// Create and sign the Inf file and the catalog file for SeLow public static void SignSeLowInfFiles(string cpu) { int build, version; string name; DateTime date; ReadBuildInfoFromTextFile(out build, out version, out name, out date); string hamcore = Path.Combine(Paths.BinDirName, "hamcore"); string sys_src = Path.Combine(hamcore, "SeLow_" + cpu + ".sys"); string inf_src = Path.Combine(hamcore, "SeLow_" + cpu + ".inf"); Con.WriteLine("Generating INF Files for SeLow..."); string dst_dir = Path.Combine(hamcore, @"inf\selow_" + cpu); if (ExeSignChecker.CheckFileDigitalSignature(sys_src) == false || ExeSignChecker.IsKernelModeSignedFile(sys_src) == false) { throw new ApplicationException(sys_src + " is not signed."); } generateINFFilesForPlatform(inf_src, sys_src, null, dst_dir, version, build, date, true); Con.WriteLine("Generating INF Files for SeLow Ok."); }
// Sign for all binary files (parallel mode) public static void SignAllBinaryFiles() { string[] files = Directory.GetFiles(Paths.BinDirName, "*", SearchOption.AllDirectories); List <string> filename_list = new List <string>(); foreach (string file in files) { if (IsFileSignable(file)) { bool isDriver = file.EndsWith(".sys", StringComparison.InvariantCultureIgnoreCase); // Check whether this file is signed bool isSigned = ExeSignChecker.CheckFileDigitalSignature(file); if (isSigned && isDriver) { isSigned = ExeSignChecker.IsKernelModeSignedFile(file); } Con.WriteLine("The file '{0}': {1}.", file, isSigned ? "Already signed" : "Not yet signed"); if (isSigned == false) { filename_list.Add(file); } } } Con.WriteLine("Start ProcessWorkQueue for Signing...\n"); ThreadObj.ProcessWorkQueue(sign_thread, 40, filename_list.ToArray()); Con.WriteLine("ProcessWorkQueue for Signing completed.\n"); }
// Sign for all binary files (series mode) public static void SignAllBinaryFilesSerial() { string[] files = Directory.GetFiles(Paths.BinDirName, "*", SearchOption.AllDirectories); foreach (string file in files) { if (IsFileSignable(file)) { bool isDriver = file.EndsWith(".sys", StringComparison.InvariantCultureIgnoreCase); // Check whether this file is signed bool isSigned = ExeSignChecker.CheckFileDigitalSignature(file); if (isSigned && isDriver) { isSigned = ExeSignChecker.IsKernelModeSignedFile(file); } Con.WriteLine("The file '{0}': {1}.", file, isSigned ? "Already signed" : "Not yet signed"); if (isSigned == false) { Con.WriteLine("Signing..."); CodeSign.SignFile(file, file, "VPN Software", isDriver); } } } }
// Create Inf file for Windows 8 public static void GenerateINFFilesForWindows8(string cpu) { int build, version; string name; DateTime date; ReadBuildInfoFromTextFile(out build, out version, out name, out date); string hamcore = Path.Combine(Paths.BinDirName, "hamcore"); string inf_src_x86 = Path.Combine(hamcore, "vpn_driver.inf"); string inf_src_x64 = Path.Combine(hamcore, "vpn_driver_x64.inf"); string sys_src_x86 = Path.Combine(hamcore, "vpn_driver.sys"); string sys_src_x64 = Path.Combine(hamcore, "vpn_driver_x64.sys"); string sys6_src_x86 = Path.Combine(hamcore, "vpn_driver6.sys"); string sys6_src_x64 = Path.Combine(hamcore, "vpn_driver6_x64.sys"); Con.WriteLine("Generating INF Files for Windows 8..."); string dst_x86 = Path.Combine(hamcore, @"inf\x86"); string dst_x64 = Path.Combine(hamcore, @"inf\x64"); if (Str.StrCmpi(cpu, "x64")) { if (ExeSignChecker.CheckFileDigitalSignature(sys_src_x64) == false || ExeSignChecker.IsKernelModeSignedFile(sys_src_x64) == false) { throw new ApplicationException(sys_src_x64 + " is not signed."); } generateINFFilesForPlatform(inf_src_x64, sys_src_x64, sys6_src_x64, dst_x64, version, build, date, false); } else { if (ExeSignChecker.CheckFileDigitalSignature(sys_src_x86) == false || ExeSignChecker.IsKernelModeSignedFile(sys_src_x86) == false) { throw new ApplicationException(sys_src_x86 + " is not signed."); } generateINFFilesForPlatform(inf_src_x86, sys_src_x86, sys6_src_x86, dst_x86, version, build, date, false); } Con.WriteLine("Generating INF Files for Windows 8 Ok."); }
public async Task <byte[]> SignAsync(string password, ReadOnlyMemory <byte> srcData, string certName, string flags, string comment, int numRetry = 5, CancellationToken cancel = default) { QueryStringList qs = new QueryStringList(); qs.Add("password", password); qs.Add("cert", certName); qs.Add("flags", flags); qs.Add("comment", comment); qs.Add("numretry", numRetry.ToString()); WebRet ret = await this.Web.SimplePostDataAsync(this.Url + "?" + qs, srcData.ToArray(), cancel, Consts.MimeTypes.OctetStream); if (ret.Data.Length <= (srcData.Length * 9L / 10L)) { throw new CoresException("ret.Data.Length <= (srcData.Length * 9L / 10L)"); } if (ExeSignChecker.CheckFileDigitalSignature(ret.Data, flags._InStr("driver", true)) == false) { throw new CoresException("CheckFileDigitalSignature failed."); } return(ret.Data); }
// Digital-sign the data on the memory public static byte[] SignMemory(byte[] srcData, string comment, bool kernelModeDriver, int cert_id, int sha_mode) { #if !BU_OSS int i; string out_filename = null; byte[] ret = null; string in_tmp_filename = Path.Combine(in_dir, Str.DateTimeToStrShortWithMilliSecs(DateTime.Now) + "_" + Env.MachineName + "_" + Secure.Rand63i().ToString() + ".dat"); IO.SaveFile(in_tmp_filename, srcData); for (i = 0; i < NumRetries; i++) { Sign sign = new Sign(); sign.Proxy = new WebProxy(); try { out_filename = sign.ExecSignEx(Path.GetFileName(in_tmp_filename), kernelModeDriver, comment, cert_id, sha_mode); break; } catch (Exception ex) { if (i != (NumRetries - 1)) { Kernel.SleepThread(RetryIntervals); } else { throw ex; } } } for (i = 0; i < NumRetriesForCopy; i++) { try { ret = IO.ReadFile(Path.Combine(out_dir, out_filename)); } catch (Exception ex) { if (i != (NumRetriesForCopy - 1)) { Kernel.SleepThread(RetryIntervalsForCopy); } else { throw ex; } } } string tmpFileName = IO.CreateTempFileNameByExt(".exe"); try { File.Delete(tmpFileName); } catch { } File.WriteAllBytes(tmpFileName, ret); lock (lockObj) { if (ExeSignChecker.CheckFileDigitalSignature(tmpFileName) == false) { throw new ApplicationException("CheckFileDigitalSignature failed."); } if (kernelModeDriver) { if (ExeSignChecker.IsKernelModeSignedFile(tmpFileName) == false) { throw new ApplicationException("IsKernelModeSignedFile failed."); } } } try { } catch { File.Delete(tmpFileName); } return(ret); #else // BU_OSS return(srcData); #endif // BU_OSS }