Example #1
0
        // constructor for silent WinTrustDataChoice.File check
        public WinTrustData(String _fileName)
        {
            // On Win7SP1+, don't allow MD2 or MD4 signatures
            if ((Environment.OSVersion.Version.Major > 6) ||
                ((Environment.OSVersion.Version.Major == 6) && (Environment.OSVersion.Version.Minor > 1)) ||
                ((Environment.OSVersion.Version.Major == 6) && (Environment.OSVersion.Version.Minor == 1) && !String.IsNullOrEmpty(Environment.OSVersion.ServicePack)))
            {
                ProvFlags |= WinTrustDataProvFlags.DisableMD2andMD4;
            }

            WinTrustFileInfo wtfiData = new WinTrustFileInfo(_fileName);

            FileInfoPtr = Marshal.AllocCoTaskMem(Marshal.SizeOf(typeof(WinTrustFileInfo)));
            Marshal.StructureToPtr(wtfiData, FileInfoPtr, false);
        }
Example #2
0
        // call WinTrust.WinVerifyTrust() to check embedded file signature
        public static string VerifyEmbeddedSignature(string filename)
        {
            WinTrustFileInfo winTrustFileInfo = null;
            WinTrustData     winTrustData     = null;

            try
            {
                // specify the WinVerifyTrust function/action that we want
                Guid action = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2);

                // instantiate our WinTrustFileInfo and WinTrustData data structures
                winTrustFileInfo = new WinTrustFileInfo(filename);
                winTrustData     = new WinTrustData(filename);

                // call into WinVerifyTrust
                WinVerifyTrustResult result = WinVerifyTrust(INVALID_HANDLE_VALUE, action, winTrustData);
                switch (result)
                {
                case WinVerifyTrustResult.Success:
                    return("Valid");

                case WinVerifyTrustResult.ProviderUnknown:
                    return("ProviderUnknown");

                case WinVerifyTrustResult.ActionUnknown:
                    return("ActionUnknown");

                case WinVerifyTrustResult.SubjectFormUnknown:
                    return("SubjectFormUnknown");

                case WinVerifyTrustResult.SubjectNotTrusted:
                    return("SubjectNotTrusted");

                case WinVerifyTrustResult.FileNotSigned:
                    return("FileNotSigned");

                case WinVerifyTrustResult.SubjectExplicitlyDistrusted:
                    return("SubjectExplicitlyDistrusted");

                case WinVerifyTrustResult.SignatureOrFileCorrupt:
                    return("SignatureOrFileCorrupt");

                case WinVerifyTrustResult.SubjectCertExpired:
                    return("SubjectCertExpired");

                case WinVerifyTrustResult.SubjectCertificateRevoked:
                    return("SubjectCertificateRevoked");

                case WinVerifyTrustResult.UntrustedRoot:
                    return("UntrustedRoot");

                default:
                    // The UI was disabled in dwUIChoice or the admin policy
                    // has disabled user trust. lStatus contains the
                    // publisher or time stamp chain error.
                    return(result.ToString());
                }
            }
            catch (Exception e)
            {
                Log.Debug("{0} error decoding signature on {1}", e.GetType().ToString(), filename);
            }
            return("Unknown");
        }