summaryrefslogtreecommitdiffstats
path: root/other-licenses/nsis/Contrib/CertCheck
diff options
context:
space:
mode:
Diffstat (limited to 'other-licenses/nsis/Contrib/CertCheck')
-rw-r--r--other-licenses/nsis/Contrib/CertCheck/CertCheck.cpp385
-rw-r--r--other-licenses/nsis/Contrib/CertCheck/CertCheck.dsp159
-rw-r--r--other-licenses/nsis/Contrib/CertCheck/CertCheck.dsw29
3 files changed, 573 insertions, 0 deletions
diff --git a/other-licenses/nsis/Contrib/CertCheck/CertCheck.cpp b/other-licenses/nsis/Contrib/CertCheck/CertCheck.cpp
new file mode 100644
index 000000000..172ca22f6
--- /dev/null
+++ b/other-licenses/nsis/Contrib/CertCheck/CertCheck.cpp
@@ -0,0 +1,385 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <windows.h>
+#include <softpub.h>
+#include <wintrust.h>
+
+#pragma comment(lib, "wintrust.lib")
+#pragma comment(lib, "crypt32.lib")
+
+#ifdef UNICODE
+
+#ifndef _T
+#define __T(x) L ## x
+#define _T(x) __T(x)
+#define _TEXT(x) __T(x)
+#endif
+
+#else
+
+#ifndef _T
+#define _T(x) x
+#define _TEXT(x) x
+#endif
+
+#endif // UNICODE
+
+static const int ENCODING = X509_ASN_ENCODING | PKCS_7_ASN_ENCODING;
+
+typedef struct _stack_t {
+ struct _stack_t *next;
+ TCHAR text[MAX_PATH];
+} stack_t;
+
+int popstring(stack_t **stacktop, LPTSTR str, int len);
+void pushstring(stack_t **stacktop, LPCTSTR str, int len);
+
+struct CertificateCheckInfo
+{
+ LPCWSTR name;
+ LPCWSTR issuer;
+};
+
+/**
+ * Checks to see if a file stored at filePath matches the specified info. This
+ * only supports the name and issuer attributes currently.
+ *
+ * @param certContext The certificate context of the file
+ * @param infoToMatch The acceptable information to match
+ * @return FALSE if the info does not match or if any error occurs in the check
+ */
+BOOL
+DoCertificateAttributesMatch(PCCERT_CONTEXT certContext,
+ CertificateCheckInfo &infoToMatch)
+{
+ DWORD dwData;
+ LPTSTR szName = NULL;
+
+ // Pass in NULL to get the needed size of the issuer buffer.
+ dwData = CertGetNameString(certContext,
+ CERT_NAME_SIMPLE_DISPLAY_TYPE,
+ CERT_NAME_ISSUER_FLAG, NULL,
+ NULL, 0);
+
+ if (!dwData) {
+ return FALSE;
+ }
+
+ // Allocate memory for Issuer name buffer.
+ szName = (LPTSTR)LocalAlloc(LPTR, dwData * sizeof(WCHAR));
+ if (!szName) {
+ return FALSE;
+ }
+
+ // Get Issuer name.
+ if (!CertGetNameString(certContext, CERT_NAME_SIMPLE_DISPLAY_TYPE,
+ CERT_NAME_ISSUER_FLAG, NULL, szName, dwData)) {
+ LocalFree(szName);
+ return FALSE;
+ }
+
+ // If the issuer does not match, return a failure.
+ if (!infoToMatch.issuer ||
+ wcscmp(szName, infoToMatch.issuer)) {
+ LocalFree(szName);
+ return FALSE;
+ }
+
+ LocalFree(szName);
+ szName = NULL;
+
+ // Pass in NULL to get the needed size of the name buffer.
+ dwData = CertGetNameString(certContext, CERT_NAME_SIMPLE_DISPLAY_TYPE,
+ 0, NULL, NULL, 0);
+ if (!dwData) {
+ return FALSE;
+ }
+
+ // Allocate memory for the name buffer.
+ szName = (LPTSTR)LocalAlloc(LPTR, dwData * sizeof(WCHAR));
+ if (!szName) {
+ return FALSE;
+ }
+
+ // Obtain the name.
+ if (!(CertGetNameString(certContext, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0,
+ NULL, szName, dwData))) {
+ LocalFree(szName);
+ return FALSE;
+ }
+
+ // If the issuer does not match, return a failure.
+ if (!infoToMatch.name ||
+ wcscmp(szName, infoToMatch.name)) {
+ LocalFree(szName);
+ return FALSE;
+ }
+
+ // We have a match!
+ LocalFree(szName);
+
+ // If there were any errors we would have aborted by now.
+ return TRUE;
+}
+
+/**
+ * Checks to see if a file stored at filePath matches the specified info. This
+ * only supports the name and issuer attributes currently.
+ *
+ * @param filePath The PE file path to check
+ * @param infoToMatch The acceptable information to match
+ * @return ERROR_SUCCESS if successful, ERROR_NOT_FOUND if the info
+ * does not match, or the last error otherwise.
+ */
+DWORD
+CheckCertificateForPEFile(LPCWSTR filePath,
+ CertificateCheckInfo &infoToMatch)
+{
+ HCERTSTORE certStore = NULL;
+ HCRYPTMSG cryptMsg = NULL;
+ PCCERT_CONTEXT certContext = NULL;
+ PCMSG_SIGNER_INFO signerInfo = NULL;
+ DWORD lastError = ERROR_SUCCESS;
+
+ // Get the HCERTSTORE and HCRYPTMSG from the signed file.
+ DWORD encoding, contentType, formatType;
+ BOOL result = CryptQueryObject(CERT_QUERY_OBJECT_FILE,
+ filePath,
+ CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED,
+ CERT_QUERY_CONTENT_FLAG_ALL,
+ 0, &encoding, &contentType,
+ &formatType, &certStore, &cryptMsg, NULL);
+ if (!result) {
+ lastError = GetLastError();
+ goto cleanup;
+ }
+
+ // Pass in NULL to get the needed signer information size.
+ DWORD signerInfoSize;
+ result = CryptMsgGetParam(cryptMsg, CMSG_SIGNER_INFO_PARAM, 0,
+ NULL, &signerInfoSize);
+ if (!result) {
+ lastError = GetLastError();
+ goto cleanup;
+ }
+
+ // Allocate the needed size for the signer information.
+ signerInfo = (PCMSG_SIGNER_INFO)LocalAlloc(LPTR, signerInfoSize);
+ if (!signerInfo) {
+ lastError = GetLastError();
+ goto cleanup;
+ }
+
+ // Get the signer information (PCMSG_SIGNER_INFO).
+ // In particular we want the issuer and serial number.
+ result = CryptMsgGetParam(cryptMsg, CMSG_SIGNER_INFO_PARAM, 0,
+ (PVOID)signerInfo, &signerInfoSize);
+ if (!result) {
+ lastError = GetLastError();
+ goto cleanup;
+ }
+
+ // Search for the signer certificate in the certificate store.
+ CERT_INFO certInfo;
+ certInfo.Issuer = signerInfo->Issuer;
+ certInfo.SerialNumber = signerInfo->SerialNumber;
+ certContext = CertFindCertificateInStore(certStore, ENCODING, 0,
+ CERT_FIND_SUBJECT_CERT,
+ (PVOID)&certInfo, NULL);
+ if (!certContext) {
+ lastError = GetLastError();
+ goto cleanup;
+ }
+
+ if (!DoCertificateAttributesMatch(certContext, infoToMatch)) {
+ lastError = ERROR_NOT_FOUND;
+ goto cleanup;
+ }
+
+cleanup:
+ if (signerInfo) {
+ LocalFree(signerInfo);
+ }
+ if (certContext) {
+ CertFreeCertificateContext(certContext);
+ }
+ if (certStore) {
+ CertCloseStore(certStore, 0);
+ }
+ if (cryptMsg) {
+ CryptMsgClose(cryptMsg);
+ }
+ return lastError;
+}
+
+/**
+ * Compares the certificate name and issuer values for a signed file's with the
+ * values provided.
+ *
+ * @param stacktop A pointer to the top of the stack. The stack should contain
+ * from the top the file's path, the expected value for the
+ * certificate's name attribute, and the expected value for
+ * the certificate's issuer attribute.
+ * @param variables A pointer to the NSIS variables
+ * @return 1 if the certificate name and issuer attributes matched the expected
+ * values, 0 if they don't match the expected values.
+ */
+extern "C" void __declspec(dllexport)
+VerifyCertNameIssuer(HWND hwndParent, int string_size,
+ TCHAR *variables, stack_t **stacktop, void *extra)
+{
+ TCHAR tmp1[MAX_PATH + 1] = { _T('\0') };
+ TCHAR tmp2[MAX_PATH + 1] = { _T('\0') };
+ TCHAR tmp3[MAX_PATH + 1] = { _T('\0') };
+ WCHAR filePath[MAX_PATH + 1] = { L'\0' };
+ WCHAR certName[MAX_PATH + 1] = { L'\0' };
+ WCHAR certIssuer[MAX_PATH + 1] = { L'\0' };
+
+ popstring(stacktop, tmp1, MAX_PATH);
+ popstring(stacktop, tmp2, MAX_PATH);
+ popstring(stacktop, tmp3, MAX_PATH);
+
+#if !defined(UNICODE)
+ MultiByteToWideChar(CP_ACP, 0, tmp1, -1, filePath, MAX_PATH);
+ MultiByteToWideChar(CP_ACP, 0, tmp2, -1, certName, MAX_PATH);
+ MultiByteToWideChar(CP_ACP, 0, tmp3, -1, certIssuer, MAX_PATH);
+#else
+ wcsncpy(filePath, tmp1, MAX_PATH);
+ wcsncpy(certName, tmp2, MAX_PATH);
+ wcsncpy(certIssuer, tmp3, MAX_PATH);
+#endif
+
+ CertificateCheckInfo allowedCertificate = {
+ certName,
+ certIssuer,
+ };
+
+ LONG retCode = CheckCertificateForPEFile(filePath, allowedCertificate);
+ if (retCode == ERROR_SUCCESS) {
+ pushstring(stacktop, TEXT("1"), 2);
+ } else {
+ pushstring(stacktop, TEXT("0"), 2);
+ }
+}
+
+/**
+ * Verifies the trust of a signed file's certificate.
+ *
+ * @param filePath The file path to check.
+ * @return ERROR_SUCCESS if successful, or the last error code otherwise.
+ */
+DWORD
+VerifyCertificateTrustForFile(LPCWSTR filePath)
+{
+ // Setup the file to check.
+ WINTRUST_FILE_INFO fileToCheck;
+ ZeroMemory(&fileToCheck, sizeof(fileToCheck));
+ fileToCheck.cbStruct = sizeof(WINTRUST_FILE_INFO);
+ fileToCheck.pcwszFilePath = filePath;
+
+ // Setup what to check, we want to check it is signed and trusted.
+ WINTRUST_DATA trustData;
+ ZeroMemory(&trustData, sizeof(trustData));
+ trustData.cbStruct = sizeof(trustData);
+ trustData.pPolicyCallbackData = NULL;
+ trustData.pSIPClientData = NULL;
+ trustData.dwUIChoice = WTD_UI_NONE;
+ trustData.fdwRevocationChecks = WTD_REVOKE_NONE;
+ trustData.dwUnionChoice = WTD_CHOICE_FILE;
+ trustData.dwStateAction = 0;
+ trustData.hWVTStateData = NULL;
+ trustData.pwszURLReference = NULL;
+ // no UI
+ trustData.dwUIContext = 0;
+ trustData.pFile = &fileToCheck;
+
+ GUID policyGUID = WINTRUST_ACTION_GENERIC_VERIFY_V2;
+ // Check if the file is signed by something that is trusted.
+ LONG ret = WinVerifyTrust(NULL, &policyGUID, &trustData);
+ return ret;
+}
+
+/**
+ * Verifies the trust of a signed file's certificate.
+ *
+ * @param stacktop A pointer to the top of the stack. This should be the file
+ * path for the file that will have its trust verified.
+ * @param variables A pointer to the NSIS variables
+ * @return 1 if the file's trust was verified successfully, 0 if it was not
+ */
+extern "C" void __declspec(dllexport)
+VerifyCertTrust(HWND hwndParent, int string_size,
+ TCHAR *variables, stack_t **stacktop, void *extra)
+{
+ TCHAR tmp[MAX_PATH + 1] = { _T('\0') };
+ WCHAR filePath[MAX_PATH + 1] = { L'\0' };
+
+ popstring(stacktop, tmp, MAX_PATH);
+
+#if !defined(UNICODE)
+ MultiByteToWideChar(CP_ACP, 0, tmp, -1, filePath, MAX_PATH);
+#else
+ wcsncpy(filePath, tmp, MAX_PATH);
+#endif
+
+ LONG retCode = VerifyCertificateTrustForFile(filePath);
+ if (retCode == ERROR_SUCCESS) {
+ pushstring(stacktop, TEXT("1"), 2);
+ } else {
+ pushstring(stacktop, TEXT("0"), 2);
+ }
+}
+
+BOOL WINAPI
+DllMain(HANDLE hInst, ULONG ul_reason_for_call, LPVOID lpReserved)
+{
+ return TRUE;
+}
+
+/**
+ * Removes an element from the top of the NSIS stack
+ *
+ * @param stacktop A pointer to the top of the stack
+ * @param str The string to pop to
+ * @param len The max length
+ * @return 0 on success
+*/
+int popstring(stack_t **stacktop, TCHAR *str, int len)
+{
+ // Removes the element from the top of the stack and puts it in the buffer
+ stack_t *th;
+ if (!stacktop || !*stacktop) {
+ return 1;
+ }
+
+ th = (*stacktop);
+ lstrcpyn(str,th->text, len);
+ *stacktop = th->next;
+ GlobalFree((HGLOBAL)th);
+ return 0;
+}
+
+/**
+ * Adds an element to the top of the NSIS stack
+ *
+ * @param stacktop A pointer to the top of the stack
+ * @param str The string to push on the stack
+ * @param len The length of the string to push on the stack
+ * @return 0 on success
+*/
+void pushstring(stack_t **stacktop, const TCHAR *str, int len)
+{
+ stack_t *th;
+ if (!stacktop) {
+ return;
+ }
+
+ th = (stack_t*)GlobalAlloc(GPTR, sizeof(stack_t) + len);
+ lstrcpyn(th->text, str, len);
+ th->next = *stacktop;
+ *stacktop = th;
+}
diff --git a/other-licenses/nsis/Contrib/CertCheck/CertCheck.dsp b/other-licenses/nsis/Contrib/CertCheck/CertCheck.dsp
new file mode 100644
index 000000000..b0c062516
--- /dev/null
+++ b/other-licenses/nsis/Contrib/CertCheck/CertCheck.dsp
@@ -0,0 +1,159 @@
+# Microsoft Developer Studio Project File - Name="CertCheck" - Package Owner=<4>
+# Microsoft Developer Studio Generated Build File, Format Version 6.00
+# ** DO NOT EDIT **
+
+# TARGTYPE "Win32 (x86) Dynamic-Link Library" 0x0102
+
+CFG=CertCheck - Win32 Debug Unicode
+!MESSAGE This is not a valid makefile. To build this project using NMAKE,
+!MESSAGE use the Export Makefile command and run
+!MESSAGE
+!MESSAGE NMAKE /f "CertCheck.mak".
+!MESSAGE
+!MESSAGE You can specify a configuration when running NMAKE
+!MESSAGE by defining the macro CFG on the command line. For example:
+!MESSAGE
+!MESSAGE NMAKE /f "CertCheck.mak" CFG="CertCheck - Win32 Debug Unicode"
+!MESSAGE
+!MESSAGE Possible choices for configuration are:
+!MESSAGE
+!MESSAGE "CertCheck - Win32 Release" (based on "Win32 (x86) Dynamic-Link Library")
+!MESSAGE "CertCheck - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library")
+!MESSAGE "CertCheck - Win32 Release Unicode" (based on "Win32 (x86) Dynamic-Link Library")
+!MESSAGE "CertCheck - Win32 Debug Unicode" (based on "Win32 (x86) Dynamic-Link Library")
+!MESSAGE
+
+# Begin Project
+# PROP AllowPerConfigDependencies 0
+# PROP Scc_ProjName ""
+# PROP Scc_LocalPath ""
+CPP=cl.exe
+MTL=midl.exe
+RSC=rc.exe
+
+!IF "$(CFG)" == "CertCheck - Win32 Release"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 0
+# PROP BASE Output_Dir "Release"
+# PROP BASE Intermediate_Dir "Release"
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 0
+# PROP Output_Dir "Release"
+# PROP Intermediate_Dir "Release"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /MT /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "CertCheck_EXPORTS" /YX /FD /c
+# ADD CPP /nologo /MT /W3 /GX /O1 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "CertCheck_EXPORTS" /YX /FD /c
+# ADD BASE MTL /nologo /D "NDEBUG" /mktyplib203 /win32
+# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32
+# ADD BASE RSC /l 0x409 /d "NDEBUG"
+# ADD RSC /l 0x409 /d "NDEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /dll /machine:I386
+# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comctl32.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /entry:"DllMain" /dll /machine:I386 /nodefaultlib /out:"../../Plugins/CertCheck.dll" /opt:nowin98
+# SUBTRACT LINK32 /pdb:none
+
+!ELSEIF "$(CFG)" == "CertCheck - Win32 Debug"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 1
+# PROP BASE Output_Dir "Debug"
+# PROP BASE Intermediate_Dir "Debug"
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 1
+# PROP Output_Dir "Debug"
+# PROP Intermediate_Dir "Debug"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /MTd /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "CertCheck_EXPORTS" /YX /FD /GZ /c
+# ADD CPP /nologo /MTd /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "CertCheck_EXPORTS" /YX /FD /GZ /c
+# ADD BASE MTL /nologo /D "_DEBUG" /mktyplib203 /win32
+# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /win32
+# ADD BASE RSC /l 0x409 /d "_DEBUG"
+# ADD RSC /l 0x409 /d "_DEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /dll /debug /machine:I386 /pdbtype:sept
+# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /dll /debug /machine:I386 /pdbtype:sept
+
+!ELSEIF "$(CFG)" == "CertCheck - Win32 Release Unicode"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 0
+# PROP BASE Output_Dir "CertCheck___Win32_Release_Unicode"
+# PROP BASE Intermediate_Dir "CertCheck___Win32_Release_Unicode"
+# PROP BASE Ignore_Export_Lib 0
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 0
+# PROP Output_Dir "Release_Unicode"
+# PROP Intermediate_Dir "Release_Unicode"
+# PROP Ignore_Export_Lib 1
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /MT /W3 /GX /O1 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "CertCheck_EXPORTS" /YX /FD /c
+# ADD CPP /nologo /MT /W3 /GX /O1 /D "UNICODE" /D "_UNICODE" /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "CertCheck_EXPORTS" /YX /FD /c
+# ADD BASE MTL /nologo /D "NDEBUG" /mktyplib203 /win32
+# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32
+# ADD BASE RSC /l 0x409 /d "NDEBUG"
+# ADD RSC /l 0x409 /d "NDEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comctl32.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /entry:"DllMain" /dll /machine:I386 /nodefaultlib /out:"../../Plugins/CertCheck.dll" /opt:nowin98
+# SUBTRACT BASE LINK32 /pdb:none
+# ADD LINK32 wininet.lib kernel32.lib user32.lib gdi32.lib winspool.lib comctl32.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /entry:"DllMain" /dll /machine:I386 /out:"./Unicode/CertCheck.dll" /opt:nowin98
+# SUBTRACT LINK32 /pdb:none /nodefaultlib
+
+!ELSEIF "$(CFG)" == "CertCheck - Win32 Debug Unicode"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 1
+# PROP BASE Output_Dir "CertCheck___Win32_Debug_Unicode"
+# PROP BASE Intermediate_Dir "CertCheck___Win32_Debug_Unicode"
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 1
+# PROP Output_Dir "Debug_Unicode"
+# PROP Intermediate_Dir "Debug_Unicode"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /MTd /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "CertCheck_EXPORTS" /YX /FD /GZ /c
+# ADD CPP /nologo /MTd /W3 /Gm /GX /ZI /Od /D "UNICODE" /D "_UNICODE" /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "CertCheck_EXPORTS" /YX /FD /GZ /c
+# ADD BASE MTL /nologo /D "_DEBUG" /mktyplib203 /win32
+# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /win32
+# ADD BASE RSC /l 0x409 /d "_DEBUG"
+# ADD RSC /l 0x409 /d "_DEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /dll /debug /machine:I386 /pdbtype:sept
+# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /dll /debug /machine:I386 /pdbtype:sept
+
+!ENDIF
+
+# Begin Target
+
+# Name "CertCheck - Win32 Release"
+# Name "CertCheck - Win32 Debug"
+# Name "CertCheck - Win32 Release Unicode"
+# Name "CertCheck - Win32 Debug Unicode"
+# Begin Group "Source Files"
+
+# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
+# Begin Source File
+
+SOURCE=.\CertCheck.cpp
+# End Source File
+# End Group
+# End Target
+# End Project
diff --git a/other-licenses/nsis/Contrib/CertCheck/CertCheck.dsw b/other-licenses/nsis/Contrib/CertCheck/CertCheck.dsw
new file mode 100644
index 000000000..afcc20172
--- /dev/null
+++ b/other-licenses/nsis/Contrib/CertCheck/CertCheck.dsw
@@ -0,0 +1,29 @@
+Microsoft Developer Studio Workspace File, Format Version 6.00
+# WARNING: DO NOT EDIT OR DELETE THIS WORKSPACE FILE!
+
+###############################################################################
+
+Project: "CertCheck"=.\CertCheck.dsp - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+}}}
+
+###############################################################################
+
+Global:
+
+Package=<5>
+{{{
+}}}
+
+Package=<3>
+{{{
+}}}
+
+###############################################################################
+