using System;
using System.Runtime.InteropServices;
using Vanara.Extensions;
using Vanara.InteropServices;
using static Vanara.PInvoke.Crypt32;
using FILETIME = System.Runtime.InteropServices.ComTypes.FILETIME;
namespace Vanara.PInvoke;
/// Functions, structures, constants and interfaces from wintrust.dll.
public static partial class WinTrust
{
/// Wintrust Registry Configuration Definitions
public const string WINTRUST_CONFIG_REGPATH = @"Software\Microsoft\Cryptography\Wintrust\Config";
/// Confidence values.
[PInvokeData("wintrust.h", MSDNShortId = "622e7a72-445a-4820-b236-1c90dad08351")]
[Flags]
public enum CertConfidence
{
/// The signature of the certificate is valid.
CERT_CONFIDENCE_SIG = 0x10000000,
/// The time of the certificate issuer is valid.
CERT_CONFIDENCE_TIME = 0x01000000,
/// The time of the certificate is valid.
CERT_CONFIDENCE_TIMENEST = 0x00100000,
/// The authority ID extension is valid.
CERT_CONFIDENCE_AUTHIDEXT = 0x00010000,
/// At a minimum, the signature of the certificate and authority ID extension are valid.
CERT_CONFIDENCE_HYGIENE = 0x00001000,
/// A combination of all of the other confidence values.
CERT_CONFIDENCE_HIGHEST = 0x11111000,
}
/// Action to perform.
[PInvokeData("wintrust.h", MSDNShortId = "B2ED5489-792F-4B00-A21E-EE1B1462D1C8")]
public enum DWACTION
{
/// Allocate memory and fill the CRYPT_PROVIDER_DEFUSAGE structure pointed to by the psUsage parameter.
DWACTION_ALLOCANDFILL = 1,
///
/// Free all memory allocated during a previous call to this function by specifying DWACTION_ALLOCANDFILL for this parameter.
///
DWACTION_FREE = 2
}
/// Specifies the type of certificate.
[PInvokeData("wintrust.h", MSDNShortId = "AC666871-265B-4D09-B7A6-DEC48D4645FD")]
public enum WIN_CERT_TYPE : ushort
{
/// The bCertificate member contains an X.509 certificate.
WIN_CERT_TYPE_X509 = 0x0001,
/// The bCertificate member contains a PKCS SignedData structure.
WIN_CERT_TYPE_PKCS_SIGNED_DATA = 0x0002,
/// Reserved.
WIN_CERT_TYPE_RESERVED_1 = 0x0003,
/// The bCertificate member contains PKCS1_MODULE_SIGN fields.
WIN_CERT_TYPE_TS_STACK_SIGNED = 0x0004,
}
/// Flags that can be used to refine behavior in .
[PInvokeData("wintrust.h", MSDNShortId = "E0F526B4-AFDE-4481-B49F-EE7467F97A46")]
[Flags]
public enum WSS
{
/// Set this value if you set the dwIndex parameter.
WSS_VERIFY_SPECIFIC = 0x00000001,
/// Set this value to return the number of secondary signatures found in the cSecondarySigs member.
WSS_GET_SECONDARY_SIG_COUNT = 0x00000002,
}
///
/// Identifies the portion of the policy provider that supports cryptographic policy.
///
[PInvokeData("wintrust.h", MSDNShortId = "B362A161-6B92-41B0-AE81-337EB42502D8")]
[Flags]
public enum WSS_SUPPORT : uint
{
///
WSS_OBJTRUST_SUPPORT = 0x00000001,
///
WSS_SIGTRUST_SUPPORT = 0x00000002,
///
WSS_CERTTRUST_SUPPORT = 0x00000004,
}
/// A set of flags that modify the behavior of this function.
[PInvokeData("wintrust.h", MSDNShortId = "5e4dbccd-4cd0-4525-85dc-3327a5b713a1")]
[Flags]
public enum WT_TRUSTDBDIALOG
{
///
WT_TRUSTDBDIALOG_NO_UI_FLAG = 0x00000001,
///
/// Only display the Trusted Publisher tab. By default, all of the user interface tabs are displayed and the Trusted Publisher
/// tab is initially selected.
///
WT_TRUSTDBDIALOG_ONLY_PUB_TAB_FLAG = 0x00000002,
///
WT_TRUSTDBDIALOG_WRITE_LEGACY_REG_FLAG = 0x00000100,
///
WT_TRUSTDBDIALOG_WRITE_IEAK_STORE_FLAG = 0x00000200,
}
/// Specifies the union member to be used and, thus, the type of object for which trust will be verified.
[PInvokeData("wintrust.h", MSDNShortId = "8fb68f44-6f69-4eac-90de-02689e3e86cf")]
public enum WTD_CHOICE
{
/// Use the file pointed to by pFile.
WTD_CHOICE_FILE = 1,
/// Use the catalog pointed to by pCatalog.
WTD_CHOICE_CATALOG = 2,
/// Use the BLOB pointed to by pBlob.
WTD_CHOICE_BLOB = 3,
/// Use the WINTRUST_SGNR_INFO structure pointed to by pSgnr.
WTD_CHOICE_SIGNER = 4,
/// Use the certificate pointed to by pCert.
WTD_CHOICE_CERT = 5,
}
///
/// Certificate revocation check options. This member can be set to add revocation checking to that done by the selected policy provider.
///
[PInvokeData("wintrust.h", MSDNShortId = "8fb68f44-6f69-4eac-90de-02689e3e86cf")]
public enum WTD_REVOKE
{
///
/// No additional revocation checking will be done when the WTD_REVOKE_NONE flag is used in conjunction with the
/// HTTPSPROV_ACTION value set in the pgActionID parameter of the WinVerifyTrust function. To ensure the WinVerifyTrust function
/// does not attempt any network retrieval when verifying code signatures, WTD_CACHE_ONLY_URL_RETRIEVAL must be set in the
/// dwProvFlags parameter.
///
WTD_REVOKE_NONE = 0x00000000,
/// Revocation checking will be done on the whole chain.
WTD_REVOKE_WHOLECHAIN = 0x00000001,
}
/// Specifies the action to be taken.
[PInvokeData("wintrust.h", MSDNShortId = "8fb68f44-6f69-4eac-90de-02689e3e86cf")]
public enum WTD_STATEACTION
{
/// Ignore the hWVTStateData member.
WTD_STATEACTION_IGNORE = 0x00000000,
///
/// Verify the trust of the object (typically a file) that is specified by the dwUnionChoice member. The hWVTStateData member
/// will receive a handle to the state data. This handle must be freed by specifying the WTD_STATEACTION_CLOSE action in a
/// subsequent call.
///
WTD_STATEACTION_VERIFY = 0x00000001,
///
/// Free the hWVTStateData member previously allocated with the WTD_STATEACTION_VERIFY action. This action must be specified for
/// every use of the WTD_STATEACTION_VERIFY action.
///
WTD_STATEACTION_CLOSE = 0x00000002,
///
/// Write the catalog data to a WINTRUST_DATA structure and then cache that structure. This action only applies when the
/// dwUnionChoice member contains WTD_CHOICE_CATALOG.
///
WTD_STATEACTION_AUTO_CACHE = 0x00000003,
/// Flush any cached catalog data. This action only applies when the dwUnionChoice member contains WTD_CHOICE_CATALOG.
WTD_STATEACTION_AUTO_CACHE_FLUSH = 0x00000004,
}
/// DWORD value that specifies trust provider settings.
[PInvokeData("wintrust.h", MSDNShortId = "8fb68f44-6f69-4eac-90de-02689e3e86cf")]
public enum WTD_TRUST
{
/// The trust is verified in the same manner as implemented by Internet Explorer 4.0.
WTD_USE_IE4_TRUST_FLAG = 0x00000001,
/// The Internet Explorer 4.0 chain functionality is not used.
WTD_NO_IE4_CHAIN_FLAG = 0x00000002,
///
/// The default verification of the policy provider, such as code signing for Authenticode, is not performed, and the
/// certificate is assumed valid for all usages.
///
WTD_NO_POLICY_USAGE_FLAG = 0x00000004,
/// Revocation checking is not performed.
WTD_REVOCATION_CHECK_NONE = 0x00000010,
/// Revocation checking is performed on the end certificate only.
WTD_REVOCATION_CHECK_END_CERT = 0x00000020,
/// Revocation checking is performed on the entire certificate chain.
WTD_REVOCATION_CHECK_CHAIN = 0x00000040,
/// Revocation checking is performed on the entire certificate chain, excluding the root certificate.
WTD_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT = 0x00000080,
/// Not supported.
WTD_SAFER_FLAG = 0x00000100,
/// Only the hash is verified.
WTD_HASH_ONLY_FLAG = 0x00000200,
///
/// The default operating system version checking is performed. This flag is only used for verifying catalog-signed files.
///
WTD_USE_DEFAULT_OSVER_CHECK = 0x00000400,
///
/// If this flag is not set, all time stamped signatures are considered valid forever. Setting this flag limits the valid
/// lifetime of the signature to the lifetime of the signing certificate. This allows time stamped signatures to expire.
///
WTD_LIFETIME_SIGNING_FLAG = 0x00000800,
///
/// Use only the local cache for revocation checks. Prevents revocation checks over the network.
/// Windows XP: This value is not supported.
///
WTD_CACHE_ONLY_URL_RETRIEVAL = 0x00001000,
///
/// Disable the use of MD2 and MD4 hashing algorithms. If a file is signed by using MD2 or MD4 and if this flag is set, an
/// NTE_BAD_ALGID error is returned. Note This flag is supported on Windows 7 with SP1 and later operating systems.
///
WTD_DISABLE_MD2_MD4 = 0x00002000,
///
/// If this flag is specified it is assumed that the file being verified has been downloaded from the web and has the Mark of
/// the Web attribute. Policies that are meant to apply to Mark of the Web files will be enforced. Note This flag is
/// supported on Windows 8.1 and later operating systems or on systems that have installed KB2862966.
///
WTD_MOTW = 0x00004000,
/// Undocumented.
WTD_CODE_INTEGRITY_DRIVER_MODE = 0x00008000,
}
/// Specifies the kind of user interface (UI) to be used.
[PInvokeData("wintrust.h", MSDNShortId = "8fb68f44-6f69-4eac-90de-02689e3e86cf")]
public enum WTD_UI
{
/// Display all UI.
WTD_UI_ALL = 1,
/// Display no UI.
WTD_UI_NONE = 2,
/// Do not display any negative UI.
WTD_UI_NOBAD = 3,
/// Do not display any positive UI.
WTD_UI_NOGOOD = 4,
}
///
/// A DWORD value that specifies the user interface context for the WinVerifyTrust function. This causes the text in the
/// Authenticode dialog box to match the action taken on the file.
///
[PInvokeData("wintrust.h", MSDNShortId = "8fb68f44-6f69-4eac-90de-02689e3e86cf")]
public enum WTD_UICONTEXT
{
/// Use when calling WinVerifyTrust for a file that is to be run. This is the default value.
WTD_UICONTEXT_EXECUTE = 0,
/// Use when calling WinVerifyTrust for a file that is to be installed.
WTD_UICONTEXT_INSTALL = 1,
}
/// Flags for .
[Flags]
public enum WTPF
{
/// Trust any test certificate.
WTPF_TRUSTTEST = 0x00000020,
/// Check any test certificate for validity.
WTPF_TESTCANBEVALID = 0x00000080,
/// Use expiration date.
WTPF_IGNOREEXPIRATION = 0x00000100,
/// Do revocation check.
WTPF_IGNOREREVOKATION = 0x00000200,
/// If the source is offline, trust any individual certificates.
WTPF_OFFLINEOK_IND = 0x00000400,
/// If the source is offline, trust any commercial certificates.
WTPF_OFFLINEOK_COM = 0x00000800,
/// If the source is offline, trust any individual certificates. Do not use the user interface (UI).
WTPF_OFFLINEOKNBU_IND = 0x00001000,
/// If the source is offline, trust any commercial certificates. Do not use the checking UI.
WTPF_OFFLINEOKNBU_COM = 0x00002000,
/// Turn off verification of version 1.0 certificates.
WTPF_VERIFY_V1_OFF = 0x00010000,
/// Ignore time stamp revocation checks.
WTPF_IGNOREREVOCATIONONTS = 0x00020000,
/// Allow only items in personal trust database.
WTPF_ALLOWONLYPERTRUST = 0x00040000,
}
///
/// The OpenPersonalTrustDBDialog function displays the Certificates dialog box.
///
/// Note This function has no associated header file or import library. You must define the function yourself and use the
/// LoadLibrary and GetProcAddress functions to dynamically link to Wintrust.dll.
///
///
///
/// The handle of the parent window for the dialog box. If this parameter is NULL, the dialog box has no parent.
///
/// Returns nonzero if the dialog box was opened successfully or zero otherwise.
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/nf-wintrust-openpersonaltrustdbdialog BOOL
// OpenPersonalTrustDBDialog( HWND hwndParent );
[DllImport(Lib.Wintrust, SetLastError = false, ExactSpelling = true)]
[PInvokeData("wintrust.h", MSDNShortId = "25f1d012-0c82-4992-b924-b539d4c6dc5f")]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool OpenPersonalTrustDBDialog(HWND hwndParent);
///
/// The OpenPersonalTrustDBDialogEx function displays the Certificates dialog box.
///
/// Note This function has no associated header file or import library. You must define the function yourself and use the
/// LoadLibrary and GetProcAddress functions to dynamically link to Wintrust.dll.
///
///
///
/// The handle of the parent window for the dialog box. If this parameter is NULL, the dialog box has no parent.
///
///
/// A set of flags that modify the behavior of this function. This can be zero or the following value.
///
///
/// Value
/// Meaning
///
/// -
/// WT_TRUSTDBDIALOG_ONLY_PUB_TAB_FLAG 2 (0x2)
///
/// Only display the Trusted Publisher tab. By default, all of the user interface tabs are displayed and the Trusted Publisher tab
/// is initially selected.
///
///
///
///
/// Not used. Must be NULL.
/// Returns nonzero if the dialog box was opened successfully or zero otherwise.
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/nf-wintrust-openpersonaltrustdbdialogex BOOL
// OpenPersonalTrustDBDialogEx( HWND hwndParent, DWORD dwFlags, PVOID *pvReserved );
[DllImport(Lib.Wintrust, SetLastError = false, ExactSpelling = true)]
[PInvokeData("wintrust.h", MSDNShortId = "5e4dbccd-4cd0-4525-85dc-3327a5b713a1")]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool OpenPersonalTrustDBDialogEx(HWND hwndParent, WT_TRUSTDBDIALOG dwFlags, IntPtr pvReserved = default);
///
///
/// [The WintrustAddActionID function is available for use in the operating systems specified in the Requirements section. It
/// may be altered or unavailable in subsequent versions. For certificate verification, use the CertGetCertificateChain and
/// CertVerifyCertificateChainPolicy functions. For Microsoft Authenticode technology signature verification, use the .NET Framework.]
///
///
/// The WintrustAddActionID function adds a trust provider action to the user's system. This method should be called during
/// the DllRegisterServer implementation of the trust provider. This function has no associated import library. You must use the
/// LoadLibrary and GetProcAddress functions to dynamically link to Wintrust.dll.
///
/// This method should be called only by a trust provider.
///
///
/// A pointer to a GUID structure that identifies the action to add and the trust provider that supports that action.
///
/// The WinTrust service is designed to work with trust providers implemented by third parties. Each trust provider provides its own
/// unique set of action identifiers. For information about the action identifiers supported by a trust provider, see the
/// documentation for that trust provider.
///
///
/// For example, Microsoft provides a Software Publisher Trust Provider that can establish the trustworthiness of software being
/// downloaded from the Internet or some other public network. The Software Publisher Trust Provider supports the following action
/// identifiers. These constants are defined in Softpub.h.
///
///
///
/// Value
/// Meaning
///
/// -
/// WINTRUST_ACTION_GENERIC_VERIFY
/// Verify a certificate chain only.
///
/// -
/// WINTRUST_ACTION_GENERIC_VERIFY_V2
/// Verify a file or object using the Authenticode policy provider.
///
/// -
/// HTTPSPROV_ACTION
/// Verify an SSL/PCT connection through Internet Explorer.
///
///
///
///
/// a value that determines whether registry errors are reported by this function. If fdwFlags is zero and this function experiences
/// a registry error, the registry error will not be propagated to the GetLastError function. If fdwFlags is
/// WT_ADD_ACTION_ID_RET_RESULT_FLAG (0x1) and this function experiences a registry error, the registry error will be propagated to
/// the GetLastError function.
///
/// A pointer to the CRYPT_REGISTER_ACTIONID structure that defines the information for the trust provider.
///
/// The return value is TRUE if the function succeeds; FALSE if the function fails. If the function fails, call the
/// GetLastError function to determine the reason for failure. For information about any registry errors that this function may
/// encounter, see the description for fdwFlags.
///
/// To remove an action that has been added by this function, call the WintrustRemoveActionID function.
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/nf-wintrust-wintrustaddactionid BOOL WintrustAddActionID( GUID
// *pgActionID, DWORD fdwFlags, CRYPT_REGISTER_ACTIONID *psProvInfo );
[DllImport(Lib.Wintrust, SetLastError = true, ExactSpelling = true)]
[PInvokeData("wintrust.h", MSDNShortId = "3b282342-9c86-42fa-b745-e5194d2885dc")]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool WintrustAddActionID(in Guid pgActionID, uint fdwFlags, ref CRYPT_REGISTER_ACTIONID psProvInfo);
///
/// The WintrustAddDefaultForUsage function specifies the default usage identifier and callback information for a provider.
///
/// Pointer to a string that contains the identifier.
/// Pointer to a CRYPT_PROVIDER_REGDEFUSAGE structure that contains callback information.
///
/// The return value is TRUE if the function succeeds; FALSE if the function fails. If the function fails, call the
/// GetLastError function to determine the reason for failure.
///
///
///
/// If the provider uses this function and requires any of the callback data, the provider must completely fill out the
/// CRYPT_PROVIDER_REGDEFUSAGE structure.
///
/// The usage and callback information can be retrieved by calling the WintrustGetDefaultForUsage function.
///
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/nf-wintrust-wintrustadddefaultforusage BOOL
// WintrustAddDefaultForUsage( const char *pszUsageOID, CRYPT_PROVIDER_REGDEFUSAGE *psDefUsage );
[DllImport(Lib.Wintrust, SetLastError = true, ExactSpelling = true)]
[PInvokeData("wintrust.h", MSDNShortId = "511D05BD-0F8C-45B8-A1B0-D3C7AAFECCFC")]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool WintrustAddDefaultForUsage([MarshalAs(UnmanagedType.LPStr)] string pszUsageOID, ref CRYPT_PROVIDER_REGDEFUSAGE psDefUsage);
/// The WintrustGetDefaultForUsage function retrieves the default usage identifier and callback information.
///
/// Action to perform. This can be one of the following values. For more information, see Remarks.
///
///
/// Value
/// Meaning
///
/// -
/// DWACTION_ALLOCANDFILL
/// Allocate memory and fill the CRYPT_PROVIDER_DEFUSAGE structure pointed to by the psUsage parameter.
///
/// -
/// DWACTION_FREE
/// Free all memory allocated during a previous call to this function by specifying DWACTION_ALLOCANDFILL for this parameter.
///
///
///
/// Pointer to a string that contains the identifier.
/// Pointer to a CRYPT_PROVIDER_DEFUSAGE structure that contains callback information to be retrieved.
///
/// The return value is TRUE if the function succeeds; FALSE if the function fails. If the function fails, call the
/// GetLastError function to determine the reason for failure.
///
///
///
/// Call this function once with the dwAction parameter set to DWACTION_ALLOCANDFILL to allocate memory and fill a
/// CRYPT_PROVIDER_DEFUSAGE structure with information. Call this function again with the dwAction parameter set to
/// DWACTION_FREE to free the allocated memory.
///
/// The default usage and callback information for a provider is registered by calling the WintrustAddDefaultForUsage function.
///
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/nf-wintrust-wintrustgetdefaultforusage BOOL
// WintrustGetDefaultForUsage( DWORD dwAction, const char *pszUsageOID, CRYPT_PROVIDER_DEFUSAGE *psUsage );
[DllImport(Lib.Wintrust, SetLastError = true, ExactSpelling = true)]
[PInvokeData("wintrust.h", MSDNShortId = "B2ED5489-792F-4B00-A21E-EE1B1462D1C8")]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool WintrustGetDefaultForUsage(DWACTION dwAction, [MarshalAs(UnmanagedType.LPStr)] string pszUsageOID, ref CRYPT_PROVIDER_DEFUSAGE psUsage);
///
/// The WintrustGetRegPolicyFlags function retrieves policy flags for a policy provider.
///
/// Note This function has no associated import library. You must use the LoadLibrary and GetProcAddress functions to
/// dynamically link to Wintrust.dll.
///
///
///
/// This parameter can be a bitwise combination of one or more of the following values.
///
///
/// Value
/// Meaning
///
/// -
/// WTPF_TRUSTTEST
/// Trust any test certificate.
///
/// -
/// WTPF_TESTCANBEVALID
/// Check any test certificate for validity.
///
/// -
/// WTPF_IGNOREEXPIRATION
/// Use expiration date.
///
/// -
/// WTPF_IGNOREREVOKATION
/// Do revocation check.
///
/// -
/// WTPF_OFFLINEOK_IND
/// If the source is offline, trust any individual certificates.
///
/// -
/// WTPF_OFFLINEOK_COM
/// If the source is offline, trust any commercial certificates.
///
/// -
/// WTPF_OFFLINEOKNBU_IND
/// If the source is offline, trust any individual certificates. Do not use the user interface (UI).
///
/// -
/// WTPF_OFFLINEOKNBU_COM
/// If the source is offline, trust any commercial certificates. Do not use the checking UI.
///
/// -
/// WTPF_VERIFY_V1_OFF
/// Turn off verification of version 1.0 certificates.
///
/// -
/// WTPF_IGNOREREVOCATIONONTS
/// Ignore time stamp revocation checks.
///
/// -
/// WTPF_ALLOWONLYPERTRUST
/// Allow only items in personal trust database.
///
///
///
/// This function does not return a value.
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/nf-wintrust-wintrustgetregpolicyflags void
// WintrustGetRegPolicyFlags( DWORD *pdwPolicyFlags );
[DllImport(Lib.Wintrust, SetLastError = false, ExactSpelling = true)]
[PInvokeData("wintrust.h", MSDNShortId = "f5e79ac8-9a70-4e79-ae4f-e128bd8c84de")]
public static extern void WintrustGetRegPolicyFlags(out WTPF pdwPolicyFlags);
///
///
/// [The WintrustLoadFunctionPointers function is available for use in the operating systems specified in the Requirements
/// section. It may be altered or unavailable in subsequent versions. For certificate verification, use the CertGetCertificateChain
/// and CertVerifyCertificateChainPolicy functions. For Microsoft Authenticode technology signature verification, use the .NET Framework.]
///
///
/// The WintrustLoadFunctionPointers function loads function entry points for a specified action GUID. This function has no
/// associated import library. You must use the LoadLibrary and GetProcAddress functions to dynamically link to Wintrust.dll.
///
///
///
///
/// A pointer to a GUID structure that identifies the action whose function pointers are being loaded and the trust provider
/// that supports that action.
///
///
/// The WinTrust service is designed to work with trust providers implemented by third parties. Each trust provider provides its own
/// unique set of action identifiers. For information about the action identifiers supported by a trust provider, see the
/// documentation for that trust provider.
///
///
/// For example, Microsoft provides a Software Publisher Trust Provider that can establish the trustworthiness of software being
/// downloaded from the Internet or some other public network. The Software Publisher Trust Provider supports the following action
/// identifiers. These constants are defined in Softpub.h.
///
///
///
/// Value
/// Meaning
///
/// -
/// WINTRUST_ACTION_GENERIC_VERIFY
/// Verify a certificate chain only.
///
/// -
/// WINTRUST_ACTION_GENERIC_VERIFY_V2
/// Verify a file or object using the Authenticode policy provider.
///
/// -
/// HTTPSPROV_ACTION
/// Verify an SSL/PCT connection through Internet Explorer.
///
///
///
/// A pointer to the CRYPT_PROVIDER_FUNCTIONS structure that receives the addresses of the function pointers.
/// The return value is TRUE if the function succeeds; FALSE if the function fails.
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/nf-wintrust-wintrustloadfunctionpointers BOOL
// WintrustLoadFunctionPointers( GUID *pgActionID, CRYPT_PROVIDER_FUNCTIONS *pPfns );
[DllImport(Lib.Wintrust, SetLastError = false, ExactSpelling = true)]
[PInvokeData("wintrust.h", MSDNShortId = "c36db226-34b4-4a31-b8c6-b9d124acc669")]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool WintrustLoadFunctionPointers(in Guid pgActionID, ref CRYPT_PROVIDER_FUNCTIONS pPfns);
///
///
/// [The WintrustRemoveActionID function is available for use in the operating systems specified in the Requirements section.
/// It may be altered or unavailable in subsequent versions. For certificate verification, use the CertGetCertificateChain and
/// CertVerifyCertificateChainPolicy functions. For Authenticode technology signature verification, use the .NET Framework.]
///
///
/// The WintrustRemoveActionID function removes an action added by the WintrustAddActionID function. This function has no
/// associated import library. You must use the LoadLibrary and GetProcAddress functions to dynamically link to Wintrust.dll.
///
///
///
/// A pointer to a GUID structure that identifies the action to remove and the trust provider that supports that action.
///
/// The WinTrust service is designed to work with trust providers implemented by third parties. Each trust provider provides its own
/// unique set of action identifiers. For information about the action identifiers supported by a trust provider, see the
/// documentation for that trust provider.
///
///
/// For example, Microsoft provides a Software Publisher Trust Provider that can establish the trustworthiness of software being
/// downloaded from the Internet or some other public network. The Software Publisher Trust Provider supports the following action
/// identifiers. These constants are defined in Softpub.h.
///
///
///
/// Value
/// Meaning
///
/// -
/// WINTRUST_ACTION_GENERIC_VERIFY
/// Verify a certificate chain only.
///
/// -
/// WINTRUST_ACTION_GENERIC_VERIFY_V2
/// Verify a file or object using the Authenticode policy provider.
///
/// -
/// HTTPSPROV_ACTION
/// Verify an SSL/PCT connection through Internet Explorer.
///
///
///
/// The return value is TRUE if the function succeeds; FALSE if the function fails.
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/nf-wintrust-wintrustremoveactionid BOOL WintrustRemoveActionID( GUID
// *pgActionID );
[DllImport(Lib.Wintrust, SetLastError = false, ExactSpelling = true)]
[PInvokeData("wintrust.h", MSDNShortId = "d1c84b69-4886-4cb4-99c5-294bd9d8228b")]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool WintrustRemoveActionID(in Guid pgActionID);
///
///
/// The WintrustSetDefaultIncludePEPageHashes function sets the default setting that determines whether page hashes are
/// included when creating subject interface package (SIP) indirect data for PE files.
///
///
/// This setting is only used if neither the SPC_EXC_PE_PAGE_HASHES_FLAG or the SPC_INC_PE_PAGE_HASHES_FLAG flag is
/// specified in the dwFlags parameter of the SignerSignEx function.
///
///
/// This function has no associated import library. You must use the LoadLibrary and GetProcAddress functions to dynamically link to Wintrust.dll.
///
///
///
/// Determines whether page hashes are included when creating SIP indirect data for PE files. If this parameter is nonzero, page
/// hashes are included. If this parameter is zero, page hashes are not included. The value is zero by default.
///
/// This function does not return a value.
/// This setting applies to each instance of Wintrust.dll.
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/nf-wintrust-wintrustsetdefaultincludepepagehashes void
// WintrustSetDefaultIncludePEPageHashes( BOOL fIncludePEPageHashes );
[DllImport(Lib.Wintrust, SetLastError = false, ExactSpelling = true)]
[PInvokeData("wintrust.h", MSDNShortId = "af48e570-e71d-488f-831c-35834242db3c")]
public static extern void WintrustSetDefaultIncludePEPageHashes([MarshalAs(UnmanagedType.Bool)] bool fIncludePEPageHashes);
///
/// The WintrustSetRegPolicyFlags function sets policy flags for a policy provider.
///
/// Note This function has no associated import library. You must use the LoadLibrary and GetProcAddress functions to
/// dynamically link to Wintrust.dll.
///
///
///
/// This parameter can be a bitwise combination of one or more of the following values.
///
///
/// Value
/// Meaning
///
/// -
/// WTPF_TRUSTTEST
/// Trust any test certificate.
///
/// -
/// WTPF_TESTCANBEVALID
/// Check any test certificate for validity.
///
/// -
/// WTPF_IGNOREEXPIRATION
/// Do not check the expiration date.
///
/// -
/// WTPF_IGNOREREVOKATION
/// Do not check revocation.
///
/// -
/// WTPF_OFFLINEOK_IND
/// If the source is offline, trust any individual certificates.
///
/// -
/// WTPF_OFFLINEOK_COM
/// If the source is offline, trust any commercial certificates.
///
/// -
/// WTPF_OFFLINEOKNBU_IND
/// If the source is offline, trust any individual certificates. Do not use the user interface (UI).
///
/// -
/// WTPF_OFFLINEOKNBU_COM
/// If the source is offline, trust any commercial certificates. Do not use the checking UI.
///
/// -
/// WTPF_VERIFY_V1_OFF
/// Turn off verification of version 1.0 certificates.
///
/// -
/// WTPF_IGNOREREVOCATIONONTS
/// Ignore time stamp revocation checks.
///
/// -
/// WTPF_ALLOWONLYPERTRUST
/// Allow only items in personal trust database.
///
///
///
/// Returns nonzero if the policy flags were set successfully or zero otherwise.
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/nf-wintrust-wintrustsetregpolicyflags BOOL
// WintrustSetRegPolicyFlags( DWORD dwPolicyFlags );
[DllImport(Lib.Wintrust, SetLastError = false, ExactSpelling = true)]
[PInvokeData("wintrust.h", MSDNShortId = "8aaeecd0-3814-42a0-9e5b-82b0b220bc9a")]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool WintrustSetRegPolicyFlags(WTPF dwPolicyFlags);
///
///
/// The WinVerifyTrust function performs a trust verification action on a specified object. The function passes the inquiry
/// to a trust provider that supports the action identifier, if one exists.
///
/// For certificate verification, use the CertGetCertificateChain and CertVerifyCertificateChainPolicy functions.
///
///
///
/// Optional handle to a caller window. A trust provider can use this value to determine whether it can interact with the user.
/// However, trust providers typically perform verification actions without input from the user.
///
/// This parameter can be one of the following values.
///
///
/// Value
/// Meaning
///
/// -
/// INVALID_HANDLE_VALUE
/// There is no interactive user. The trust provider performs the verification action without the user's assistance.
///
/// -
/// Zero
/// The trust provider can use the interactive desktop to display its user interface.
///
/// -
/// A valid window handle
///
/// A trust provider can treat any value other than INVALID_HANDLE_VALUE or zero as a valid window handle that it can use to
/// interact with the user.
///
///
///
///
///
///
/// A pointer to a GUID structure that identifies an action and the trust provider that supports that action. This value
/// indicates the type of verification action to be performed on the structure pointed to by pWinTrustData.
///
///
/// The WinTrust service is designed to work with trust providers implemented by third parties. Each trust provider provides its own
/// unique set of action identifiers. For information about the action identifiers supported by a trust provider, see the
/// documentation for that trust provider.
///
///
/// For example, Microsoft provides a Software Publisher Trust Provider that can establish the trustworthiness of software being
/// downloaded from the Internet or some other public network. The Software Publisher Trust Provider supports the following action
/// identifiers. These constants are defined in Softpub.h.
///
///
///
/// Value
/// Meaning
///
/// -
/// DRIVER_ACTION_VERIFY
///
/// Verify the authenticity of a Windows Hardware Quality Labs (WHQL) signed driver. This is an Authenticode add-on policy provider.
///
///
/// -
/// HTTPSPROV_ACTION
/// Verify an SSL/TLS connection through Internet Explorer.
///
/// -
/// OFFICESIGN_ACTION_VERIFY
///
/// This Action ID is not supported. Verify the authenticity of a structured storage file by using the Microsoft Office Authenticode
/// add-on policy provider. Windows Server 2003 and Windows XP: This Action ID is supported.
///
///
/// -
/// WINTRUST_ACTION_GENERIC_CHAIN_VERIFY
///
/// Verify certificate chains created from any object type. A callback is provided to implement the final chain policy by using the
/// chain context for each signer and counter signer.
///
///
/// -
/// WINTRUST_ACTION_GENERIC_VERIFY_V2
/// Verify a file or object using the Authenticode policy provider.
///
/// -
/// WINTRUST_ACTION_TRUSTPROVIDER_TEST
/// Write the CRYPT_PROVIDER_DATA structure to a file after calling the Authenticode policy provider.
///
///
///
///
///
/// A pointer that, when cast as a WINTRUST_DATA structure, contains information that the trust provider needs to process the
/// specified action identifier. Typically, the structure includes information that identifies the object that the trust provider
/// must evaluate.
///
///
/// The format of the structure depends on the action identifier. For information about the data required for a specific action
/// identifier, see the documentation for the trust provider that supports that action.
///
///
///
///
/// If the trust provider verifies that the subject is trusted for the specified action, the return value is zero. No other value
/// besides zero should be considered a successful return.
///
///
/// If the trust provider does not verify that the subject is trusted for the specified action, the function returns a status code
/// from the trust provider.
///
///
/// For example, a trust provider might indicate that the subject is not trusted, or is trusted but with limitations or warnings.
/// The return value can be a trust-provider-specific value described in the documentation for an individual trust provider, or it
/// can be one of the following error codes.
///
///
///
/// Return code
/// Description
///
/// -
/// TRUST_E_SUBJECT_NOT_TRUSTED
///
/// The subject failed the specified verification action. Most trust providers return a more detailed error code that describes the
/// reason for the failure.
///
///
/// -
/// TRUST_E_PROVIDER_UNKNOWN
/// The trust provider is not recognized on this system.
///
/// -
/// TRUST_E_ACTION_UNKNOWN
/// The trust provider does not support the specified action.
///
/// -
/// TRUST_E_SUBJECT_FORM_UNKNOWN
/// The trust provider does not support the form specified for the subject.
///
///
///
///
///
/// The WinVerifyTrust function enables applications to invoke a trust provider to verify that a specified object satisfies
/// the criteria of a specified verification operation. The pgActionID parameter identifies the verification operation, and the
/// pWinTrustData parameter identifies the object whose trust is to be verified. A trust provider is a DLL registered with the
/// operating system. A call to WinVerifyTrust forwards that call to the registered trust provider, if there is one, that
/// supports that specified action identifier.
///
///
/// For example, the Software Publisher Trust Provider can verify that an executable image file comes from a trusted software
/// publisher and that the file has not been modified since it was published. In this case, the pWinTrustData parameter specifies
/// the name of the file and the type of file, such as a Microsoft Portable Executable image file.
///
///
/// Each trust provider supports a specific set of actions that it can evaluate. Each action has a GUID that identifies it. A trust
/// provider can support any number of action identifiers, but two trust providers cannot support the same action identifier.
///
///
/// For an example that demonstrates how to use this function to verify the signature of a portable executable (PE) file, see
/// Example C Program: Verifying the Signature of a PE File.
///
///
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/nf-wintrust-winverifytrust LONG WinVerifyTrust( HWND hwnd, GUID
// *pgActionID, LPVOID pWVTData );
[DllImport(Lib.Wintrust, SetLastError = false, ExactSpelling = true)]
[PInvokeData("wintrust.h", MSDNShortId = "b7efac6a-ac9f-477a-aada-63fe32208e6f")]
public static extern Win32Error WinVerifyTrust(HWND hwnd, in Guid pgActionID, IntPtr pWVTData);
///
///
/// The WinVerifyTrustEx function performs a trust verification action on a specified object and takes a pointer to a
/// WINTRUST_DATA structure. The function passes the inquiry to a trust provider, if one exists, that supports the action
/// identifier. This function has no associated import library. You must use the LoadLibrary and GetProcAddress functions to
/// dynamically link to Wintrust.dll.
///
/// For certificate verification, use the CertGetCertificateChain and CertVerifyCertificateChainPolicy functions.
///
///
///
/// Optional handle to a caller window. A trust provider can use this value to determine whether it can interact with the user.
/// However, trust providers typically perform verification actions without input from the user.
///
/// This parameter can be one of the following values.
///
///
/// Value
/// Meaning
///
/// -
/// INVALID_HANDLE_VALUE
/// There is no interactive user. The trust provider performs the verification action without the user's assistance.
///
/// -
/// Zero
/// The trust provider can use the interactive desktop to display its user interface.
///
/// -
/// A valid window handle
///
/// A trust provider can treat any value other than INVALID_HANDLE_VALUE or zero as a valid window handle that it can use to
/// interact with the user.
///
///
///
///
///
///
/// A pointer to a GUID structure that identifies an action and the trust provider that supports that action. This value
/// indicates the type of verification action to be performed on the structure pointed to by pWinTrustData.
///
///
/// The WinTrust service is designed to work with trust providers implemented by third parties. Each trust provider provides its own
/// unique set of action identifiers. For information about the action identifiers supported by a trust provider, see the
/// documentation for that trust provider.
///
///
/// For example, Microsoft provides a Software Publisher Trust Provider that can establish the trustworthiness of software being
/// downloaded from the Internet or some other public network. The Software Publisher Trust Provider supports the following action
/// identifiers. These constants are defined in Softpub.h.
///
///
///
/// Value
/// Meaning
///
/// -
/// DRIVER_ACTION_VERIFY
///
/// Verify the authenticity of a Windows Hardware Quality Labs (WHQL) signed driver. This is an Authenticode add-on policy provider.
///
///
/// -
/// HTTPSPROV_ACTION
/// Verify an SSL/TLS connection through Internet Explorer.
///
/// -
/// OFFICESIGN_ACTION_VERIFY
///
/// This Action ID is not supported. Verify the authenticity of a structured storage file by using the Microsoft Office Authenticode
/// add-on policy provider. Windows Server 2003 and Windows XP: This Action ID is supported.
///
///
/// -
/// WINTRUST_ACTION_GENERIC_CERT_VERIFY
///
/// Verify a certificate chain only. This is only valid when passing in a certificate context in the WinVerifyTrust input structures.
///
///
/// -
/// WINTRUST_ACTION_GENERIC_CHAIN_VERIFY
///
/// Verify certificate chains created from any object type. A callback is provided to implement the final chain policy by using the
/// chain context for each signer and counter signer.
///
///
/// -
/// WINTRUST_ACTION_GENERIC_VERIFY_V2
/// Verify a file or object using the Authenticode policy provider.
///
/// -
/// WINTRUST_ACTION_TRUSTPROVIDER_TEST
/// Write the CRYPT_PROVIDER_DATA structure to a file after calling the Authenticode policy provider.
///
///
///
///
///
/// A pointer to a WINTRUST_DATA structure that contains information that the trust provider needs to process the specified action
/// identifier. Typically, the structure includes information that identifies the object that the trust provider must evaluate.
///
///
/// The format of the structure depends on the action identifier. For information about the data required for a specific action
/// identifier, see the documentation for the trust provider that supports that action.
///
///
///
///
/// If the trust provider verifies that the subject is trusted for the specified action, the return value is ERROR_SUCCESS.
/// Otherwise, the function returns a status code from the trust provider.
///
///
/// For example, a trust provider might indicate that the subject is not trusted, or is trusted but with limitations or warnings.
/// The return value can be a trust provider–specific value described in the documentation for an individual trust provider, or it
/// can be one of the following error codes.
///
///
///
/// Return code
/// Description
///
/// -
/// TRUST_E_SUBJECT_NOT_TRUSTED
///
/// The subject failed the specified verification action. Most trust providers return a more detailed error code that describes the
/// reason for the failure.
///
///
/// -
/// TRUST_E_PROVIDER_UNKNOWN
/// The trust provider is not recognized on this system.
///
/// -
/// TRUST_E_ACTION_UNKNOWN
/// The trust provider does not support the specified action.
///
/// -
/// TRUST_E_SUBJECT_FORM_UNKNOWN
/// The trust provider does not support the form specified for the subject.
///
///
///
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/nf-wintrust-winverifytrustex HRESULT WinVerifyTrustEx( HWND hwnd,
// GUID *pgActionID, WINTRUST_DATA *pWinTrustData );
[DllImport(Lib.Wintrust, SetLastError = false, ExactSpelling = true)]
[PInvokeData("wintrust.h", MSDNShortId = "209c9953-a4a5-4ff0-961f-92e97ccce23d")]
public static extern HRESULT WinVerifyTrustEx(HWND hwnd, in Guid pgActionID, [In] WINTRUST_DATA pWinTrustData);
///
///
/// [The WTHelperCertCheckValidSignature function is available for use in the operating systems specified in the Requirements
/// section. It may be altered or unavailable in subsequent versions. For certificate verification, use the CertGetCertificateChain
/// and CertVerifyCertificateChainPolicy functions. For Microsoft Authenticode technology signature verification, use the .NET Framework.]
///
///
/// The WTHelperCertCheckValidSignature function checks whether a signature is valid. It can be used by trust providers to
/// get an initial assessment of the validity of a signature before calling the function pointed to by the pfnFinalPolicy
/// member of a CRYPT_PROVIDER_FUNCTIONS structure.
///
///
/// A pointer to the CRYPT_PROVIDER_DATA structure that contains the signer and countersigner information.
///
/// If the function succeeds, the function returns S_OK.
///
/// If the function fails, it returns an HRESULT value that indicates the error. For a list of possible error values, see WinVerifyTrust.
///
///
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/nf-wintrust-wthelpercertcheckvalidsignature HRESULT
// WTHelperCertCheckValidSignature( CRYPT_PROVIDER_DATA *pProvData );
[DllImport(Lib.Wintrust, SetLastError = false, ExactSpelling = true)]
[PInvokeData("wintrust.h", MSDNShortId = "d46eea18-03cb-4199-873e-0e9e13061598")]
public static extern HRESULT WTHelperCertCheckValidSignature(in CRYPT_PROVIDER_DATA pProvData);
///
///
/// [The WTHelperCertFindIssuerCertificate function is available for use in the operating systems specified in the
/// Requirements section. It may be altered or unavailable in subsequent versions.]
///
///
/// The WTHelperCertFindIssuerCertificate function finds an issuer certificate from the specified certificate stores that
/// matches the specified subject certificate.
///
///
/// The subject certificate for which to find a matching issuer certificate.
/// The number of elements in the pahStores array.
/// An array of certificate stores in which to search.
/// The time of verification.
///
/// A DWORD value that specifies the encoding types of the certificate to check. For information about possible encoding
/// types, see Certificate and Message Encoding Types.
///
///
/// This parameter can be a bitwise combination of zero or more of the following confidence values.
///
///
/// Value
/// Meaning
///
/// -
/// CERT_CONFIDENCE_SIG 0x10000000
/// The signature of the certificate is valid.
///
/// -
/// CERT_CONFIDENCE_TIME 0x01000000
/// The time of the certificate issuer is valid.
///
/// -
/// CERT_CONFIDENCE_TIMENEST 0x00100000
/// The time of the certificate is valid.
///
/// -
/// CERT_CONFIDENCE_AUTHIDEXT 0x00010000
/// The authority ID extension is valid.
///
/// -
/// CERT_CONFIDENCE_HYGIENE 0x00001000
/// At a minimum, the signature of the certificate and authority ID extension are valid.
///
/// -
/// CERT_CONFIDENCE_HIGHEST 0x11111000
/// A combination of all of the other confidence values.
///
///
///
/// A pointer to a DWORD variable that contains the error value for this certificate, if applicable.
/// An issuer certificate that matches the subject certificate specified by the pChildContext parameter.
///
/// To successfully find a matching issuer certificate, the following requirements must be met:
///
/// -
/// The signature of the subject certificate specified by the pChildContext parameter must be valid.
///
/// -
///
/// The rgExtension member of the pCertInfo member of the pChildContext parameter must contain a
/// CERT_AUTHORITY_KEY_ID_INFO structure. The CertIssuer and CertSerialMember members of this structure much
/// match the corresponding members for the issuer certificate.
///
///
/// -
/// The value of the psftVerifyAsOf parameter must be within the period of validity of the subject certificate.
///
/// -
/// The period of validity of the subject certificate must be within the period of validity of the issuer certificate.
///
///
///
// https://docs.microsoft.com/en-us/windows/win32/seccrypto/wthelpercertfindissuercertificate PCCERT_CONTEXT WINAPI
// WTHelperCertFindIssuerCertificate( _In_ PCCERT_CONTEXT pChildContext, _In_ DWORD chStores, _In_ HCERTSTORE *pahStores, _In_
// FILETIME *psftVerifyAsOf, _In_ DWORD dwEncoding, _Out_opt_ DWORD *pdwConfidence, _Out_ DWORD *dwError );
[DllImport(Lib.Wintrust, SetLastError = false, ExactSpelling = true)]
[PInvokeData("wintrust.h", MSDNShortId = "c724f602-fc73-4857-941f-0f22a9e472d1")]
public static extern IntPtr WTHelperCertFindIssuerCertificate(in CERT_CONTEXT pChildContext, uint chStores, [In] HCERTSTORE[] pahStores, in FILETIME psftVerifyAsOf, CertEncodingType dwEncoding, out CertConfidence pdwConfidence, out Win32Error dwError);
///
///
/// [The WTHelperCertIsSelfSigned function is available for use in the operating systems specified in the Requirements
/// section. It may be altered or unavailable in subsequent versions. For certificate verification, use the CertGetCertificateChain
/// and CertVerifyCertificateChainPolicy functions. For Microsoft Authenticode technology signature verification, use the .NET Framework.]
///
///
/// The WTHelperCertIsSelfSigned function checks whether a certificate is self-signed. This function has no associated import
/// library. You must use the LoadLibrary and GetProcAddress functions to dynamically link to Wintrust.dll.
///
///
///
/// A DWORD value that specifies the encoding types of the certificate to check. For information about possible encoding
/// types, see Certificate and Message Encoding Types.
///
/// A pointer to a CERT_INFO structure that contains information about the certificate to check.
///
/// If the function succeeds, the function returns TRUE.
/// If the function fails, it returns FALSE.
///
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/nf-wintrust-wthelpercertisselfsigned BOOL WTHelperCertIsSelfSigned(
// DWORD dwEncoding, CERT_INFO *pCert );
[DllImport(Lib.Wintrust, SetLastError = false, ExactSpelling = true)]
[PInvokeData("wintrust.h", MSDNShortId = "456b8c8c-6ca3-469a-a415-e72109696bf5")]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool WTHelperCertIsSelfSigned(uint dwEncoding, in CERT_INFO pCert);
///
///
/// [The WTHelperGetFileHash function is available for use in the operating systems specified in the Requirements section. It
/// may be altered or unavailable in subsequent versions.]
///
///
/// The WTHelperGetFileHash function verifies the signature of a signed file and obtains the hash value and algorithm
/// identifier for the file.
///
///
///
/// A pointer to a null-terminated Unicode string that contains the path and file name of the file to get the hash for.
///
/// This parameter is not used and should be zero.
/// This parameter is not used and should be NULL.
///
/// A pointer to a buffer to receive the hash value for the file. The pcbFileHash parameter contains the size of this buffer.
///
///
///
/// A pointer to a DWORD variable that, on input, contains the size, in bytes, of the pbFileHash buffer and, on output,
/// receives the size, in bytes, of the hash value.
///
///
/// To obtain the required size of the hash value, pass NULL for the pbFileHash parameter. This function will place the
/// required size, in bytes, of the hash value in this location.
///
///
/// If the pbFileHash parameter is not NULL, and the size is not large enough to receive the hash value, this function will
/// place the required size, in bytes, in this location and return ERROR_MORE_DATA.
///
///
///
/// A pointer to an ALG_ID variable to receive the identifier of the algorithm used to create the hash value. This parameter
/// can be NULL if this information is not needed.
///
///
/// Returns a status code that indicates the success or failure of the function.
/// Possible return codes include, but are not limited to, the following.
///
///
/// Return code
/// Description
///
/// -
/// ERROR_SUCCESS
/// The file is signed, and the signature was verified.
///
/// -
/// ERROR_MORE_DATA
///
/// The pbFileHash parameter is not NULL, and the size specified by the pcbFileHash parameter is not large enough to receive the hash.
///
///
/// -
/// ERROR_NOT_ENOUGH_MEMORY
/// A memory allocation failure occurred.
///
/// -
/// TRUST_E_BAD_DIGEST
/// The signature of the file was not verified.
///
/// -
/// TRUST_E_NOSIGNATURE
/// The file was not signed or had a signature that is not valid.
///
///
///
// https://docs.microsoft.com/en-us/windows/win32/seccrypto/wthelpergetfilehash LONG WINAPI WTHelperGetFileHash( _In_ LPCWSTR
// pwszFilename, _In_ DWORD dwFlags, _Inout_opt_ PVOID pvReserved, _Out_opt_ BYTE *pbFileHash, _Inout_opt_ DWORD *pcbFileHash,
// _Out_opt_ ALG_ID *pHashAlgid );
[DllImport(Lib.Wintrust, SetLastError = false, ExactSpelling = true)]
[PInvokeData("wintrust.h", MSDNShortId = "130b3c3e-cc67-44ec-acc7-daa87b714299")]
public static extern int WTHelperGetFileHash([MarshalAs(UnmanagedType.LPWStr)] string pwszFilename, [Optional] uint dwFlags, [In, Out, Optional] IntPtr pvReserved, [Out] IntPtr pbFileHash, ref uint pcbFileHash, out ALG_ID pHashAlgid);
///
///
/// [The WTHelperGetProvCertFromChain function is available for use in the operating systems specified in the Requirements
/// section. It may be altered or unavailable in subsequent versions. For certificate verification, use the CertGetCertificateChain
/// and CertVerifyCertificateChainPolicy functions. For Microsoft Authenticode technology signature verification, use the .NET Framework.]
///
///
/// The WTHelperGetProvCertFromChain function retrieves a trust provider certificate from the certificate chain. This
/// function has no associated import library. You must use the LoadLibrary and GetProcAddress functions to dynamically link to Wintrust.dll.
///
///
///
/// A pointer to a CRYPT_PROVIDER_SGNR structure that represents the signers. This pointer is retrieved by the
/// WTHelperGetProvSignerFromChain function.
///
/// The index of the certificate. The index is zero based.
///
///
/// If the function succeeds, the function returns a pointer to a CRYPT_PROVIDER_CERT structure that represents the trust provider certificate.
///
/// If the function fails, it returns NULL.
///
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/nf-wintrust-wthelpergetprovcertfromchain CRYPT_PROVIDER_CERT *
// WTHelperGetProvCertFromChain( CRYPT_PROVIDER_SGNR *pSgnr, DWORD idxCert );
[DllImport(Lib.Wintrust, SetLastError = false, ExactSpelling = true)]
[PInvokeData("wintrust.h", MSDNShortId = "047278fe-37d5-4fd6-8b36-9e28ead0cc5a")]
public static extern IntPtr WTHelperGetProvCertFromChain(in CRYPT_PROVIDER_SGNR pSgnr, uint idxCert);
///
///
/// [The WTHelperGetProvPrivateDataFromChain function is available for use in the operating systems specified in the
/// Requirements section. It may be altered or unavailable in subsequent versions. For certificate verification, use the
/// CertGetCertificateChain and CertVerifyCertificateChainPolicy functions. For Microsoft Authenticode technology signature
/// verification, use the .NET Framework.]
///
///
/// The WTHelperGetProvPrivateDataFromChain function receives a CRYPT_PROVIDER_PRIVDATA structure from the chain by using the
/// provider ID. This function has no associated import library. You must use the LoadLibrary and GetProcAddress functions to
/// dynamically link to Wintrust.dll.
///
///
/// A pointer to a CRYPT_PROVIDER_DATA structure that contains the provider's private information.
/// A pointer to a GUID structure that identifies the provider.
///
///
/// If the function succeeds, the function returns a pointer to a CRYPT_PROVIDER_PRIVDATA structure that represents the trust
/// provider's private information.
///
/// If the function fails, the return value is NULL.
///
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/nf-wintrust-wthelpergetprovprivatedatafromchain
// CRYPT_PROVIDER_PRIVDATA * WTHelperGetProvPrivateDataFromChain( CRYPT_PROVIDER_DATA *pProvData, GUID *pgProviderID );
[DllImport(Lib.Wintrust, SetLastError = false, ExactSpelling = true)]
[PInvokeData("wintrust.h", MSDNShortId = "67a718a2-47ca-4c45-a939-99dd8311dc6d")]
public static extern IntPtr WTHelperGetProvPrivateDataFromChain(in CRYPT_PROVIDER_DATA pProvData, in Guid pgProviderID);
///
///
/// [The WTHelperGetProvSignerFromChain function is available for use in the operating systems specified in the Requirements
/// section. It may be altered or unavailable in subsequent versions. For certificate verification, use the CertGetCertificateChain
/// and CertVerifyCertificateChainPolicy functions. For Microsoft Authenticode technology signature verification, use the .NET Framework.]
///
///
/// The WTHelperGetProvSignerFromChain function retrieves a signer or countersigner by index from the chain. This function
/// has no associated import library. You must use the LoadLibrary and GetProcAddress functions to dynamically link to Wintrust.dll.
///
///
/// A pointer to the CRYPT_PROVIDER_DATA structure that contains the signer and countersigner information.
/// The index of the signer. The index is zero based.
///
/// If TRUE, the countersigner, as specified by idxCounterSigner, is retrieved by this function; the signer that contains the
/// countersigner is identified by idxSigner. If FALSE, the signer, as specified by idxSigner, is retrieved by this function.
///
///
/// The index of the countersigner. The index is zero based. The countersigner applies to the signer identified by idxSigner.
///
///
///
/// If the function succeeds, the function returns a pointer to a CRYPT_PROVIDER_SGNR structure for the requested signer or countersigner.
///
/// If the function fails, it returns NULL.
///
// https://docs.microsoft.com/en-us/windows/win32/api/wintrust/nf-wintrust-wthelpergetprovsignerfromchain CRYPT_PROVIDER_SGNR *
// WTHelperGetProvSignerFromChain( CRYPT_PROVIDER_DATA *pProvData, DWORD idxSigner, BOOL fCounterSigner, DWORD idxCounterSigner );
[DllImport(Lib.Wintrust, SetLastError = false, ExactSpelling = true)]
[PInvokeData("wintrust.h", MSDNShortId = "8e1ebf82-73c2-445b-9964-6739f7c90c47")]
public static extern IntPtr WTHelperGetProvSignerFromChain(in CRYPT_PROVIDER_DATA pProvData, uint idxSigner, [MarshalAs(UnmanagedType.Bool)] bool fCounterSigner, uint idxCounterSigner);
///
///
/// [The WTHelperProvDataFromStateData function is available for use in the operating systems specified in the Requirements
/// section. It may be altered or unavailable in subsequent versions. For certificate verification, use the CertGetCertificateChain
/// and CertVerifyCertificateChainPolicy functions. For Microsoft Authenticode technology signature verification, use the .NET Framework.]
///
///
/// The WTHelperProvDataFromStateData function retrieves trust provider information from a specified handle. This function
/// has no associated import library. You must use the LoadLibrary and GetProcAddress functions to dynamically link to Wintrust.dll.
///
///
///
/// A handle previously set by the WinVerifyTrustEx function as the hWVTStateData member of the WINTRUST_DATA structure.
///
///
///
/// If the function succeeds, the function returns a pointer to a CRYPT_PROVIDER_DATA structure. The returned pointer can be used by
/// the WTHelperGetProvSignerFromChain function.
///
/// If the function fails, it returns NULL.
///
// https://docs.microsoft.com/en-us/windows/win32/api/wintrust/nf-wintrust-wthelperprovdatafromstatedata CRYPT_PROVIDER_DATA *
// WTHelperProvDataFromStateData( HANDLE hStateData );
[DllImport(Lib.Wintrust, SetLastError = false, ExactSpelling = true)]
[PInvokeData("wintrust.h", MSDNShortId = "ca2ca612-2da6-4fe1-8b1e-bc6307eb92af")]
public static extern IntPtr WTHelperProvDataFromStateData(HANDLE hStateData);
///
///
/// [The CRYPT_PROVIDER_CERT structure is available for use in the operating systems specified in the Requirements section.
/// It may be altered or unavailable in subsequent versions.]
///
/// The CRYPT_PROVIDER_CERT structure provides information about a provider certificate.
///
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/ns-wintrust-_crypt_provider_cert typedef struct
// _CRYPT_PROVIDER_CERT { DWORD cbStruct; PCCERT_CONTEXT pCert; BOOL fCommercial; BOOL fTrustedRoot; BOOL fSelfSigned; BOOL
// fTestCert; DWORD dwRevokedReason; DWORD dwConfidence; DWORD dwError; CTL_CONTEXT *pTrustListContext; BOOL fTrustListSignerCert;
// PCCTL_CONTEXT pCtlContext; DWORD dwCtlError; BOOL fIsCyclic; PCERT_CHAIN_ELEMENT pChainElement; } CRYPT_PROVIDER_CERT, *PCRYPT_PROVIDER_CERT;
[PInvokeData("wintrust.h", MSDNShortId = "622e7a72-445a-4820-b236-1c90dad08351")]
[StructLayout(LayoutKind.Sequential)]
public struct CRYPT_PROVIDER_CERT
{
/// The size, in bytes, of this structure.
public uint cbStruct;
/// A pointer to the certificate context.
public IntPtr pCert;
/// Boolean value that indicates whether the certificate is a commercial certificate.
[MarshalAs(UnmanagedType.Bool)] public bool fCommercial;
/// Boolean value that indicates whether the certificate is a trusted root certificate.
[MarshalAs(UnmanagedType.Bool)] public bool fTrustedRoot;
/// Boolean value that indicates whether the certificate is self-signed.
[MarshalAs(UnmanagedType.Bool)] public bool fSelfSigned;
/// Boolean value that indicates whether the certificate is a test certificate.
[MarshalAs(UnmanagedType.Bool)] public bool fTestCert;
/// Value that specifies the revocation reason, if applicable.
public uint dwRevokedReason;
///
/// Bitwise combination of zero or more of the following confidence values.
///
///
/// Value
/// Meaning
///
/// -
/// CERT_CONFIDENCE_SIG 0x10000000
/// The signature of the certificate is valid.
///
/// -
/// CERT_CONFIDENCE_TIME 0x01000000
/// The time of the certificate issuer is valid.
///
/// -
/// CERT_CONFIDENCE_TIMENEST 0x00100000
/// The time of the certificate is valid.
///
/// -
/// CERT_CONFIDENCE_AUTHIDEXT 0x00010000
/// The authority ID extension is valid.
///
/// -
/// CERT_CONFIDENCE_HYGIENE 0x00001000
/// At a minimum, the signature of the certificate and authority ID extension are valid.
///
/// -
/// CERT_CONFIDENCE_HIGHEST 0x11111000
/// Combination of all of the other confidence values.
///
///
///
public CertConfidence dwConfidence;
/// A pointer to a DWORD variable that contains the error value for this certificate, if applicable.
public uint dwError;
/// A pointer to the CTL_CONTEXT that represents the certificate trust list (CTL).
public IntPtr pTrustListContext;
/// Boolean value that specifies whether the certificate is a trust list signer certificate.
[MarshalAs(UnmanagedType.Bool)] public bool fTrustListSignerCert;
/// A pointer to the CTL_CONTEXT that represents a CTL that contains a self-signed certificate, if applicable.
public IntPtr pCtlContext;
///
/// A pointer to a DWORD variable that contains the error value for a CTL that contains a self-signed certificate, if applicable.
///
public uint dwCtlError;
/// Boolean value that indicates whether the certificate trust is cyclical.
[MarshalAs(UnmanagedType.Bool)] public bool fIsCyclic;
/// A pointer to the CERT_CHAIN_ELEMENT that represents the status of the certificate within a chain.
public IntPtr pChainElement;
}
///
/// [The CRYPT_PROVUI_DATA structure is available for use in the operating systems specified in the Requirements section. It may be
/// altered or unavailable in subsequent versions.]
///
/// The CRYPT_PROVUI_DATA structure provides user interface (UI) data for a provider.This structure is used by the
/// CRYPT_PROVUI_FUNCS structure.
///
///
[PInvokeData("wintrust.h", MSDNShortId = "86f819f0-c243-45ba-8b7b-97ed906e6e8a")]
[StructLayout(LayoutKind.Sequential)]
public struct CRYPT_PROVIDER_DATA
{
/// The size, in bytes, of this structure.
public uint cbStruct;
/// Error code, if applicable.
public uint dwFinalError;
/// A pointer to a null-terminated string for the Yes button text. If this parameter is NULL, then "&Yes" is used.
[MarshalAs(UnmanagedType.LPWStr)]
public string pYesButtonText;
/// A pointer to a null-terminated string for the No button text. If this parameter is NULL, then "&No" is used.
[MarshalAs(UnmanagedType.LPWStr)]
public string pNoButtonText;
/// A pointer to a null-terminated string for the More Info button text. If this parameter is NULL, then "&More Info"
/// is used.
[MarshalAs(UnmanagedType.LPWStr)]
public string pMoreInfoButtonText;
/// A pointer to a null-terminated string for the Advanced button text.
[MarshalAs(UnmanagedType.LPWStr)]
public string pAdvancedLinkText;
///
/// A pointer to a null-terminated string for the text used when the trust is valid and a time stamp is used. If this parameter
/// is NULL, then "Do you want to install and run ""%1"" signed on %2 and distributed by:" is used.
///
[MarshalAs(UnmanagedType.LPWStr)]
public string pCopyActionText;
///
/// A pointer to a null-terminated string for the text used when the trust is valid but a time stamp is not used. If this
/// parameter is NULL, then "Do you want to install and run ""%1"" signed on an unknown date/time and distributed by:" is used.
///
[MarshalAs(UnmanagedType.LPWStr)]
public string pCopyActionTextNoTS;
///
/// A pointer to a null-terminated string for the text used when a signature is not provided. If this parameter is NULL, then
/// "Do you want to install and run ""%1""?" is used.
///
[MarshalAs(UnmanagedType.LPWStr)]
public string pCopyActionTextNotSigned;
}
///
/// The CRYPT_PROVIDER_DEFUSAGE structure is used by the WintrustGetDefaultForUsage function to retrieve callback information
/// for a provider's default usage.
///
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/ns-wintrust-_crypt_provider_defusage typedef struct
// _CRYPT_PROVIDER_DEFUSAGE { DWORD cbStruct; GUID gActionID; LPVOID pDefPolicyCallbackData; LPVOID pDefSIPClientData; }
// CRYPT_PROVIDER_DEFUSAGE, *PCRYPT_PROVIDER_DEFUSAGE;
[PInvokeData("wintrust.h", MSDNShortId = "28A93F39-0CBC-432C-841B-83B54A50EA14")]
[StructLayout(LayoutKind.Sequential)]
public struct CRYPT_PROVIDER_DEFUSAGE
{
/// Size, in bytes, of the structure.
public uint cbStruct;
/// GUID that specifies the provider's default action.
public Guid gActionID;
/// Pointer to a data buffer used to pass policy-specific data to a policy provider.
public IntPtr pDefPolicyCallbackData;
/// Pointer to a data buffer used to pass subject interface package (SIP) specific data to an SIP provider.
public IntPtr pDefSIPClientData;
}
///
///
/// [The CRYPT_PROVIDER_FUNCTIONS structure is available for use in the operating systems specified in the Requirements
/// section. It may be altered or unavailable in subsequent versions.]
///
///
/// The CRYPT_PROVIDER_FUNCTIONS structure defines the functions used by a cryptographic service provider (CSP) for WinTrust operations.
///
///
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/ns-wintrust-_crypt_provider_functions typedef struct
// _CRYPT_PROVIDER_FUNCTIONS { DWORD cbStruct; PFN_CPD_MEM_ALLOC pfnAlloc; PFN_CPD_MEM_FREE pfnFree; PFN_CPD_ADD_STORE
// pfnAddStore2Chain; PFN_CPD_ADD_SGNR pfnAddSgnr2Chain; PFN_CPD_ADD_CERT pfnAddCert2Chain; PFN_CPD_ADD_PRIVDATA
// pfnAddPrivData2Chain; PFN_PROVIDER_INIT_CALL pfnInitialize; PFN_PROVIDER_OBJTRUST_CALL pfnObjectTrust; PFN_PROVIDER_SIGTRUST_CALL
// pfnSignatureTrust; PFN_PROVIDER_CERTTRUST_CALL pfnCertificateTrust; PFN_PROVIDER_FINALPOLICY_CALL pfnFinalPolicy;
// PFN_PROVIDER_CERTCHKPOLICY_CALL pfnCertCheckPolicy; PFN_PROVIDER_TESTFINALPOLICY_CALL pfnTestFinalPolicy; struct
// _CRYPT_PROVUI_FUNCS *psUIpfns; PFN_PROVIDER_CLEANUP_CALL pfnCleanupPolicy; } CRYPT_PROVIDER_FUNCTIONS, *PCRYPT_PROVIDER_FUNCTIONS;
[PInvokeData("wintrust.h", MSDNShortId = "2c00f8ec-e262-4df8-8984-a2702a4162bf")]
[StructLayout(LayoutKind.Sequential)]
public struct CRYPT_PROVIDER_FUNCTIONS
{
/// The size, in bytes, of this structure.
public uint cbStruct;
/// A pointer to the memory allocation function.
public IntPtr pfnAlloc;
/// A pointer to the memory deallocation function.
public IntPtr pfnFree;
/// A pointer to the function that adds a store to the chain.
public IntPtr pfnAddStore2Chain;
/// A pointer to the function that adds a signer structure to a message structure in a chain.
public IntPtr pfnAddSgnr2Chain;
/// A pointer to the function that adds a certificate structure to a signer structure in a chain.
public IntPtr pfnAddCert2Chain;
/// A pointer to the function that adds private data to a structure.
public IntPtr pfnAddPrivData2Chain;
/// A pointer to the function that initializes policy data.
public IntPtr pfnInitialize;
/// A pointer to the function that builds information for the signer data.
public IntPtr pfnObjectTrust;
/// A pointer to the function that builds information for the signing certificate.
public IntPtr pfnSignatureTrust;
/// A pointer to the function that builds the chain.
public IntPtr pfnCertificateTrust;
/// A pointer to the function that makes the final call to the policy.
public IntPtr pfnFinalPolicy;
/// A pointer to the function that checks each certificate while building a chain.
public IntPtr pfnCertCheckPolicy;
/// A pointer to the function that allows structures to be dumped to a file.
public IntPtr pfnTestFinalPolicy;
/// A pointer to a CRYPT_PROVUI_FUNCS structure.
public IntPtr psUIpfns;
/// A pointer to the function that cleans up private data.
public IntPtr pfnCleanupPolicy;
}
///
///
/// [The CRYPT_PROVIDER_PRIVDATA structure is available for use in the operating systems specified in the Requirements
/// section. It may be altered or unavailable in subsequent versions.]
///
///
/// The CRYPT_PROVIDER_PRIVDATA structure contains private data to be used by a provider. The structure is used by the
/// CRYPT_PROVIDER_DATA structure.
///
///
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/ns-wintrust-_crypt_provider_privdata typedef struct
// _CRYPT_PROVIDER_PRIVDATA { DWORD cbStruct; GUID gProviderID; DWORD cbProvData; void *pvProvData; } CRYPT_PROVIDER_PRIVDATA, *PCRYPT_PROVIDER_PRIVDATA;
[PInvokeData("wintrust.h", MSDNShortId = "499e4d9b-991a-4317-bc74-a1dfb6609a70")]
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Ansi)]
public struct CRYPT_PROVIDER_PRIVDATA
{
/// The size, in bytes, of this structure.
public uint cbStruct;
/// GUID that identifies the provider.
public Guid gProviderID;
/// Number of bytes referenced by pvProvData.
public uint cbProvData;
/// A pointer to a void that contains the private data.
public IntPtr pvProvData;
}
///
/// The CRYPT_PROVIDER_REGDEFUSAGE structure is used by the WintrustAddDefaultForUsage function to register callback
/// information about a provider's default usage.
///
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/ns-wintrust-_crypt_provider_regdefusage typedef struct
// _CRYPT_PROVIDER_REGDEFUSAGE { DWORD cbStruct; GUID *pgActionID; WCHAR *pwszDllName; char *pwszLoadCallbackDataFunctionName; char
// *pwszFreeCallbackDataFunctionName; } CRYPT_PROVIDER_REGDEFUSAGE, *PCRYPT_PROVIDER_REGDEFUSAGE;
[PInvokeData("wintrust.h", MSDNShortId = "A6047CBA-E4BA-4A31-B700-C368CFB57895")]
[StructLayout(LayoutKind.Sequential)]
public struct CRYPT_PROVIDER_REGDEFUSAGE
{
/// Size, in bytes, of this structure.
public uint cbStruct;
/// GUID that specifies the provider's default action.
public IntPtr pgActionID;
/// Pointer to the name of the provider DLL.
public StrPtrUni pwszDllName;
///
/// Pointer to the name of the function that loads the callback data to be returned when the WintrustGetDefaultForUsage function
/// is called with the dwAction parameter set to DWACTION_ALLOCANDFILL. This information also exists in the WINTRUST_DATA structure.
///
public StrPtrUni pwszLoadCallbackDataFunctionName;
///
/// Pointer to the name of the function that frees allocated memory when the WintrustGetDefaultForUsage function is called with
/// the dwAction parameter set to DWACTION_FREE. This information also exists in the WINTRUST_DATA structure.
///
public StrPtrUni pwszFreeCallbackDataFunctionName;
}
///
///
/// [The CRYPT_PROVIDER_SGNR structure is available for use in the operating systems specified in the Requirements section.
/// It may be altered or unavailable in subsequent versions.]
///
/// The CRYPT_PROVIDER_SGNR structure provides information about a signer or countersigner.
///
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/ns-wintrust-_crypt_provider_sgnr typedef struct
// _CRYPT_PROVIDER_SGNR { DWORD cbStruct; FILETIME sftVerifyAsOf; DWORD csCertChain; struct _CRYPT_PROVIDER_CERT *pasCertChain;
// DWORD dwSignerType; CMSG_SIGNER_INFO *psSigner; DWORD dwError; DWORD csCounterSigners; struct _CRYPT_PROVIDER_SGNR
// *pasCounterSigners; PCCERT_CHAIN_CONTEXT pChainContext; } CRYPT_PROVIDER_SGNR, *PCRYPT_PROVIDER_SGNR;
[PInvokeData("wintrust.h", MSDNShortId = "39cf9a03-768d-4ae0-a19d-17652181dbe4")]
[StructLayout(LayoutKind.Sequential)]
public struct CRYPT_PROVIDER_SGNR
{
/// The size, in bytes, of this structure.
public uint cbStruct;
/// The current time, or the time stamp.
public FILETIME sftVerifyAsOf;
/// Number of elements in the pasCertChain array.
public uint csCertChain;
/// Array of CRYPT_PROVIDER_CERT structures.
public IntPtr pasCertChain;
///
/// Signer type, if known by the policy. This value is zero, if the signer type is unknown, or the following value.
///
///
/// Value
/// Meaning
///
/// -
/// SGNR_TYPE_TIMESTAMP 0x00000010
/// Time stamp signer.
///
///
///
public uint dwSignerType;
/// A pointer to a CMSG_SIGNER_INFO structure.
public IntPtr psSigner;
/// Error value, if any, while building or verifying the signer.
public uint dwError;
/// Number of elements in the pasCounterSigners array.
public uint csCounterSigners;
/// A pointer to an array of CRYPT_PROVIDER_SGNR structures that represent the countersigners.
public IntPtr pasCounterSigners;
/// A pointer to a CERT_CHAIN_CONTEXT structure.
public IntPtr pChainContext;
}
/// The CRYPT_PROVIDER_SIGSTATE structure is used to communicate between policy providers and Wintrust.
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/ns-wintrust-_crypt_provider_sigstate typedef struct
// _CRYPT_PROVIDER_SIGSTATE { DWORD cbStruct; HCRYPTMSG *rhSecondarySigs; HCRYPTMSG hPrimarySig; BOOL fFirstAttemptMade; BOOL
// fNoMoreSigs; DWORD cSecondarySigs; DWORD dwCurrentIndex; BOOL fSupportMultiSig; DWORD dwCryptoPolicySupport; DWORD iAttemptCount;
// BOOL fCheckedSealing; struct _SEALING_SIGNATURE_ATTRIBUTE *pSealingSignature; } CRYPT_PROVIDER_SIGSTATE, *PCRYPT_PROVIDER_SIGSTATE;
[PInvokeData("wintrust.h", MSDNShortId = "B362A161-6B92-41B0-AE81-337EB42502D8")]
[StructLayout(LayoutKind.Sequential)]
public struct CRYPT_PROVIDER_SIGSTATE
{
/// Size, in bytes, of this structure.
public uint cbStruct;
/// Pointer to an array of secondary signature handles.
public IntPtr rhSecondarySigs;
/// Handle of the primary signature.
public HCRYPTMSG hPrimarySig;
/// Specifies whether the first attempt to verify a signature has been made.
[MarshalAs(UnmanagedType.Bool)] public bool fFirstAttemptMade;
/// Specifies whether there exist further signatures that await verification.
[MarshalAs(UnmanagedType.Bool)] public bool fNoMoreSigs;
/// Number of secondary signatures.
public uint cSecondarySigs;
/// Index of the signature currently being verified.
public uint dwCurrentIndex;
/// Specifies whether the policy provider supports multiple signatures.
[MarshalAs(UnmanagedType.Bool)] public bool fSupportMultiSig;
///
///
/// Identifies the portion of the policy provider that supports cryptographic policy. This can be one of the following values:
///
///
/// -
/// WSS_OBJTRUST_SUPPORT
///
/// -
/// WSS_SIGTRUST_SUPPORT
///
/// -
/// WSS_CERTTRUST_SUPPORT
///
///
///
public WSS_SUPPORT dwCryptoPolicySupport;
///
public uint iAttemptCount;
///
[MarshalAs(UnmanagedType.Bool)] public bool fCheckedSealing;
///
public IntPtr pSealingSignature;
}
///
///
/// [The CRYPT_PROVUI_DATA structure is available for use in the operating systems specified in the Requirements section. It
/// may be altered or unavailable in subsequent versions.]
///
///
/// The CRYPT_PROVUI_DATA structure provides user interface (UI) data for a provider. This structure is used by the
/// CRYPT_PROVUI_FUNCS structure.
///
///
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/ns-wintrust-crypt_provui_data typedef struct _CRYPT_PROVUI_DATA {
// DWORD cbStruct; DWORD dwFinalError; WCHAR *pYesButtonText; WCHAR *pNoButtonText; WCHAR *pMoreInfoButtonText; WCHAR
// *pAdvancedLinkText; WCHAR *pCopyActionText; WCHAR *pCopyActionTextNoTS; WCHAR *pCopyActionTextNotSigned; } CRYPT_PROVUI_DATA, *PCRYPT_PROVUI_DATA;
[PInvokeData("wintrust.h", MSDNShortId = "86f819f0-c243-45ba-8b7b-97ed906e6e8a")]
[StructLayout(LayoutKind.Sequential)]
public struct CRYPT_PROVUI_DATA
{
/// The size, in bytes, of this structure.
public uint cbStruct;
/// Error code, if applicable.
public Win32Error dwFinalError;
///
/// A pointer to a null-terminated string for the Yes button text. If this parameter is NULL, then
/// "&Yes" is used.
///
public StrPtrUni pYesButtonText;
///
/// A pointer to a null-terminated string for the No button text. If this parameter is NULL, then "&No"
/// is used.
///
public StrPtrUni pNoButtonText;
///
/// A pointer to a null-terminated string for the More Info button text. If this parameter is NULL, then
/// "&More Info" is used.
///
public StrPtrUni pMoreInfoButtonText;
/// A pointer to a null-terminated string for the Advanced button text.
public StrPtrUni pAdvancedLinkText;
///
/// A pointer to a null-terminated string for the text used when the trust is valid and a time stamp is used. If this
/// parameter is NULL, then "Do you want to install and run ""%1"" signed on %2 and distributed by:" is used.
///
public StrPtrUni pCopyActionText;
///
/// A pointer to a null-terminated string for the text used when the trust is valid but a time stamp is not used. If this
/// parameter is NULL, then "Do you want to install and run ""%1"" signed on an unknown date/time and distributed by:" is used.
///
public StrPtrUni pCopyActionTextNoTS;
///
/// A pointer to a null-terminated string for the text used when a signature is not provided. If this parameter is
/// NULL, then "Do you want to install and run ""%1""?" is used.
///
public StrPtrUni pCopyActionTextNotSigned;
}
///
///
/// [The CRYPT_PROVUI_FUNCS structure is available for use in the operating systems specified in the Requirements section. It
/// may be altered or unavailable in subsequent versions.]
///
///
/// The CRYPT_PROVUI_FUNCS structure provides information about the user interface (UI) functions of a provider. This
/// structure is used by the CRYPT_PROVIDER_FUNCTIONS structure.
///
///
/// The prototype for PFN_PROVUI_CALL is defined as:
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/ns-wintrust-_crypt_provui_funcs typedef struct _CRYPT_PROVUI_FUNCS
// { DWORD cbStruct; struct _CRYPT_PROVUI_DATA *psUIData; PFN_PROVUI_CALL pfnOnMoreInfoClick; PFN_PROVUI_CALL
// pfnOnMoreInfoClickDefault; PFN_PROVUI_CALL pfnOnAdvancedClick; PFN_PROVUI_CALL pfnOnAdvancedClickDefault; } CRYPT_PROVUI_FUNCS, *PCRYPT_PROVUI_FUNCS;
[PInvokeData("wintrust.h", MSDNShortId = "7cdc32ea-b28a-400f-ad8a-984f86bb95fd")]
[StructLayout(LayoutKind.Sequential)]
public struct CRYPT_PROVUI_FUNCS
{
/// The size, in bytes, of this structure.
public uint cbStruct;
/// A pointer to a CRYPT_PROVUI_DATA structure.
public IntPtr psUIData;
/// A pointer to the function called when the More Info button is clicked.
public IntPtr pfnOnMoreInfoClick;
/// A pointer to the default function called when the More Info button is clicked.
public IntPtr pfnOnMoreInfoClickDefault;
/// A pointer to the function called when the Advanced button is clicked.
public IntPtr pfnOnAdvancedClick;
/// A pointer to the default function called when the Advanced button is clicked.
public IntPtr pfnOnAdvancedClickDefault;
}
///
///
/// [The CRYPT_REGISTER_ACTIONID structure is available for use in the operating systems specified in the Requirements
/// section. It may be altered or unavailable in subsequent versions.]
///
///
/// The CRYPT_REGISTER_ACTIONID structure provides information about the functions of a provider. This structure is used by
/// the WintrustAddActionID function.
///
///
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/ns-wintrust-_crypt_register_actionid typedef struct
// _CRYPT_REGISTER_ACTIONID { DWORD cbStruct; CRYPT_TRUST_REG_ENTRY sInitProvider; CRYPT_TRUST_REG_ENTRY sObjectProvider;
// CRYPT_TRUST_REG_ENTRY sSignatureProvider; CRYPT_TRUST_REG_ENTRY sCertificateProvider; CRYPT_TRUST_REG_ENTRY
// sCertificatePolicyProvider; CRYPT_TRUST_REG_ENTRY sFinalPolicyProvider; CRYPT_TRUST_REG_ENTRY sTestPolicyProvider;
// CRYPT_TRUST_REG_ENTRY sCleanupProvider; } CRYPT_REGISTER_ACTIONID, *PCRYPT_REGISTER_ACTIONID;
[PInvokeData("wintrust.h", MSDNShortId = "0b2b482f-f087-4be7-b17f-91c287c3460d")]
[StructLayout(LayoutKind.Sequential)]
public struct CRYPT_REGISTER_ACTIONID
{
/// The size, in bytes, of this structure.
public uint cbStruct;
/// CRYPT_TRUST_REG_ENTRY structure that identifies the function that initializes the provider.
public CRYPT_TRUST_REG_ENTRY sInitProvider;
/// CRYPT_TRUST_REG_ENTRY structure that identifies the object provider function.
public CRYPT_TRUST_REG_ENTRY sObjectProvider;
/// CRYPT_TRUST_REG_ENTRY structure that identifies the signature provider function.
public CRYPT_TRUST_REG_ENTRY sSignatureProvider;
/// CRYPT_TRUST_REG_ENTRY structure that identifies the certificate provider function.
public CRYPT_TRUST_REG_ENTRY sCertificateProvider;
/// CRYPT_TRUST_REG_ENTRY structure that identifies the certificate policy provider function.
public CRYPT_TRUST_REG_ENTRY sCertificatePolicyProvider;
/// CRYPT_TRUST_REG_ENTRY structure that identifies the final policy provider function.
public CRYPT_TRUST_REG_ENTRY sFinalPolicyProvider;
/// CRYPT_TRUST_REG_ENTRY structure that identifies the test policy provider function.
public CRYPT_TRUST_REG_ENTRY sTestPolicyProvider;
/// CRYPT_TRUST_REG_ENTRY structure that identifies the cleanup provider function.
public CRYPT_TRUST_REG_ENTRY sCleanupProvider;
}
///
///
/// [The CRYPT_TRUST_REG_ENTRY structure is available for use in the operating systems specified in the Requirements section.
/// It may be altered or unavailable in subsequent versions.]
///
///
/// The CRYPT_TRUST_REG_ENTRY structure identifies a provider function by DLL name and function name. This structure is used
/// by the CRYPT_REGISTER_ACTIONID structure when the WintrustAddActionID function is called.
///
///
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/ns-wintrust-_crypt_trust_reg_entry typedef struct
// _CRYPT_TRUST_REG_ENTRY { DWORD cbStruct; WCHAR *pwszDLLName; WCHAR *pwszFunctionName; } CRYPT_TRUST_REG_ENTRY, *PCRYPT_TRUST_REG_ENTRY;
[PInvokeData("wintrust.h", MSDNShortId = "1a531219-f254-4057-934b-af95bfe0bb83")]
[StructLayout(LayoutKind.Sequential)]
public struct CRYPT_TRUST_REG_ENTRY
{
/// The size, in bytes, of this structure.
public uint cbStruct;
/// A pointer to a null-terminated string for the DLL name.
public StrPtrUni pwszDLLName;
/// A pointer to a null-terminated string for the function name.
public StrPtrUni pwszFunctionName;
}
/// Provides a handle to a catalog administrator context.
[StructLayout(LayoutKind.Sequential)]
public struct HCATADMIN : IHandle
{
private readonly IntPtr handle;
/// Initializes a new instance of the struct.
/// An object that represents the pre-existing handle to use.
public HCATADMIN(IntPtr preexistingHandle) => handle = preexistingHandle;
/// Returns an invalid handle by instantiating a object with .
public static HCATADMIN NULL => new HCATADMIN(IntPtr.Zero);
/// Gets a value indicating whether this instance is a null handle.
public bool IsNull => handle == IntPtr.Zero;
/// Performs an explicit conversion from to .
/// The handle.
/// The result of the conversion.
public static explicit operator IntPtr(HCATADMIN h) => h.handle;
/// Performs an implicit conversion from to .
/// The pointer to a handle.
/// The result of the conversion.
public static implicit operator HCATADMIN(IntPtr h) => new HCATADMIN(h);
/// Implements the operator !=.
/// The first handle.
/// The second handle.
/// The result of the operator.
public static bool operator !=(HCATADMIN h1, HCATADMIN h2) => !(h1 == h2);
/// Implements the operator ==.
/// The first handle.
/// The second handle.
/// The result of the operator.
public static bool operator ==(HCATADMIN h1, HCATADMIN h2) => h1.Equals(h2);
///
public override bool Equals(object obj) => obj is HCATADMIN h ? handle == h.handle : false;
///
public override int GetHashCode() => handle.GetHashCode();
///
public IntPtr DangerousGetHandle() => handle;
}
/// Provides a handle to a cryptography message.
[StructLayout(LayoutKind.Sequential)]
public struct HCRYPTMSG : IHandle
{
private readonly IntPtr handle;
/// Initializes a new instance of the struct.
/// An object that represents the pre-existing handle to use.
public HCRYPTMSG(IntPtr preexistingHandle) => handle = preexistingHandle;
/// Returns an invalid handle by instantiating a object with .
public static HCRYPTMSG NULL => new HCRYPTMSG(IntPtr.Zero);
/// Gets a value indicating whether this instance is a null handle.
public bool IsNull => handle == IntPtr.Zero;
/// Performs an explicit conversion from to .
/// The handle.
/// The result of the conversion.
public static explicit operator IntPtr(HCRYPTMSG h) => h.handle;
/// Performs an implicit conversion from to .
/// The pointer to a handle.
/// The result of the conversion.
public static implicit operator HCRYPTMSG(IntPtr h) => new HCRYPTMSG(h);
/// Implements the operator !=.
/// The first handle.
/// The second handle.
/// The result of the operator.
public static bool operator !=(HCRYPTMSG h1, HCRYPTMSG h2) => !(h1 == h2);
/// Implements the operator ==.
/// The first handle.
/// The second handle.
/// The result of the operator.
public static bool operator ==(HCRYPTMSG h1, HCRYPTMSG h2) => h1.Equals(h2);
///
public override bool Equals(object obj) => obj is HCRYPTMSG h ? handle == h.handle : false;
///
public override int GetHashCode() => handle.GetHashCode();
///
public IntPtr DangerousGetHandle() => handle;
}
///
/// The SPC_INDIRECT_DATA_CONTENT structure is used in Authenticode signatures to store the digest and other attributes of
/// the signed file.
///
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/ns-wintrust-_spc_indirect_data_content typedef struct
// _SPC_INDIRECT_DATA_CONTENT { CRYPT_ATTRIBUTE_TYPE_VALUE Data; CRYPT_ALGORITHM_IDENTIFIER DigestAlgorithm; CRYPT_HASH_BLOB Digest;
// } SPC_INDIRECT_DATA_CONTENT, *PSPC_INDIRECT_DATA_CONTENT;
[PInvokeData("wintrust.h", MSDNShortId = "BD790CA5-9C51-4483-93C1-5492154BF913")]
[StructLayout(LayoutKind.Sequential)]
public struct SPC_INDIRECT_DATA_CONTENT
{
/// A CRYPT_ATTRIBUTE_TYPE_VALUE that contains attributes of the digested file.
public CRYPT_ATTRIBUTE_TYPE_VALUE Data;
/// Specifies the digest algorithm used to hash the file.
public CRYPT_ALGORITHM_IDENTIFIER DigestAlgorithm;
/// The Authenticode digest value of the file using the algorithm specified in the DigestAlgorithm parameter.
public CRYPTOAPI_BLOB Digest;
}
/// This structure encapsulates a signature used in verifying executable files.
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/ns-wintrust-_win_certificate typedef struct _WIN_CERTIFICATE {
// DWORD dwLength; WORD wRevision; WORD wCertificateType; BYTE bCertificate[ANYSIZE_ARRAY]; } WIN_CERTIFICATE, *LPWIN_CERTIFICATE;
[PInvokeData("wintrust.h", MSDNShortId = "AC666871-265B-4D09-B7A6-DEC48D4645FD")]
[StructLayout(LayoutKind.Sequential)]
public struct WIN_CERTIFICATE
{
/// Specifies the length, in bytes, of the signature.
public uint dwLength;
///
/// Specifies the certificate revision.
/// The only defined certificate revision is WIN_CERT_REVISION_1_0 (0x0100).
///
public ushort wRevision;
///
/// Specifies the type of certificate.
///
///
/// Value
/// Description
///
/// -
/// WIN_CERT_TYPE_X509 (0x0001)
/// The bCertificate member contains an X.509 certificate.
///
/// -
/// WIN_CERT_TYPE_PKCS_SIGNED_DATA (0x0002)
/// The bCertificate member contains a PKCS SignedData structure.
///
/// -
/// WIN_CERT_TYPE_RESERVED_1 (0x0003)
/// Reserved.
///
/// -
/// WIN_CERT_TYPE_PKCS1_SIGN (0x0009)
/// The bCertificate member contains PKCS1_MODULE_SIGN fields.
///
///
///
public WIN_CERT_TYPE wCertificateType;
///
/// An array of certificates.
/// The format of this member depends on the value of wCertificateType.
///
public byte bCertificate;
}
///
///
/// [The WINTRUST_BLOB_INFO structure is available for use in the operating systems specified in the Requirements section. It
/// may be altered or unavailable in subsequent versions.]
///
/// The WINTRUST_BLOB_INFO structure is used when calling WinVerifyTrust to verify a memory BLOB.
///
/// Note This structure is not currently supported for the following Inbox file formats. There may be other formats besides
/// these that are not supported. This structure is only supported by files formats with subject interface package (SIP) providers
/// that support this structure.
///
///
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/ns-wintrust-wintrust_blob_info_ typedef struct WINTRUST_BLOB_INFO_
// { DWORD cbStruct; GUID gSubject; LPCWSTR pcwszDisplayName; DWORD cbMemObject; BYTE *pbMemObject; DWORD cbMemSignedMsg; BYTE
// *pbMemSignedMsg; } WINTRUST_BLOB_INFO, *PWINTRUST_BLOB_INFO;
[PInvokeData("wintrust.h", MSDNShortId = "8b13d355-4d24-4d8e-aae3-db16467999be")]
[StructLayout(LayoutKind.Sequential)]
public struct WINTRUST_BLOB_INFO
{
/// The number of bytes in this structure.
public uint cbStruct;
/// The GUID of the SIP to load.
public Guid gSubject;
/// A string that contains the name of the memory object pointed to by pbMem.
public StrPtrUni pcwszDisplayName;
/// The length, in bytes, of the memory BLOB to be verified.
public uint cbMemObject;
/// A pointer to a memory BLOB to be verified.
public IntPtr pbMemObject;
/// This member is reserved. Do not use it.
public uint cbMemSignedMsg;
/// This member is reserved. Do not use it.
public IntPtr pbMemSignedMsg;
}
///
/// The WINTRUST_CATALOG_INFO structure is used when calling WinVerifyTrust to verify a member of a Microsoft catalog.
///
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/ns-wintrust-wintrust_catalog_info_ typedef struct
// WINTRUST_CATALOG_INFO_ { DWORD cbStruct; DWORD dwCatalogVersion; LPCWSTR pcwszCatalogFilePath; LPCWSTR pcwszMemberTag; LPCWSTR
// pcwszMemberFilePath; HANDLE hMemberFile; BYTE *pbCalculatedFileHash; DWORD cbCalculatedFileHash; PCCTL_CONTEXT pcCatalogContext;
// HCATADMIN hCatAdmin; } WINTRUST_CATALOG_INFO, *PWINTRUST_CATALOG_INFO;
[PInvokeData("wintrust.h", MSDNShortId = "5d095e0f-c8c9-4717-b23a-985737b78431")]
[StructLayout(LayoutKind.Sequential)]
public struct WINTRUST_CATALOG_INFO
{
/// Size, in bytes, of this structure.
public uint cbStruct;
/// Optional. Catalog version number.
public uint dwCatalogVersion;
/// The full path and file name of the catalog file that contains the member to be verified.
public StrPtrUni pcwszCatalogFilePath;
/// Tag of a member file to be verified.
public StrPtrUni pcwszMemberTag;
/// The full path and file name of the catalog member file to be verified.
public StrPtrUni pcwszMemberFilePath;
///
/// Optional. Handle of the open catalog member file to be verified. The handle must be to a file with at least read permissions.
///
public HFILE hMemberFile;
/// Optional. The calculated hash of the file that contains the file to be verified.
public IntPtr pbCalculatedFileHash;
///
/// The size, in bytes, of the value passed in the pbCalculatedFileHash member. cbCalculatedFileHash is used only
/// if the calculated hash is being passed.
///
public uint cbCalculatedFileHash;
/// A pointer to a CTL_CONTEXT structure that represents a catalog context to be used instead of a catalog file.
public IntPtr pcCatalogContext;
///
/// Handle to the catalog administrator context that was used when calculating the hash of the file. This value can be zero only
/// for a SHA1 file hash. Windows 8 and Windows Server 2012: Support for this member begins.
///
public HCATADMIN hCatAdmin;
}
///
///
/// [The WINTRUST_CERT_INFO structure is available for use in the operating systems specified in the Requirements section. It
/// may be altered or unavailable in subsequent versions.]
///
/// The WINTRUST_CERT_INFO structure is used when calling WinVerifyTrust to verify a CERT_CONTEXT.
///
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/ns-wintrust-wintrust_cert_info_ typedef struct WINTRUST_CERT_INFO_
// { DWORD cbStruct; LPCWSTR pcwszDisplayName; CERT_CONTEXT *psCertContext; DWORD chStores; HCERTSTORE *pahStores; DWORD dwFlags;
// FILETIME *psftVerifyAsOf; } WINTRUST_CERT_INFO, *PWINTRUST_CERT_INFO;
[PInvokeData("wintrust.h", MSDNShortId = "6522d1f0-3d96-4499-9220-23288122e0e6")]
[StructLayout(LayoutKind.Sequential)]
public struct WINTRUST_CERT_INFO
{
/// Count of bytes in this structure.
public uint cbStruct;
/// String with the name of the memory object pointed to by the pbMem member of the WINTRUST_BLOB_INFO structure.
public StrPtrUni pcwszDisplayName;
/// A pointer to the CERT_CONTEXT to be verified.
public IntPtr psCertContext;
/// The number of store handles in pahStores.
public uint chStores;
///
/// An array of open certificate stores to add to the list of stores that the policy provider looks in to find certificates
/// while building a trust chain.
///
public IntPtr pahStores;
///
public uint dwFlags;
///
public IntPtr psftVerifyAsOf;
}
/// The WINTRUST_FILE_INFO structure is used when calling WinVerifyTrust to verify an individual file.
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/ns-wintrust-wintrust_file_info_ typedef struct WINTRUST_FILE_INFO_
// { DWORD cbStruct; LPCWSTR pcwszFilePath; HANDLE hFile; GUID *pgKnownSubject; } WINTRUST_FILE_INFO, *PWINTRUST_FILE_INFO;
[PInvokeData("wintrust.h", MSDNShortId = "3c3bef86-a2ed-47d1-a726-90630433358a")]
[StructLayout(LayoutKind.Sequential)]
public struct WINTRUST_FILE_INFO
{
/// Count of bytes in this structure.
public uint cbStruct;
/// Full path and file name of the file to be verified. This parameter cannot be NULL.
public StrPtrUni pcwszFilePath;
///
/// Optional. File handle to the open file to be verified. This handle must be to a file that has at least read permission. This
/// member can be set to NULL.
///
public HFILE hFile;
/// Optional. Pointer to a GUID structure that specifies the subject type. This member can be set to NULL.
public IntPtr pgKnownSubject;
}
///
///
/// [The WINTRUST_SGNR_INFO structure is available for use in the operating systems specified in the Requirements section. It
/// may be altered or unavailable in subsequent versions.]
///
/// The WINTRUST_SGNR_INFO structure is used when calling WinVerifyTrust to verify a CMSG_SIGNER_INFO structure.
///
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/ns-wintrust-wintrust_sgnr_info typedef struct WINTRUST_SGNR_INFO_ {
// DWORD cbStruct; LPCWSTR pcwszDisplayName; CMSG_SIGNER_INFO *psSignerInfo; DWORD chStores; HCERTSTORE *pahStores; }
// WINTRUST_SGNR_INFO, *PWINTRUST_SGNR_INFO;
[PInvokeData("wintrust.h", MSDNShortId = "04e62bfa-efe4-428a-ae6b-58c2377fd5ba")]
[StructLayout(LayoutKind.Sequential)]
public struct WINTRUST_SGNR_INFO
{
/// Count of bytes in this structure.
public uint cbStruct;
/// String with the name representing the signer to be checked.
public StrPtrUni pcwszDisplayName;
/// A pointer to a CMSG_SIGNER_INFO structure that includes the signature to be verified.
public IntPtr psSignerInfo;
/// Number of store handles in pahStores.
public uint chStores;
///
/// An array of open certificate stores to be added to the list of stores that the policy provider uses to find certificates
/// while building a trust chain.
///
public IntPtr pahStores;
}
/// The WINTRUST_SIGNATURE_SETTINGS structure can be used to specify the signatures on a file.
// https://docs.microsoft.com/en-us/windows/desktop/api/wintrust/ns-wintrust-wintrust_signature_settings_ typedef struct
// WINTRUST_SIGNATURE_SETTINGS_ { DWORD cbStruct; DWORD dwIndex; DWORD dwFlags; DWORD cSecondarySigs; DWORD dwVerifiedSigIndex;
// PCERT_STRONG_SIGN_PARA pCryptoPolicy; } WINTRUST_SIGNATURE_SETTINGS, *PWINTRUST_SIGNATURE_SETTINGS;
[PInvokeData("wintrust.h", MSDNShortId = "E0F526B4-AFDE-4481-B49F-EE7467F97A46")]
[StructLayout(LayoutKind.Sequential)]
public struct WINTRUST_SIGNATURE_SETTINGS
{
/// Size, in bytes, of this structure.
public uint cbStruct;
/// Contains the index of the signature to be validated if the dwFlags member is set to WSS_VERIFY_SPECIFIC.
public uint dwIndex;
///
/// Flags that can be used to refine behavior. This can be one of the following values.
///
///
/// Value
/// Meaning
///
/// -
/// WSS_VERIFY_SPECIFIC 0x00000001
/// Set this value if you set the dwIndex parameter.
///
/// -
/// WSS_GET_SECONDARY_SIG_COUNT 0x00000002
/// Set this value to return the number of secondary signatures found in the cSecondarySigs member.
///
///
///
public WSS dwFlags;
/// Contains the number of secondary signatures found if the dwFlags member is set to WSS_GET_SECONDARY_SIG_COUNT.
public uint cSecondarySigs;
/// The index used for verification. This member is set on return from Wintrust.
public uint dwVerifiedSigIndex;
///
/// Pointer to a CERT_STRONG_SIGN_PARA structure that contains the policy that a signature must pass to be considered valid.
///
public IntPtr pCryptoPolicy;
}
///
/// [The WINTRUST_DATA structure is available for use in the operating systems specified in the Requirements section. It may be
/// altered or unavailable in subsequent versions.]
/// The WINTRUST_DATA structure is used when calling WinVerifyTrust to pass necessary information into the trust providers.
///
[PInvokeData("wintrust.h", MSDNShortId = "8fb68f44-6f69-4eac-90de-02689e3e86cf")]
[StructLayout(LayoutKind.Sequential)]
public class WINTRUST_DATA : IDisposable
{
/// The size, in bytes, of this structure.
private readonly int _cbStruct;
/// A pointer to a data buffer used to pass policy-specific data to a policy provider. This member can be NULL.
public IntPtr pPolicyCallbackData;
///
/// A pointer to a data buffer used to pass subject interface package (SIP)-specific data to a SIP provider. This member can be NULL.
///
public IntPtr pSIPCallbackData;
/// Specifies the kind of user interface (UI) to be used.
public WTD_UI dwUIChoice;
///
/// Certificate revocation check options. This member can be set to add revocation checking to that done by the selected policy provider.
///
public WTD_REVOKE fdwRevocationChecks;
/// Specifies the union member to be used and, thus, the type of object for which trust will be verified.
private WTD_CHOICE _dwUnionChoice;
/// Pointer to the structure specified by .
private IntPtr _pInfoStruct;
/// Specifies the action to be taken.
public WTD_STATEACTION dwStateAction;
/// A handle to the state data. The contents of this member depends on the value of the dwStateAction member.
public HANDLE hWVTStateData;
/// Reserved for future use. Set to NULL.
private StrPtrUni pwszURLReference;
/// DWORD value that specifies trust provider settings.
public WTD_TRUST dwProvFlags;
///
/// A DWORD value that specifies the user interface context for the WinVerifyTrust function. This causes the text in the
/// Authenticode dialog box to match the action taken on the file.
///
public WTD_UICONTEXT dwUIContext;
///
/// Pointer to a WINTRUST_SIGNATURE_SETTINGS structure.
/// Windows 8 and Windows Server 2012: Support for this member begins.
///
private IntPtr _pSignatureSettings;
/// Initializes a new instance of the class.
public WINTRUST_DATA()
{
_cbStruct = Marshal.SizeOf(typeof(WINTRUST_DATA));
if (Environment.OSVersion.Version < new Version(6, 2))
_cbStruct -= IntPtr.Size;
}
/// The size, in bytes, of this structure.
public int cbStruct => _cbStruct;
///
/// An optional WINTRUST_SIGNATURE_SETTINGS structure.
/// Windows 8 and Windows Server 2012: Support for this member begins.
///
public WINTRUST_SIGNATURE_SETTINGS? pSignatureSettings
{
get => _pSignatureSettings.ToNullableStructure();
set
{
if (Environment.OSVersion.Version < new Version(6, 2))
throw new NotSupportedException();
if (_pSignatureSettings != IntPtr.Zero)
Marshal.FreeCoTaskMem(_pSignatureSettings);
_pSignatureSettings = value.HasValue ? value.Value.MarshalToPtr(Marshal.AllocCoTaskMem, out _) : IntPtr.Zero;
}
}
/// Gets or sets the optional file information.
public WINTRUST_FILE_INFO? pFile
{
get => _dwUnionChoice == WTD_CHOICE.WTD_CHOICE_FILE ? _pInfoStruct.ToNullableStructure() : null;
set
{
_dwUnionChoice = WTD_CHOICE.WTD_CHOICE_FILE;
if (_pInfoStruct != IntPtr.Zero)
Marshal.FreeCoTaskMem(_pInfoStruct);
_pInfoStruct = value.HasValue ? value.Value.MarshalToPtr(Marshal.AllocCoTaskMem, out _) : IntPtr.Zero;
}
}
/// Gets or sets the optional catalog information.
public WINTRUST_CATALOG_INFO? pCatalog
{
get => _dwUnionChoice == WTD_CHOICE.WTD_CHOICE_CATALOG ? _pInfoStruct.ToNullableStructure() : null;
set
{
_dwUnionChoice = WTD_CHOICE.WTD_CHOICE_CATALOG;
if (_pInfoStruct != IntPtr.Zero)
Marshal.FreeCoTaskMem(_pInfoStruct);
_pInfoStruct = value.HasValue ? value.Value.MarshalToPtr(Marshal.AllocCoTaskMem, out _) : IntPtr.Zero;
}
}
/// Gets or sets the optional blob information.
public WINTRUST_BLOB_INFO? pBlob
{
get => _dwUnionChoice == WTD_CHOICE.WTD_CHOICE_BLOB ? _pInfoStruct.ToNullableStructure() : null;
set
{
_dwUnionChoice = WTD_CHOICE.WTD_CHOICE_BLOB;
if (_pInfoStruct != IntPtr.Zero)
Marshal.FreeCoTaskMem(_pInfoStruct);
_pInfoStruct = value.HasValue ? value.Value.MarshalToPtr(Marshal.AllocCoTaskMem, out _) : IntPtr.Zero;
}
}
/// Gets or sets the optional signature information.
public WINTRUST_SGNR_INFO? pSgnr
{
get => _dwUnionChoice == WTD_CHOICE.WTD_CHOICE_SIGNER ? _pInfoStruct.ToNullableStructure() : null;
set
{
_dwUnionChoice = WTD_CHOICE.WTD_CHOICE_SIGNER;
if (_pInfoStruct != IntPtr.Zero)
Marshal.FreeCoTaskMem(_pInfoStruct);
_pInfoStruct = value.HasValue ? value.Value.MarshalToPtr(Marshal.AllocCoTaskMem, out _) : IntPtr.Zero;
}
}
/// Gets or sets the optional certificate information.
public WINTRUST_CERT_INFO? pCert
{
get => _dwUnionChoice == WTD_CHOICE.WTD_CHOICE_CERT ? _pInfoStruct.ToNullableStructure() : null;
set
{
_dwUnionChoice = WTD_CHOICE.WTD_CHOICE_CERT;
if (_pInfoStruct != IntPtr.Zero)
Marshal.FreeCoTaskMem(_pInfoStruct);
_pInfoStruct = value.HasValue ? value.Value.MarshalToPtr(Marshal.AllocCoTaskMem, out _) : IntPtr.Zero;
}
}
/// Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
void IDisposable.Dispose()
{
if (_pInfoStruct != IntPtr.Zero)
Marshal.FreeCoTaskMem(_pInfoStruct);
}
}
}