Example #1
0
        private static Signature GetSignatureFromWintrustData(
            string filePath,
            uint error,
            System.Management.Automation.Security.NativeMethods.WINTRUST_DATA wtd)
        {
            Signature        signature   = (Signature)null;
            X509Certificate2 timestamper = (X509Certificate2)null;

            SignatureHelper.tracer.WriteLine("GetSignatureFromWintrustData: error: {0}", (object)error);
            IntPtr pProvData = System.Management.Automation.Security.NativeMethods.WTHelperProvDataFromStateData(wtd.hWVTStateData);

            if (pProvData != IntPtr.Zero)
            {
                IntPtr provSignerFromChain = System.Management.Automation.Security.NativeMethods.WTHelperGetProvSignerFromChain(pProvData, 0U, 0U, 0U);
                if (provSignerFromChain != IntPtr.Zero)
                {
                    X509Certificate2 certFromChain = SignatureHelper.GetCertFromChain(provSignerFromChain);
                    if (certFromChain != null)
                    {
                        System.Management.Automation.Security.NativeMethods.CRYPT_PROVIDER_SGNR structure = (System.Management.Automation.Security.NativeMethods.CRYPT_PROVIDER_SGNR)Marshal.PtrToStructure(provSignerFromChain, typeof(System.Management.Automation.Security.NativeMethods.CRYPT_PROVIDER_SGNR));
                        if (structure.csCounterSigners == 1U)
                        {
                            timestamper = SignatureHelper.GetCertFromChain(structure.pasCounterSigners);
                        }
                        signature = timestamper == null ? new Signature(filePath, error, certFromChain) : new Signature(filePath, error, certFromChain, timestamper);
                    }
                }
            }
            if (signature == null && error != 0U)
            {
                signature = new Signature(filePath, error);
            }
            return(signature);
        }
Example #2
0
        private static uint GetWinTrustData(
            string fileName,
            string fileContent,
            out System.Management.Automation.Security.NativeMethods.WINTRUST_DATA wtData)
        {
            using (SignatureHelper.tracer.TraceMethod(fileName, new object[0]))
            {
                uint   num1 = 2147500037;
                IntPtr num2 = IntPtr.Zero;
                IntPtr num3 = IntPtr.Zero;
                Guid   guid = new Guid("00AAC56B-CD44-11d0-8CC2-00C04FC295EE");
                try
                {
                    num2 = Marshal.AllocCoTaskMem(Marshal.SizeOf((object)guid));
                    Marshal.StructureToPtr((object)guid, num2, false);
                    System.Management.Automation.Security.NativeMethods.WINTRUST_DATA wintrustData = fileContent != null?System.Management.Automation.Security.NativeMethods.InitWintrustDataStructFromBlob(System.Management.Automation.Security.NativeMethods.InitWintrustBlobInfoStruct(fileName, fileContent)) : System.Management.Automation.Security.NativeMethods.InitWintrustDataStructFromFile(System.Management.Automation.Security.NativeMethods.InitWintrustFileInfoStruct(fileName));

                    num3 = Marshal.AllocCoTaskMem(Marshal.SizeOf((object)wintrustData));
                    Marshal.StructureToPtr((object)wintrustData, num3, false);
                    num1   = System.Management.Automation.Security.NativeMethods.WinVerifyTrust(IntPtr.Zero, num2, num3);
                    wtData = (System.Management.Automation.Security.NativeMethods.WINTRUST_DATA)Marshal.PtrToStructure(num3, typeof(System.Management.Automation.Security.NativeMethods.WINTRUST_DATA));
                }
                finally
                {
                    Marshal.DestroyStructure(num2, typeof(Guid));
                    Marshal.FreeCoTaskMem(num2);
                    Marshal.DestroyStructure(num3, typeof(System.Management.Automation.Security.NativeMethods.WINTRUST_DATA));
                    Marshal.FreeCoTaskMem(num3);
                }
                return(num1);
            }
        }
Example #3
0
        private static uint GetWinTrustData(string fileName, string fileContent, out System.Management.Automation.Security.NativeMethods.WINTRUST_DATA wtData)
        {
            uint   num       = 0x80004005;
            IntPtr zero      = IntPtr.Zero;
            IntPtr ptr       = IntPtr.Zero;
            Guid   structure = new Guid("00AAC56B-CD44-11d0-8CC2-00C04FC295EE");

            try
            {
                System.Management.Automation.Security.NativeMethods.WINTRUST_DATA wintrust_data;
                zero = Marshal.AllocCoTaskMem(Marshal.SizeOf(structure));
                Marshal.StructureToPtr(structure, zero, false);
                if (fileContent == null)
                {
                    wintrust_data = System.Management.Automation.Security.NativeMethods.InitWintrustDataStructFromFile(System.Management.Automation.Security.NativeMethods.InitWintrustFileInfoStruct(fileName));
                }
                else
                {
                    wintrust_data = System.Management.Automation.Security.NativeMethods.InitWintrustDataStructFromBlob(System.Management.Automation.Security.NativeMethods.InitWintrustBlobInfoStruct(fileName, fileContent));
                }
                ptr = Marshal.AllocCoTaskMem(Marshal.SizeOf(wintrust_data));
                Marshal.StructureToPtr(wintrust_data, ptr, false);
                num    = System.Management.Automation.Security.NativeMethods.WinVerifyTrust(IntPtr.Zero, zero, ptr);
                wtData = (System.Management.Automation.Security.NativeMethods.WINTRUST_DATA)Marshal.PtrToStructure(ptr, typeof(System.Management.Automation.Security.NativeMethods.WINTRUST_DATA));
            }
            finally
            {
                Marshal.DestroyStructure(zero, typeof(Guid));
                Marshal.FreeCoTaskMem(zero);
                Marshal.DestroyStructure(ptr, typeof(System.Management.Automation.Security.NativeMethods.WINTRUST_DATA));
                Marshal.FreeCoTaskMem(ptr);
            }
            return(num);
        }
Example #4
0
        private static System.Management.Automation.Signature GetSignatureFromWintrustData(string filePath, uint error, System.Management.Automation.Security.NativeMethods.WINTRUST_DATA wtd)
        {
            System.Management.Automation.Signature signature = null;
            X509Certificate2 signer      = null;
            X509Certificate2 timestamper = null;

            tracer.WriteLine("GetSignatureFromWintrustData: error: {0}", new object[] { error });
            IntPtr pProvData = System.Management.Automation.Security.NativeMethods.WTHelperProvDataFromStateData(wtd.hWVTStateData);

            if (pProvData != IntPtr.Zero)
            {
                IntPtr pSigner = System.Management.Automation.Security.NativeMethods.WTHelperGetProvSignerFromChain(pProvData, 0, 0, 0);
                if (pSigner != IntPtr.Zero)
                {
                    signer = GetCertFromChain(pSigner);
                    if (signer != null)
                    {
                        System.Management.Automation.Security.NativeMethods.CRYPT_PROVIDER_SGNR crypt_provider_sgnr = (System.Management.Automation.Security.NativeMethods.CRYPT_PROVIDER_SGNR)Marshal.PtrToStructure(pSigner, typeof(System.Management.Automation.Security.NativeMethods.CRYPT_PROVIDER_SGNR));
                        if (crypt_provider_sgnr.csCounterSigners == 1)
                        {
                            timestamper = GetCertFromChain(crypt_provider_sgnr.pasCounterSigners);
                        }
                        if (timestamper != null)
                        {
                            signature = new System.Management.Automation.Signature(filePath, error, signer, timestamper);
                        }
                        else
                        {
                            signature = new System.Management.Automation.Signature(filePath, error, signer);
                        }
                    }
                }
            }
            if ((signature == null) && (error != 0))
            {
                signature = new System.Management.Automation.Signature(filePath, error);
            }
            return(signature);
        }