diff options
Diffstat (limited to 'version/wintrust/wintrust_windows.go')
-rw-r--r-- | version/wintrust/wintrust_windows.go | 115 |
1 files changed, 115 insertions, 0 deletions
diff --git a/version/wintrust/wintrust_windows.go b/version/wintrust/wintrust_windows.go new file mode 100644 index 00000000..b50636a3 --- /dev/null +++ b/version/wintrust/wintrust_windows.go @@ -0,0 +1,115 @@ +/* SPDX-License-Identifier: MIT + * + * Copyright (C) 2019 WireGuard LLC. All Rights Reserved. + */ + +package wintrust + +import ( + "golang.org/x/sys/windows" + "syscall" +) + +type WinTrustData struct { + CbStruct uint32 + PolicyCallbackData uintptr + SIPClientData uintptr + UIChoice uint32 + RevocationChecks uint32 + UnionChoice uint32 + FileOrCatalogOrBlobOrSgnrOrCert uintptr + StateAction uint32 + StateData syscall.Handle + URLReference *uint16 + ProvFlags uint32 + UIContext uint32 + SignatureSettings *WintrustSignatureSettings +} + +const ( + WTD_UI_ALL = 1 + WTD_UI_NONE = 2 + WTD_UI_NOBAD = 3 + WTD_UI_NOGOOD = 4 +) + +const ( + WTD_REVOKE_NONE = 0 + WTD_REVOKE_WHOLECHAIN = 1 +) + +const ( + WTD_CHOICE_FILE = 1 + WTD_CHOICE_CATALOG = 2 + WTD_CHOICE_BLOB = 3 + WTD_CHOICE_SIGNER = 4 + WTD_CHOICE_CERT = 5 +) + +const ( + WTD_STATEACTION_IGNORE = 0x00000000 + WTD_STATEACTION_VERIFY = 0x00000010 + WTD_STATEACTION_CLOSE = 0x00000002 + WTD_STATEACTION_AUTO_CACHE = 0x00000003 + WTD_STATEACTION_AUTO_CACHE_FLUSH = 0x00000004 +) + +const ( + WTD_USE_IE4_TRUST_FLAG = 0x1 + WTD_NO_IE4_CHAIN_FLAG = 0x2 + WTD_NO_POLICY_USAGE_FLAG = 0x4 + WTD_REVOCATION_CHECK_NONE = 0x10 + WTD_REVOCATION_CHECK_END_CERT = 0x20 + WTD_REVOCATION_CHECK_CHAIN = 0x40 + WTD_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT = 0x80 + WTD_SAFER_FLAG = 0x100 + WTD_HASH_ONLY_FLAG = 0x200 + WTD_USE_DEFAULT_OSVER_CHECK = 0x400 + WTD_LIFETIME_SIGNING_FLAG = 0x800 + WTD_CACHE_ONLY_URL_RETRIEVAL = 0x1000 + WTD_DISABLE_MD2_MD4 = 0x2000 + WTD_MOTW = 0x4000 +) + +const ( + TRUST_E_NOSIGNATURE = 0x800B0100 + TRUST_E_EXPLICIT_DISTRUST = 0x800B0111 + TRUST_E_SUBJECT_NOT_TRUSTED = 0x800B0004 + CRYPT_E_SECURITY_SETTINGS = 0x80092026 +) + +const ( + WTD_UICONTEXT_EXECUTE = 0 + WTD_UICONTEXT_INSTALL = 1 +) + +var WINTRUST_ACTION_GENERIC_VERIFY_V2 = windows.GUID{ + Data1: 0xaac56b, + Data2: 0xcd44, + Data3: 0x11d0, + Data4: [8]byte{0x8c, 0xc2, 0x0, 0xc0, 0x4f, 0xc2, 0x95, 0xee}, +} + +type WinTrustFileInfo struct { + CbStruct uint32 + FilePath *uint16 + File windows.Handle + KnownSubject *windows.GUID +} + +type WintrustSignatureSettings struct { + CbStruct uint32 + Index uint32 + Flags uint32 + SecondarySigs uint32 + VerifiedSigIndex uint32 + CryptoPolicy *CertStrongSignPara +} + +type CertStrongSignPara struct { + CbStruct uint32 + InfoChoice uint32 + InfoOrSerializedInfoOrOID uintptr +} + +//sys WinVerifyTrust(hWnd windows.Handle, actionId *windows.GUID, data *WinTrustData) (err error) [r1 != 0] = wintrust.WinVerifyTrust |