tags:

views:

222

answers:

0
Q: 

WinVerifyTrust API problem

I'm using WinVerifyTrust API in windows XP and I don't want any kind of user interaction. But when I set the WTD_UI_NONE attribute, although it doesn't show any dialog boxes, but it waits for a long time on the files that in fact wanted user interaction (I mean files which without mentioning the NO UI it will ask the user for that file).

This is my code:

    WINTRUST_FILE_INFO FileData;
memset(&FileData, 0, sizeof(FileData));
FileData.cbStruct = sizeof(WINTRUST_FILE_INFO);
wchar_t fileName[32769];
FileData.pcwszFilePath = fileName;
FileData.hFile = NULL;
FileData.pgKnownSubject = NULL;

/*
WVTPolicyGUID specifies the policy to apply on the file
WINTRUST_ACTION_GENERIC_VERIFY_V2 policy checks:

1) The certificate used to sign the file chains up to a root 
certificate located in the trusted root certificate store. This 
implies that the identity of the publisher has been verified by 
a certification authority.

2) In cases where user interface is displayed (which this example
does not do), WinVerifyTrust will check for whether the  
end entity certificate is stored in the trusted publisher store,  
implying that the user trusts content from this publisher.

3) The end entity certificate has sufficient permission to sign 
code, as indicated by the presence of a code signing EKU or no 
EKU.
*/

GUID WVTPolicyGUID = WINTRUST_ACTION_GENERIC_VERIFY_V2;
WINTRUST_DATA WinTrustData;

// Initialize the WinVerifyTrust input data structure.

// Default all fields to 0.
memset(&WinTrustData, 0, sizeof(WinTrustData));

WinTrustData.cbStruct = sizeof(WinTrustData);

// Use default code signing EKU.
WinTrustData.pPolicyCallbackData = NULL;

// No data to pass to SIP.
WinTrustData.pSIPClientData = NULL;

// Disable WVT UI.
WinTrustData.dwUIChoice = WTD_UI_NONE;

// No revocation checking.
WinTrustData.fdwRevocationChecks = WTD_REVOKE_NONE; 

// Verify an embedded signature on a file.
WinTrustData.dwUnionChoice = WTD_CHOICE_FILE;

// Default verification.
WinTrustData.dwStateAction = 0;

// Not applicable for default verification of embedded signature.
WinTrustData.hWVTStateData = NULL;

// Not used.
WinTrustData.pwszURLReference = NULL;

// Default.
WinTrustData.dwProvFlags = WTD_REVOCATION_CHECK_END_CERT;

// This is not applicable if there is no UI because it changes 
// the UI to accommodate running applications instead of 
// installing applications.
WinTrustData.dwUIContext = 0;

// Set pFile.
WinTrustData.pFile = &FileData;

// WinVerifyTrust verifies signatures as specified by the GUID 
// and Wintrust_Data.
lStatus = WinVerifyTrust(
    (HWND)INVALID_HANDLE_VALUE,
    &WVTPolicyGUID,
    &WinTrustData);
printf("%x\n", lStatus);

related questions

any good tool for makefile generation?
How do you pass a function as a parameter in C?
Where should a veteran C programmer start in order to master Java ?
Any good book on best practice and guidelines in developing a SDK in C?
How do you determine the size of a file in C?
Decoding printf statements in C (Printf Primer)
Shift operator in C
How to avoid redefining VERSION, PACKAGE, etc.
Alpha blending sprites in Nintendo DS Homebrew
When should I use type abstraction in embedded systems
How to implement continuations?
What are the barriers to understanding pointers and what can be done to overcome them?
Anyone have experience creating a shared library in MATLAB?
String.indexOf function in C
Passing multidimensional arrays as function arguments in C
C/C++ library for reading MIDI signals from a USB MIDI device
Choosing a static code analysis tool
How do you printf an unsigned long long int?
Good STL-like library for C.
Rockbox audio format
Why am I getting a malloc: double free error with realloc()?
Should I learn C?
GTK implementation of MessageBox
Is gettimeofday() guaranteed to be of microsecond resolution?
How to use the C socket API in C++ on z/OS