From fe7d1269eabfebafbc74af6c627367540e2ffc5d Mon Sep 17 00:00:00 2001 From: Hay1tsme Date: Wed, 14 Feb 2024 14:26:11 -0500 Subject: [PATCH] impl cert hook --- meson.build | 1 + platform/cert.c | 83 ++++++++++++++++---------------------------- platform/meson.build | 1 + 3 files changed, 32 insertions(+), 53 deletions(-) diff --git a/meson.build b/meson.build index efd9209..d1d341d 100644 --- a/meson.build +++ b/meson.build @@ -39,6 +39,7 @@ shlwapi_lib = cc.find_library('shlwapi') dinput8_lib = cc.find_library('dinput8') dxguid_lib = cc.find_library('dxguid') xinput_lib = cc.find_library('xinput') +crypt_lib = cc.find_library('crypt32') inc = include_directories('.') capnhook = subproject('capnhook') diff --git a/platform/cert.c b/platform/cert.c index b1dae2b..704ab8f 100644 --- a/platform/cert.c +++ b/platform/cert.c @@ -16,14 +16,6 @@ static CRITICAL_SECTION cert_lock; static wchar_t path[MAX_PATH]; -HCERTSTORE WINAPI hook_CertOpenStore( - LPCSTR lpszStoreProvider, - DWORD dwEncodingType, - HCRYPTPROV_LEGACY hCryptProv, - DWORD dwFlags, - const void *pvPara -); - PCCERT_CONTEXT WINAPI hook_CertFindCertificateInStore( HCERTSTORE hCertStore, DWORD dwCertEncodingType, @@ -33,19 +25,6 @@ PCCERT_CONTEXT WINAPI hook_CertFindCertificateInStore( PCCERT_CONTEXT pPrevCertContext ); -BOOL WINAPI hook_CertCloseStore( - HCERTSTORE hCertStore, - DWORD dwFlags -); - -HCERTSTORE (WINAPI *next_CertOpenStore)( - LPCSTR lpszStoreProvider, - DWORD dwEncodingType, - HCRYPTPROV_LEGACY hCryptProv, - DWORD dwFlags, - const void *pvPara -); - PCCERT_CONTEXT (WINAPI *next_CertFindCertificateInStore)( HCERTSTORE hCertStore, DWORD dwCertEncodingType, @@ -55,24 +34,11 @@ PCCERT_CONTEXT (WINAPI *next_CertFindCertificateInStore)( PCCERT_CONTEXT pPrevCertContext ); -BOOL (WINAPI *next_CertCloseStore)( - HCERTSTORE hCertStore, - DWORD dwFlags -); - static const struct hook_symbol cert_syms[] = { { - .name = "CertOpenStore", - .patch = hook_CertOpenStore, - .link = (void **) &next_CertOpenStore, - }, { .name = "CertFindCertificateInStore", .patch = hook_CertFindCertificateInStore, .link = (void **) &next_CertFindCertificateInStore, - }, { - .name = "CertCloseStore", - .patch = hook_CertCloseStore, - .link = (void **) &next_CertCloseStore, }, }; @@ -107,17 +73,6 @@ void cert_hook_insert_hooks(HMODULE target) _countof(cert_syms)); } -HCERTSTORE WINAPI hook_CertOpenStore( - LPCSTR lpszStoreProvider, - DWORD dwEncodingType, - HCRYPTPROV_LEGACY hCryptProv, - DWORD dwFlags, - const void *pvPara -) -{ - -} - PCCERT_CONTEXT WINAPI hook_CertFindCertificateInStore( HCERTSTORE hCertStore, DWORD dwCertEncodingType, @@ -127,13 +82,35 @@ PCCERT_CONTEXT WINAPI hook_CertFindCertificateInStore( PCCERT_CONTEXT pPrevCertContext ) { + uint8_t bfr[4096] = {0}; + wchar_t cert_path[MAX_PATH] = {0}; + DWORD num_read = 0; -} - -BOOL WINAPI hook_CertCloseStore( - HCERTSTORE hCertStore, - DWORD dwFlags -) -{ - + if (dwFindType == CERT_FIND_ISSUER_STR || dwFindType == CERT_FIND_SUBJECT_STR) { + wcscat_s(cert_path, _countof(cert_path), path); + wcscat_s(cert_path, _countof(cert_path), L"/"); + wcscat_s(cert_path, _countof(cert_path), (wchar_t *)pvFindPara); // use the search string as a name + + dprintf("Cert: Look for override cert at %S", cert_path); + + HANDLE f = CreateFileW((LPCWSTR)pvFindPara, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); + + if (f != INVALID_HANDLE_VALUE) { + ReadFile(f, bfr, sizeof(bfr), &num_read, NULL); + CloseHandle(f); + + if (bfr[0]) { + return CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, bfr, num_read); + } + } + } + + return next_CertFindCertificateInStore( + hCertStore, + dwCertEncodingType, + dwFindFlags, + dwFindType, + pvFindPara, + pPrevCertContext + ); } diff --git a/platform/meson.build b/platform/meson.build index 8a8dd3c..5e20148 100644 --- a/platform/meson.build +++ b/platform/meson.build @@ -6,6 +6,7 @@ platform_lib = static_library( dependencies : [ capnhook.get_variable('hook_dep'), shlwapi_lib, + crypt_lib ], sources : [ 'cert.c',