00aa00c184e0}';

// Associated Subject Data Structure:
type
  WIN_TRUST_SUBJECT_FILE                    =  packed record
     hFile:            THandle;
     lpPath:           PWideChar;
  end;
  LPWIN_TRUST_SUBJECT_FILE                  =  ^WIN_TRUST_SUBJECT_FILE;

// The following subject types use the
// WIN_TRUST_SUBJECT_FILE_AND_DISPLAY subject type, defined
// below.
const
  WIN_TRUST_SUBJTYPE_RAW_FILEEX:   TGUID =  '{6f458110-c2f1-11cf-8a69-00aa006c3706}';
  WIN_TRUST_SUBJTYPE_PE_IMAGEEX:   TGUID =  '{6f458111-c2f1-11cf-8a69-00aa006c3706}';
  WIN_TRUST_SUBJTYPE_JAVA_CLASSEX: TGUID =  '{6f458113-c2f1-11cf-8a69-00aa006c3706}';
  WIN_TRUST_SUBJTYPE_CABINETEX:    TGUID =  '{6f458114-c2f1-11cf-8a69-00aa006c3706}';

// Associated Subject Data Structure:
type
  WIN_TRUST_SUBJECT_FILE_AND_DISPLAY        =  packed record
     hFile:            THandle;
     lpPath:           PWideChar;
     lpDisplayName:    PWideChar;
  end;
  LPWIN_TRUST_SUBJECT_FILE_AND_DISPLAY      =  ^WIN_TRUST_SUBJECT_FILE_AND_DISPLAY;

// Other subject types:                                            /
const
  WIN_TRUST_SUBJTYPE_OLE_STORAGE:  TGUID =  '{c257e740-8da0-11cf-8736-00aa00a485eb}';

// Actions:
const
  WIN_SPUB_ACTION_TRUSTED_PUBLISHER:  TGUID =  '{66426730-8da1-11cf-8736-00aa00a485eb}';
  TrustedPublisher:                   TGUID =  '{66426730-8da1-11cf-8736-00aa00a485eb}';
  WIN_SPUB_ACTION_NT_ACTIVATE_IMAGE:  TGUID =  '{8bc96b00-8da1-11cf-8736-00aa00a485eb}';
  NtActivateImage:                    TGUID =  '{8bc96b00-8da1-11cf-8736-00aa00a485eb}';
  WIN_SPUB_ACTION_PUBLISHED_SOFTWARE: TGUID =  '{64b9d180-8da2-11cf-8736-00aa00a485eb}';
  PublishedSoftware:                  TGUID =  '{64b9d180-8da2-11cf-8736-00aa00a485eb}';
  // From MSDN Example
  WIN_SPUB_ACTION_PUBLISHED_SOFTWARE_NOBADUI:  TGUID = '{c6b2e8d0-e005-11cf-a134-00c04fd7bf43}';
  PublishedSoftwareNoBadUI:           TGUID =  '{c6b2e8d0-e005-11cf-a134-00c04fd7bf43}';

// Data Structures:
//
// WIN_SPUB_ACTION_TRUSTED_PUBLISHER:
//
//      Uses WIN_SPUB_TRUSTED_PUBLISHER_DATA
//
// WIN_SPUB_ACTION_NT_ACTIVATE_IMAGE:
//
//      Uses WIN_TRUST_ACTDATA_CONTEXT_WITH_SUBJECT
//
// WIN_SPUB_ACTION_PUBLISHED_SOFTWARE:
//
//      Uses WIN_TRUST_ACTDATA_CONTEXT_WITH_SUBJECT
type
  WIN_SPUB_TRUSTED_PUBLISHER_DATA           =  packed record
     hClientToken:           THandle;
     lpCertificate:          LPWIN_CERTIFICATE;
  end;
  LPWIN_SPUB_TRUSTED_PUBLISHER_DATA         =  ^WIN_SPUB_TRUSTED_PUBLISHER_DATA;

// Type definition for subject types used in VerifyTrust
type
  TSubjectType   = (stRaw, stPEFile, stJava, stCabinet);

// The verification routine
function  VerifyTrust(szFile: String; SubjectType: TSubjectType; UIOnBadVerify: Boolean): Integer;

implementation

var
  hWinTrust:           THandle;
  gdwError:            Integer;

function VerifyTrust(szFile: String; SubjectType: TSubjectType; UIOnBadVerify: Boolean): Integer;
var  pwvt:             TWinVerifyTrust;
     pwFile:           PWideChar;
     ActionGuid:       TGUID;
     ActionData:       WIN_TRUST_ACTDATA_CONTEXT_WITH_SUBJECT;
     Subject:          WIN_TRUST_SUBJECT_FILE;
     SubjectRaw:       TGUID;
     SubjectPeImage:   TGUID;
     SubjectJava:      TGUID;
     SubjectCAB:       TGUID;
begin

  // Library should be loaded
  if (hWinTrust = 0) then
  begin
     result:=gdwError;
     exit;
  end;

  // Get the address for WinVerifyTrust
  @pwvt:=GetProcAddress(hWinTrust, 'WinVerifyTrust');
  if (@pwvt = nil) then
  begin
     result:=GetLastError;
     exit;
  end;

  // Set subject variables
  SubjectRaw:=WIN_TRUST_SUBJTYPE_RAW_FILE;
  SubjectPeImage:=WIN_TRUST_SUBJTYPE_PE_IMAGE;
  SubjectJava:=WIN_TRUST_SUBJTYPE_JAVA_CLASS;
  SubjectCAB:=WIN_TRUST_SUBJTYPE_CABINET;

  // Convert the file name to pwidechar
  GetMem(pwFile, 1024);
  StringToWideChar(szFile, pwFile, 1024);

  // Determine the action
  if not(UIOnBadVerify) then
     ActionGUID:=PublishedSoftware
  else
     ActionGUID:=PublishedSoftwareNoBadUI;

  // Fill in the subject structure
  Subject.hFile:=INVALID_HANDLE_VALUE;
  Subject.lpPath:=pwFile;

  // Fill in the action data structure
  ActionData.Subject:=@Subject;
  ActionData.hClientToken:=0;
  case SubjectType of
     stRaw    :  ActionData.SubjectType:=@SubjectRaw;
     stPEFile :  ActionData.SubjectType:=@SubjectPeImage;
     stJava   :  ActionData.SubjectType:=@SubjectJava;
     stCabinet:  ActionData.SubjectType:=@SubjectCAB;
  else
     ActionData.SubjectType:=@SubjectPeImage;
  end;

  // Call WinVerifyTrust function
  result:=pwvt(0, @ActionGUID, @ActionData);

  // Cleanup allocated memory
  FreeMem(pwFile);

end;

initialization

  hWinTrust:=LoadLibrary(WINTRUST_LIB);
  gdwError:=GetLastError;

finalization

  if (hWinTrust <> 0) then FreeLibrary(hWinTrust);

end.
0
 

Expert Comment

by:mwanzi
ID: 14575185
Now suppose that you were on a network that did not allow outbound connections to crl.verisign.com and crl.thawte.com, i'm looking to setup a page that can respond to the request, so that my app doesn't hang.  As anyone run into this situation before?

DK
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Working with hours 3 65
Adoquery sql  left join does not work 25 99
Dev express lookupcombo 3 35
Delphi: barcode reading on android platform 1 52
Hello everybody This Article will show you how to validate number with TEdit control, What's the TEdit control? TEdit is a standard Windows edit control on a form, it allows to user to write, read and copy/paste single line of text. Usua…
Introduction Raise your hands if you were as upset with FireMonkey as I was when I discovered that there was no TListview.  I use TListView in almost all of my applications I've written, and I was not going to compromise by resorting to TStringGrid…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question