private static uint GetWinTrustData(string fileName, out NativeStructs.WINTRUST_DATA wtData)
{
uint num1 = 2147500037U;
IntPtr num2 = IntPtr.Zero;
IntPtr num3 = IntPtr.Zero;
Guid guid = new Guid("00AAC56B-CD44-11d0-8CC2-00C04FC295EE");
try
{
num2 = Marshal.AllocCoTaskMem(Marshal.SizeOf((object)guid));
Marshal.StructureToPtr((object)guid, num2, false);
//NativeStructs.WINTRUST_DATA wintrustData = fileContent != null ? WINTRUST.InitWintrustDataStructFromBlob(WINTRUST.InitWintrustBlobInfoStruct(fileName, fileContent)) : WINTRUST.InitWintrustDataStructFromFile(WINTRUST.InitWintrustFileInfoStruct(fileName));
NativeStructs.WINTRUST_DATA wintrustData = WINTRUST.InitWintrustDataStructFromFile(WINTRUST.InitWintrustFileInfoStruct(fileName));
num3 = Marshal.AllocCoTaskMem(Marshal.SizeOf((object)wintrustData));
Marshal.StructureToPtr((object)wintrustData, num3, false);
num1 = WINTRUST.WinVerifyTrust(new IntPtr(-1), num2, num3);
wtData = (NativeStructs.WINTRUST_DATA)Marshal.PtrToStructure(num3, typeof(NativeStructs.WINTRUST_DATA));
}
finally
{
Marshal.DestroyStructure(num2, typeof(Guid));
Marshal.FreeCoTaskMem(num2);
Marshal.DestroyStructure(num3, typeof(NativeStructs.WINTRUST_DATA));
Marshal.FreeCoTaskMem(num3);
}
return(num1);
}
public static NativeStructs.WINTRUST_DATA InitWintrustDataStructFromFile(NativeStructs.WINTRUST_FILE_INFO wfi)
{
NativeStructs.WINTRUST_DATA wintrustData = new NativeStructs.WINTRUST_DATA();
wintrustData.cbStruct = (uint)Marshal.SizeOf((object)wintrustData);
wintrustData.pPolicyCallbackData = IntPtr.Zero;
wintrustData.pSIPClientData = IntPtr.Zero;
wintrustData.dwUIChoice = 2U;
wintrustData.fdwRevocationChecks = 0U;
wintrustData.dwUnionChoice = 1U;
IntPtr ptr = Marshal.AllocCoTaskMem(Marshal.SizeOf((object)wfi));
Marshal.StructureToPtr((object)wfi, ptr, false);
wintrustData.Choice.pFile = ptr;
wintrustData.dwStateAction = 1U;
wintrustData.hWVTStateData = IntPtr.Zero;
wintrustData.pwszURLReference = (string)null;
wintrustData.dwProvFlags = 0U;
return(wintrustData);
}
public static uint DestroyWintrustDataStruct(NativeStructs.WINTRUST_DATA wtd)
{
uint num1 = 2147500037U;
IntPtr num2 = IntPtr.Zero;
IntPtr num3 = IntPtr.Zero;
Guid guid = new Guid("00AAC56B-CD44-11d0-8CC2-00C04FC295EE");
try
{
num2 = Marshal.AllocCoTaskMem(Marshal.SizeOf((object)guid));
Marshal.StructureToPtr((object)guid, num2, false);
wtd.dwStateAction = 2U;
num3 = Marshal.AllocCoTaskMem(Marshal.SizeOf((object)wtd));
Marshal.StructureToPtr((object)wtd, num3, false);
num1 = WINTRUST.WinVerifyTrust(IntPtr.Zero, num2, num3);
wtd = (NativeStructs.WINTRUST_DATA)Marshal.PtrToStructure(num3, typeof(NativeStructs.WINTRUST_DATA));
}
finally
{
Marshal.DestroyStructure(num3, typeof(NativeStructs.WINTRUST_DATA));
Marshal.FreeCoTaskMem(num3);
Marshal.DestroyStructure(num2, typeof(Guid));
Marshal.FreeCoTaskMem(num2);
}
if ((int)wtd.dwUnionChoice == 3)
{
Marshal.FreeCoTaskMem(((NativeStructs.WINTRUST_BLOB_INFO)Marshal.PtrToStructure(wtd.Choice.pBlob, typeof(NativeStructs.WINTRUST_BLOB_INFO))).pbMemObject);
Marshal.DestroyStructure(wtd.Choice.pBlob, typeof(NativeStructs.WINTRUST_BLOB_INFO));
Marshal.FreeCoTaskMem(wtd.Choice.pBlob);
}
else
{
Marshal.DestroyStructure(wtd.Choice.pFile, typeof(NativeStructs.WINTRUST_FILE_INFO));
Marshal.FreeCoTaskMem(wtd.Choice.pFile);
}
return(num1);
}
private static System.Management.Automation.Signature GetSignatureFromWintrustData(string filePath, uint error, NativeStructs.WINTRUST_DATA wtd)
{
System.Management.Automation.Signature signature = (System.Management.Automation.Signature)null;
X509Certificate2 timestamper = (X509Certificate2)null;
IntPtr pProvData = WINTRUST.WTHelperProvDataFromStateData(wtd.hWVTStateData);
if (pProvData != IntPtr.Zero)
{
IntPtr provSignerFromChain = WINTRUST.WTHelperGetProvSignerFromChain(pProvData, 0U, 0U, 0U);
if (provSignerFromChain != IntPtr.Zero)
{
X509Certificate2 certFromChain = SignatureHelper.GetCertFromChain(provSignerFromChain);
if (certFromChain != null)
{
NativeStructs.CRYPT_PROVIDER_SGNR cryptProviderSgnr = (NativeStructs.CRYPT_PROVIDER_SGNR)Marshal.PtrToStructure(provSignerFromChain, typeof(NativeStructs.CRYPT_PROVIDER_SGNR));
if ((int)cryptProviderSgnr.csCounterSigners == 1)
{
timestamper = SignatureHelper.GetCertFromChain(cryptProviderSgnr.pasCounterSigners);
}
signature = timestamper == null?SignatureProxy.GenerateSignature(filePath, error, certFromChain) : SignatureProxy.GenerateSignature(filePath, error, certFromChain, timestamper);
}
}
}
if (signature == null && (int)error != 0)
{
signature = SignatureProxy.GenerateSignature(filePath, error);
}
return(signature);
}