Disable the certification chain verification

WinTrust library checks chain of trust on line which makes Notepad++ hanging due to the Firewall's restriction.
2017-05-16 19:50:22 +02:00 · 2017-05-16 19:50:22 +02:00 · 8dbd956344
commit 8dbd956344
parent caee890960
3 changed files with 24 additions and 19 deletions
--- a/PowerEditor/src/MISC/Common/verifySignedfile.cpp
+++ b/PowerEditor/src/MISC/Common/verifySignedfile.cpp
@ -45,7 +45,8 @@ bool VerifySignedLibrary(const wstring& filepath,
                         const wstring& cert_key_id_hex,
                         const wstring& cert_subject,
                         const wstring& cert_display_name,
-                         bool doCheckRevocation)
+                         bool doCheckRevocation,
+                         bool doCheckChainOfTrust)
 {
 	wstring display_name;
 	wstring key_id_hex;
@ -100,24 +101,27 @@ bool VerifySignedLibrary(const wstring& filepath,
 		}
 	}

-	// Verify signature and cert-chain validity
-	GUID policy = WINTRUST_ACTION_GENERIC_VERIFY_V2;
-	LONG vtrust = ::WinVerifyTrust(NULL, &policy, &winTEXTrust_data );
-	
-	// Post check cleanup
-	winTEXTrust_data.dwStateAction = WTD_STATEACTION_CLOSE;
-	LONG t2 = ::WinVerifyTrust(NULL, &policy, &winTEXTrust_data);	
-    
-	if (vtrust)
+	if (doCheckChainOfTrust)
 	{
-		OutputDebugString(TEXT("VerifyLibrary: trust verification failed\n"));
-		return false;
-	}
+		// Verify signature and cert-chain validity
+		GUID policy = WINTRUST_ACTION_GENERIC_VERIFY_V2;
+		LONG vtrust = ::WinVerifyTrust(NULL, &policy, &winTEXTrust_data);

-	if (t2)
-	{
-		OutputDebugString(TEXT("VerifyLibrary: error encountered while cleaning up after WinVerifyTrust\n"));
-		return false;
+		// Post check cleanup
+		winTEXTrust_data.dwStateAction = WTD_STATEACTION_CLOSE;
+		LONG t2 = ::WinVerifyTrust(NULL, &policy, &winTEXTrust_data);
+
+		if (vtrust)
+		{
+			OutputDebugString(TEXT("VerifyLibrary: trust verification failed\n"));
+			return false;
+		}
+
+		if (t2)
+		{
+			OutputDebugString(TEXT("VerifyLibrary: error encountered while cleaning up after WinVerifyTrust\n"));
+			return false;
+		}
 	}

 	//
--- a/PowerEditor/src/MISC/Common/verifySignedfile.h
+++ b/PowerEditor/src/MISC/Common/verifySignedfile.h
@ -64,4 +64,5 @@ bool VerifySignedLibrary(const std::wstring& filepath,
                         const std::wstring& key_id_hex,
                         const std::wstring& cert_subject,
                         const std::wstring& display_name,
-                         bool doCheckRevocation);
+                         bool doCheckRevocation,
+                         bool doCheckChainOfTrust);
--- a/PowerEditor/src/ScitillaComponent/ScintillaEditView.cpp
+++ b/PowerEditor/src/ScitillaComponent/ScintillaEditView.cpp
@ -185,7 +185,7 @@ HMODULE loadSciLexerDll()
 {
 	generic_string sciLexerPath = getSciLexerFullPathName(moduleFileName, 1024);

-	bool isOK = VerifySignedLibrary(sciLexerPath, scintilla_signer_key_id, scintilla_signer_subject, scintilla_signer_display_name, false);
+	bool isOK = VerifySignedLibrary(sciLexerPath, scintilla_signer_key_id, scintilla_signer_subject, scintilla_signer_display_name, false, false);

 	if (!isOK)
 	{