Solved

WinVerifyTrust() code sample

Posted on 2002-07-01
2
2,531 Views
Last Modified: 2011-09-20
I want to check if a file is digital signed. That's why I need a WinVerifyTrust() code sample for Delphi. (I have Delphi 4.0.)
Thank you!
0
Comment
Question by:Kann
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 26

Accepted Solution

by:
Russell Libby earned 400 total points
ID: 7123264
Kann,

The wintrust.pas file is a conversion from the C winbase.h source code, and the VerifyTrust function was ripped off from an MSDN C code example. What you need to do is create a seperate unit called wintrust.pas, then copy the code below into it. Then in your project, place "wintrust" in the uses clause. The verification routine is defined as

function  VerifyTrust(szFile: String; SubjectType: TSubjectType; UIOnBadVerify: Boolean): Integer;

The TSubjectType is defined as
TSubjectType   = (stRaw, stPEFile, stJava, stCabinet)

So, calling it is as simple as

var
 ret:   Integer;

 ret:=VerifyTrust('c:\yourfile.exe', stPEFile, False);
 if (ret = 0) then
 begin
   ...
   // Do whatever. Zero (S_OK) indicates sucess
   ...
 end;

Hope this helps
Russell

Code to copy
----------------------------------------------------------
unit wintrust;

interface

uses
  Windows;

// WINTRUST.DLL library
const
  WINTRUST_LIB                        =  'WINTRUST.DLL';

// Windows Certificate
type
  WIN_CERTIFICATE                           =  packed record
     dwLength:            DWORD;
     wRevision:           WORD;
     wCertificateType:    WORD;
     bCertificate:        Array [0..0] of Byte;
  end;
  LPWIN_CERTIFICATE                         =  ^WIN_CERTIFICATE;

// Not sure if defined in <= Delphi 5
type
  PGUID                   =  ^TGUID;

// Type defs for API calls
type
  TWinVerifyTrust         =  function(hwnd: THandle; ActionID: PGUID; ActionData: Pointer): HResult; stdcall;
  TWinLoadTrustProvider   =  function(ActionID: PGUID): BOOL; stdcall;

// Data type commonly used in ActionData structures
type
  WIN_TRUST_SUBJECT       =  Pointer;

// Two commonly used ActionData structures
type
  WIN_TRUST_ACTDATA_CONTEXT_WITH_SUBJECT    =  packed record
     hClientToken:     THandle;
     SubjectType:      PGUID;
     Subject:          WIN_TRUST_SUBJECT;
  end;
  LPWIN_TRUST_ACTDATA_CONTEXT_WITH_SUBJECT  =  ^WIN_TRUST_ACTDATA_CONTEXT_WITH_SUBJECT;

  WIN_TRUST_ACTDATA_SUBJECT_ONLY            =  packed record
     SubjectType:      PGUID;
     Subject:          WIN_TRUST_SUBJECT;
  end;
  LPWIN_TRUST_ACTDATA_SUBJECT_ONLY          =  ^WIN_TRUST_ACTDATA_SUBJECT_ONLY;

// Currently defined Subject Type Identifiers.  All of the below
// use the WIN_TRUST_SUBJECT_FILE subject form, defined below.
const
  WIN_TRUST_SUBJTYPE_RAW_FILE:     TGUID =  '{959dc450-8d9e-11cf-8736-00aa00a485eb}';
  WIN_TRUST_SUBJTYPE_PE_IMAGE:     TGUID =  '{43c9a1e0-8da0-11cf-8736-00aa00a485eb}';
  WIN_TRUST_SUBJTYPE_JAVA_CLASS:   TGUID =  '{08ad3990-8da1-11cf-8736-00aa00a485eb}';
  WIN_TRUST_SUBJTYPE_CABINET:      TGUID =  '{d17c5374-a392-11cf-9df5-00aa00c184e0}';

// Associated Subject Data Structure:
type
  WIN_TRUST_SUBJECT_FILE                    =  packed record
     hFile:            THandle;
     lpPath:           PWideChar;
  end;
  LPWIN_TRUST_SUBJECT_FILE                  =  ^WIN_TRUST_SUBJECT_FILE;

// The following subject types use the
// WIN_TRUST_SUBJECT_FILE_AND_DISPLAY subject type, defined
// below.
const
  WIN_TRUST_SUBJTYPE_RAW_FILEEX:   TGUID =  '{6f458110-c2f1-11cf-8a69-00aa006c3706}';
  WIN_TRUST_SUBJTYPE_PE_IMAGEEX:   TGUID =  '{6f458111-c2f1-11cf-8a69-00aa006c3706}';
  WIN_TRUST_SUBJTYPE_JAVA_CLASSEX: TGUID =  '{6f458113-c2f1-11cf-8a69-00aa006c3706}';
  WIN_TRUST_SUBJTYPE_CABINETEX:    TGUID =  '{6f458114-c2f1-11cf-8a69-00aa006c3706}';

// Associated Subject Data Structure:
type
  WIN_TRUST_SUBJECT_FILE_AND_DISPLAY        =  packed record
     hFile:            THandle;
     lpPath:           PWideChar;
     lpDisplayName:    PWideChar;
  end;
  LPWIN_TRUST_SUBJECT_FILE_AND_DISPLAY      =  ^WIN_TRUST_SUBJECT_FILE_AND_DISPLAY;

// Other subject types:                                            /
const
  WIN_TRUST_SUBJTYPE_OLE_STORAGE:  TGUID =  '{c257e740-8da0-11cf-8736-00aa00a485eb}';

// Actions:
const
  WIN_SPUB_ACTION_TRUSTED_PUBLISHER:  TGUID =  '{66426730-8da1-11cf-8736-00aa00a485eb}';
  TrustedPublisher:                   TGUID =  '{66426730-8da1-11cf-8736-00aa00a485eb}';
  WIN_SPUB_ACTION_NT_ACTIVATE_IMAGE:  TGUID =  '{8bc96b00-8da1-11cf-8736-00aa00a485eb}';
  NtActivateImage:                    TGUID =  '{8bc96b00-8da1-11cf-8736-00aa00a485eb}';
  WIN_SPUB_ACTION_PUBLISHED_SOFTWARE: TGUID =  '{64b9d180-8da2-11cf-8736-00aa00a485eb}';
  PublishedSoftware:                  TGUID =  '{64b9d180-8da2-11cf-8736-00aa00a485eb}';
  // From MSDN Example
  WIN_SPUB_ACTION_PUBLISHED_SOFTWARE_NOBADUI:  TGUID = '{c6b2e8d0-e005-11cf-a134-00c04fd7bf43}';
  PublishedSoftwareNoBadUI:           TGUID =  '{c6b2e8d0-e005-11cf-a134-00c04fd7bf43}';

// Data Structures:
//
// WIN_SPUB_ACTION_TRUSTED_PUBLISHER:
//
//      Uses WIN_SPUB_TRUSTED_PUBLISHER_DATA
//
// WIN_SPUB_ACTION_NT_ACTIVATE_IMAGE:
//
//      Uses WIN_TRUST_ACTDATA_CONTEXT_WITH_SUBJECT
//
// WIN_SPUB_ACTION_PUBLISHED_SOFTWARE:
//
//      Uses WIN_TRUST_ACTDATA_CONTEXT_WITH_SUBJECT
type
  WIN_SPUB_TRUSTED_PUBLISHER_DATA           =  packed record
     hClientToken:           THandle;
     lpCertificate:          LPWIN_CERTIFICATE;
  end;
  LPWIN_SPUB_TRUSTED_PUBLISHER_DATA         =  ^WIN_SPUB_TRUSTED_PUBLISHER_DATA;

// Type definition for subject types used in VerifyTrust
type
  TSubjectType   = (stRaw, stPEFile, stJava, stCabinet);

// The verification routine
function  VerifyTrust(szFile: String; SubjectType: TSubjectType; UIOnBadVerify: Boolean): Integer;

implementation

var
  hWinTrust:           THandle;
  gdwError:            Integer;

function VerifyTrust(szFile: String; SubjectType: TSubjectType; UIOnBadVerify: Boolean): Integer;
var  pwvt:             TWinVerifyTrust;
     pwFile:           PWideChar;
     ActionGuid:       TGUID;
     ActionData:       WIN_TRUST_ACTDATA_CONTEXT_WITH_SUBJECT;
     Subject:          WIN_TRUST_SUBJECT_FILE;
     SubjectRaw:       TGUID;
     SubjectPeImage:   TGUID;
     SubjectJava:      TGUID;
     SubjectCAB:       TGUID;
begin

  // Library should be loaded
  if (hWinTrust = 0) then
  begin
     result:=gdwError;
     exit;
  end;

  // Get the address for WinVerifyTrust
  @pwvt:=GetProcAddress(hWinTrust, 'WinVerifyTrust');
  if (@pwvt = nil) then
  begin
     result:=GetLastError;
     exit;
  end;

  // Set subject variables
  SubjectRaw:=WIN_TRUST_SUBJTYPE_RAW_FILE;
  SubjectPeImage:=WIN_TRUST_SUBJTYPE_PE_IMAGE;
  SubjectJava:=WIN_TRUST_SUBJTYPE_JAVA_CLASS;
  SubjectCAB:=WIN_TRUST_SUBJTYPE_CABINET;

  // Convert the file name to pwidechar
  GetMem(pwFile, 1024);
  StringToWideChar(szFile, pwFile, 1024);

  // Determine the action
  if not(UIOnBadVerify) then
     ActionGUID:=PublishedSoftware
  else
     ActionGUID:=PublishedSoftwareNoBadUI;

  // Fill in the subject structure
  Subject.hFile:=INVALID_HANDLE_VALUE;
  Subject.lpPath:=pwFile;

  // Fill in the action data structure
  ActionData.Subject:=@Subject;
  ActionData.hClientToken:=0;
  case SubjectType of
     stRaw    :  ActionData.SubjectType:=@SubjectRaw;
     stPEFile :  ActionData.SubjectType:=@SubjectPeImage;
     stJava   :  ActionData.SubjectType:=@SubjectJava;
     stCabinet:  ActionData.SubjectType:=@SubjectCAB;
  else
     ActionData.SubjectType:=@SubjectPeImage;
  end;

  // Call WinVerifyTrust function
  result:=pwvt(0, @ActionGUID, @ActionData);

  // Cleanup allocated memory
  FreeMem(pwFile);

end;

initialization

  hWinTrust:=LoadLibrary(WINTRUST_LIB);
  gdwError:=GetLastError;

finalization

  if (hWinTrust <> 0) then FreeLibrary(hWinTrust);

end.
0
 

Expert Comment

by:mwanzi
ID: 14575185
Now suppose that you were on a network that did not allow outbound connections to crl.verisign.com and crl.thawte.com, i'm looking to setup a page that can respond to the request, so that my app doesn't hang.  As anyone run into this situation before?

DK
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
When I am typing into a TEdit last word repeats 7 172
Printing problem 2 119
Convert GUI app into console app for Win32 Env 5 131
How to build JSON File in Delphi 6 3 85
In this tutorial I will show you how to use the Windows Speech API in Delphi. I will only cover basic functions such as text to speech and controlling the speed of the speech. SAPI Installation First you need to install the SAPI type library, th…
Have you ever had your Delphi form/application just hanging while waiting for data to load? This is the article to read if you want to learn some things about adding threads for data loading in the background. First, I'll setup a general applica…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

742 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question