diff options
| author | Rob Mensching <rob@firegiant.com> | 2021-04-11 14:41:50 -0700 |
|---|---|---|
| committer | Rob Mensching <rob@firegiant.com> | 2021-04-12 15:37:24 -0700 |
| commit | 3e8b7eb4cb739be1881c621999616bc5bbbb0bdb (patch) | |
| tree | 1e6588300f94b85bc62dce1dfe62c78598141581 /src/ca/scacertexec.cpp | |
| parent | 1656cd76e95e78b09d1fd9724c0c02323b5c3428 (diff) | |
| download | wix-3e8b7eb4cb739be1881c621999616bc5bbbb0bdb.tar.gz wix-3e8b7eb4cb739be1881c621999616bc5bbbb0bdb.tar.bz2 wix-3e8b7eb4cb739be1881c621999616bc5bbbb0bdb.zip | |
Support non-vital certificate installs
Diffstat (limited to 'src/ca/scacertexec.cpp')
| -rw-r--r-- | src/ca/scacertexec.cpp | 37 |
1 files changed, 32 insertions, 5 deletions
diff --git a/src/ca/scacertexec.cpp b/src/ca/scacertexec.cpp index 4bb4ef95..95870c79 100644 --- a/src/ca/scacertexec.cpp +++ b/src/ca/scacertexec.cpp | |||
| @@ -23,6 +23,7 @@ static HRESULT InstallCertificatePackage( | |||
| 23 | __in LPCWSTR wzName, | 23 | __in LPCWSTR wzName, |
| 24 | __in_opt BYTE* rgbData, | 24 | __in_opt BYTE* rgbData, |
| 25 | __in DWORD cbData, | 25 | __in DWORD cbData, |
| 26 | __in BOOL fVital, | ||
| 26 | __in_opt LPCWSTR wzPFXPassword | 27 | __in_opt LPCWSTR wzPFXPassword |
| 27 | ); | 28 | ); |
| 28 | 29 | ||
| @@ -32,6 +33,12 @@ static HRESULT UninstallCertificatePackage( | |||
| 32 | __in LPCWSTR wzName | 33 | __in LPCWSTR wzName |
| 33 | ); | 34 | ); |
| 34 | 35 | ||
| 36 | static HRESULT AddCertificate( | ||
| 37 | __in HCERTSTORE hStore, | ||
| 38 | __in PCCERT_CONTEXT pCertContext, | ||
| 39 | __in LPCWSTR wzCertificateUniqueName, | ||
| 40 | __in BOOL fVital | ||
| 41 | ); | ||
| 35 | 42 | ||
| 36 | /* **************************************************************** | 43 | /* **************************************************************** |
| 37 | AddUserCertificate - CUSTOM ACTION ENTRY POINT for adding per-user | 44 | AddUserCertificate - CUSTOM ACTION ENTRY POINT for adding per-user |
| @@ -185,7 +192,7 @@ static HRESULT ExecuteCertificateOperation( | |||
| 185 | // CertAddCertificateContextToStore(CERT_STORE_ADD_REPLACE_EXISTING) does not remove the private key if the cert is replaced | 192 | // CertAddCertificateContextToStore(CERT_STORE_ADD_REPLACE_EXISTING) does not remove the private key if the cert is replaced |
| 186 | UninstallCertificatePackage(hCertStore, fUserStoreLocation, pwzName); | 193 | UninstallCertificatePackage(hCertStore, fUserStoreLocation, pwzName); |
| 187 | 194 | ||
| 188 | hr = InstallCertificatePackage(hCertStore, fUserStoreLocation, pwzName, pbData, cbData, pwzPFXPassword); | 195 | hr = InstallCertificatePackage(hCertStore, fUserStoreLocation, pwzName, pbData, cbData, iAttributes & SCA_CERT_ATTRIBUTE_VITAL, pwzPFXPassword); |
| 189 | ExitOnFailure(hr, "Failed to install certificate."); | 196 | ExitOnFailure(hr, "Failed to install certificate."); |
| 190 | } | 197 | } |
| 191 | else | 198 | else |
| @@ -226,6 +233,7 @@ static HRESULT InstallCertificatePackage( | |||
| 226 | __in LPCWSTR wzName, | 233 | __in LPCWSTR wzName, |
| 227 | __in_opt BYTE* rgbData, | 234 | __in_opt BYTE* rgbData, |
| 228 | __in DWORD cbData, | 235 | __in DWORD cbData, |
| 236 | __in BOOL fVital, | ||
| 229 | __in_opt LPCWSTR wzPFXPassword | 237 | __in_opt LPCWSTR wzPFXPassword |
| 230 | ) | 238 | ) |
| 231 | { | 239 | { |
| @@ -273,8 +281,7 @@ static HRESULT InstallCertificatePackage( | |||
| 273 | pCertContext; | 281 | pCertContext; |
| 274 | pCertContext = ::CertEnumCertificatesInStore(hPfxCertStore, pCertContext)) | 282 | pCertContext = ::CertEnumCertificatesInStore(hPfxCertStore, pCertContext)) |
| 275 | { | 283 | { |
| 276 | WcaLog(LOGMSG_STANDARD, "Adding certificate: %ls", pwzUniqueName); | 284 | hr = AddCertificate(hStore, pCertContext, pwzUniqueName, fVital); |
| 277 | hr = CertInstallSingleCertificate(hStore, pCertContext, pwzUniqueName); | ||
| 278 | MessageExitOnFailure(hr, msierrCERTFailedAdd, "Failed to add certificate to the store."); | 285 | MessageExitOnFailure(hr, msierrCERTFailedAdd, "Failed to add certificate to the store."); |
| 279 | 286 | ||
| 280 | hr = StrAllocFormatted(&pwzUniqueName, L"%s_wixCert_%d", wzName, ++iUniqueId); | 287 | hr = StrAllocFormatted(&pwzUniqueName, L"%s_wixCert_%d", wzName, ++iUniqueId); |
| @@ -289,8 +296,7 @@ static HRESULT InstallCertificatePackage( | |||
| 289 | } | 296 | } |
| 290 | else | 297 | else |
| 291 | { | 298 | { |
| 292 | WcaLog(LOGMSG_STANDARD, "Adding certificate: %ls", pwzUniqueName); | 299 | hr = AddCertificate(hStore, pCertContext, pwzUniqueName, fVital); |
| 293 | hr = CertInstallSingleCertificate(hStore, pCertContext, pwzUniqueName); | ||
| 294 | MessageExitOnFailure(hr, msierrCERTFailedAdd, "Failed to add certificate to the store."); | 300 | MessageExitOnFailure(hr, msierrCERTFailedAdd, "Failed to add certificate to the store."); |
| 295 | } | 301 | } |
| 296 | 302 | ||
| @@ -402,3 +408,24 @@ LExit: | |||
| 402 | 408 | ||
| 403 | return hr; | 409 | return hr; |
| 404 | } | 410 | } |
| 411 | |||
| 412 | static HRESULT AddCertificate( | ||
| 413 | __in HCERTSTORE hStore, | ||
| 414 | __in PCCERT_CONTEXT pCertContext, | ||
| 415 | __in LPCWSTR wzCertificateUniqueName, | ||
| 416 | __in BOOL fVital | ||
| 417 | ) | ||
| 418 | { | ||
| 419 | HRESULT hr = S_OK; | ||
| 420 | |||
| 421 | WcaLog(LOGMSG_STANDARD, "Adding certificate: %ls", wzCertificateUniqueName); | ||
| 422 | |||
| 423 | hr = CertInstallSingleCertificate(hStore, pCertContext, wzCertificateUniqueName); | ||
| 424 | if (FAILED(hr) && !fVital) | ||
| 425 | { | ||
| 426 | WcaLog(LOGMSG_STANDARD, "Could not add non-vital certificate: %ls due to error: 0x%x, continuing...", wzCertificateUniqueName, hr); | ||
| 427 | hr = S_FALSE; | ||
| 428 | } | ||
| 429 | |||
| 430 | return hr; | ||
| 431 | } | ||