diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-04-30 11:41:45 +0200 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-04-30 20:18:46 +0200 |
commit | d0eb8ffd2410ff68b32c922c65261742332dc864 (patch) | |
tree | eace166b07cce61297e4231670e31d0c2106ef69 /version/wintrust/zsyscall_windows.go | |
parent | version: add missing zsyscall (diff) | |
download | wireguard-windows-d0eb8ffd2410ff68b32c922c65261742332dc864.tar.xz wireguard-windows-d0eb8ffd2410ff68b32c922c65261742332dc864.zip |
version: add certificate checking for official versions
This is an easy circumventable check designed mostly for convenience.
Diffstat (limited to '')
-rw-r--r-- | version/wintrust/zsyscall_windows.go | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/version/wintrust/zsyscall_windows.go b/version/wintrust/zsyscall_windows.go index 775f38ba..8aa315c0 100644 --- a/version/wintrust/zsyscall_windows.go +++ b/version/wintrust/zsyscall_windows.go @@ -38,8 +38,10 @@ func errnoErr(e syscall.Errno) error { var ( modwintrust = windows.NewLazySystemDLL("wintrust.dll") + modcrypt32 = windows.NewLazySystemDLL("crypt32.dll") - procWinVerifyTrust = modwintrust.NewProc("WinVerifyTrust") + procWinVerifyTrust = modwintrust.NewProc("WinVerifyTrust") + procCryptQueryObject = modcrypt32.NewProc("CryptQueryObject") ) func WinVerifyTrust(hWnd windows.Handle, actionId *windows.GUID, data *WinTrustData) (err error) { @@ -53,3 +55,15 @@ func WinVerifyTrust(hWnd windows.Handle, actionId *windows.GUID, data *WinTrustD } return } + +func CryptQueryObject(objectType uint32, object uintptr, expectedContentTypeFlags uint32, expectedFormatTypeFlags uint32, flags uint32, msgAndCertEncodingType *uint32, contentType *uint32, formatType *uint32, certStore *windows.Handle, msg *windows.Handle, context *uintptr) (err error) { + r1, _, e1 := syscall.Syscall12(procCryptQueryObject.Addr(), 11, uintptr(objectType), uintptr(object), uintptr(expectedContentTypeFlags), uintptr(expectedFormatTypeFlags), uintptr(flags), uintptr(unsafe.Pointer(msgAndCertEncodingType)), uintptr(unsafe.Pointer(contentType)), uintptr(unsafe.Pointer(formatType)), uintptr(unsafe.Pointer(certStore)), uintptr(unsafe.Pointer(msg)), uintptr(unsafe.Pointer(context)), 0) + if r1 == 0 { + if e1 != 0 { + err = errnoErr(e1) + } else { + err = syscall.EINVAL + } + } + return +} |