private static Signature GetSignatureFromWintrustData(
string filePath,
uint error,
System.Management.Automation.Security.NativeMethods.WINTRUST_DATA wtd)
{
Signature signature = (Signature)null;
X509Certificate2 timestamper = (X509Certificate2)null;
SignatureHelper.tracer.WriteLine("GetSignatureFromWintrustData: error: {0}", (object)error);
IntPtr pProvData = System.Management.Automation.Security.NativeMethods.WTHelperProvDataFromStateData(wtd.hWVTStateData);
if (pProvData != IntPtr.Zero)
{
IntPtr provSignerFromChain = System.Management.Automation.Security.NativeMethods.WTHelperGetProvSignerFromChain(pProvData, 0U, 0U, 0U);
if (provSignerFromChain != IntPtr.Zero)
{
X509Certificate2 certFromChain = SignatureHelper.GetCertFromChain(provSignerFromChain);
if (certFromChain != null)
{
System.Management.Automation.Security.NativeMethods.CRYPT_PROVIDER_SGNR structure = (System.Management.Automation.Security.NativeMethods.CRYPT_PROVIDER_SGNR)Marshal.PtrToStructure(provSignerFromChain, typeof(System.Management.Automation.Security.NativeMethods.CRYPT_PROVIDER_SGNR));
if (structure.csCounterSigners == 1U)
{
timestamper = SignatureHelper.GetCertFromChain(structure.pasCounterSigners);
}
signature = timestamper == null ? new Signature(filePath, error, certFromChain) : new Signature(filePath, error, certFromChain, timestamper);
}
}
}
if (signature == null && error != 0U)
{
signature = new Signature(filePath, error);
}
return(signature);
}
private static uint GetWinTrustData(
string fileName,
string fileContent,
out System.Management.Automation.Security.NativeMethods.WINTRUST_DATA wtData)
{
using (SignatureHelper.tracer.TraceMethod(fileName, new object[0]))
{
uint num1 = 2147500037;
IntPtr num2 = IntPtr.Zero;
IntPtr num3 = IntPtr.Zero;
Guid guid = new Guid("00AAC56B-CD44-11d0-8CC2-00C04FC295EE");
try
{
num2 = Marshal.AllocCoTaskMem(Marshal.SizeOf((object)guid));
Marshal.StructureToPtr((object)guid, num2, false);
System.Management.Automation.Security.NativeMethods.WINTRUST_DATA wintrustData = fileContent != null?System.Management.Automation.Security.NativeMethods.InitWintrustDataStructFromBlob(System.Management.Automation.Security.NativeMethods.InitWintrustBlobInfoStruct(fileName, fileContent)) : System.Management.Automation.Security.NativeMethods.InitWintrustDataStructFromFile(System.Management.Automation.Security.NativeMethods.InitWintrustFileInfoStruct(fileName));
num3 = Marshal.AllocCoTaskMem(Marshal.SizeOf((object)wintrustData));
Marshal.StructureToPtr((object)wintrustData, num3, false);
num1 = System.Management.Automation.Security.NativeMethods.WinVerifyTrust(IntPtr.Zero, num2, num3);
wtData = (System.Management.Automation.Security.NativeMethods.WINTRUST_DATA)Marshal.PtrToStructure(num3, typeof(System.Management.Automation.Security.NativeMethods.WINTRUST_DATA));
}
finally
{
Marshal.DestroyStructure(num2, typeof(Guid));
Marshal.FreeCoTaskMem(num2);
Marshal.DestroyStructure(num3, typeof(System.Management.Automation.Security.NativeMethods.WINTRUST_DATA));
Marshal.FreeCoTaskMem(num3);
}
return(num1);
}
}
private static uint GetWinTrustData(string fileName, string fileContent, out System.Management.Automation.Security.NativeMethods.WINTRUST_DATA wtData)
{
uint num = 0x80004005;
IntPtr zero = IntPtr.Zero;
IntPtr ptr = IntPtr.Zero;
Guid structure = new Guid("00AAC56B-CD44-11d0-8CC2-00C04FC295EE");
try
{
System.Management.Automation.Security.NativeMethods.WINTRUST_DATA wintrust_data;
zero = Marshal.AllocCoTaskMem(Marshal.SizeOf(structure));
Marshal.StructureToPtr(structure, zero, false);
if (fileContent == null)
{
wintrust_data = System.Management.Automation.Security.NativeMethods.InitWintrustDataStructFromFile(System.Management.Automation.Security.NativeMethods.InitWintrustFileInfoStruct(fileName));
}
else
{
wintrust_data = System.Management.Automation.Security.NativeMethods.InitWintrustDataStructFromBlob(System.Management.Automation.Security.NativeMethods.InitWintrustBlobInfoStruct(fileName, fileContent));
}
ptr = Marshal.AllocCoTaskMem(Marshal.SizeOf(wintrust_data));
Marshal.StructureToPtr(wintrust_data, ptr, false);
num = System.Management.Automation.Security.NativeMethods.WinVerifyTrust(IntPtr.Zero, zero, ptr);
wtData = (System.Management.Automation.Security.NativeMethods.WINTRUST_DATA)Marshal.PtrToStructure(ptr, typeof(System.Management.Automation.Security.NativeMethods.WINTRUST_DATA));
}
finally
{
Marshal.DestroyStructure(zero, typeof(Guid));
Marshal.FreeCoTaskMem(zero);
Marshal.DestroyStructure(ptr, typeof(System.Management.Automation.Security.NativeMethods.WINTRUST_DATA));
Marshal.FreeCoTaskMem(ptr);
}
return(num);
}
private static System.Management.Automation.Signature GetSignatureFromWintrustData(string filePath, uint error, System.Management.Automation.Security.NativeMethods.WINTRUST_DATA wtd)
{
System.Management.Automation.Signature signature = null;
X509Certificate2 signer = null;
X509Certificate2 timestamper = null;
tracer.WriteLine("GetSignatureFromWintrustData: error: {0}", new object[] { error });
IntPtr pProvData = System.Management.Automation.Security.NativeMethods.WTHelperProvDataFromStateData(wtd.hWVTStateData);
if (pProvData != IntPtr.Zero)
{
IntPtr pSigner = System.Management.Automation.Security.NativeMethods.WTHelperGetProvSignerFromChain(pProvData, 0, 0, 0);
if (pSigner != IntPtr.Zero)
{
signer = GetCertFromChain(pSigner);
if (signer != null)
{
System.Management.Automation.Security.NativeMethods.CRYPT_PROVIDER_SGNR crypt_provider_sgnr = (System.Management.Automation.Security.NativeMethods.CRYPT_PROVIDER_SGNR)Marshal.PtrToStructure(pSigner, typeof(System.Management.Automation.Security.NativeMethods.CRYPT_PROVIDER_SGNR));
if (crypt_provider_sgnr.csCounterSigners == 1)
{
timestamper = GetCertFromChain(crypt_provider_sgnr.pasCounterSigners);
}
if (timestamper != null)
{
signature = new System.Management.Automation.Signature(filePath, error, signer, timestamper);
}
else
{
signature = new System.Management.Automation.Signature(filePath, error, signer);
}
}
}
}
if ((signature == null) && (error != 0))
{
signature = new System.Management.Automation.Signature(filePath, error);
}
return(signature);
}
