public static VerifyResult VerifyFile(string fileName, out string signerName)
{
VerifyResult result;
using (MemoryAlloc strMem = new MemoryAlloc(fileName.Length * 2 + 2))
{
WintrustFileInfo fileInfo = new WintrustFileInfo();
strMem.WriteUnicodeString(0, fileName);
strMem.WriteInt16(fileName.Length * 2, 0);
fileInfo.Size = WintrustFileInfo.SizeOf;
fileInfo.FilePath = strMem;
WintrustData trustData = new WintrustData
{
Size = WintrustData.SizeOf,
UIChoice = 2, // WTD_UI_NONE
UnionChoice = 1, // WTD_CHOICE_FILE
RevocationChecks = WtdRevocationChecks.None,
ProvFlags = WtdProvFlags.Safer,
StateAction = WtdStateAction.Verify
};
if (OSVersion.IsAboveOrEqual(WindowsVersion.Vista))
{
trustData.ProvFlags |= WtdProvFlags.CacheOnlyUrlRetrieval;
}
using (MemoryAlloc mem = new MemoryAlloc(fileInfo.Size))
{
mem.WriteStruct(fileInfo);
trustData.UnionData = mem;
uint winTrustResult = Win32.WinVerifyTrust(IntPtr.Zero, WintrustActionGenericVerifyV2, ref trustData);
result = StatusToVerifyResult(winTrustResult);
try
{
if (result != VerifyResult.NoSignature)
{
signerName = GetSignerNameFromStateData(trustData.StateData);
return(result);
}
}
finally
{
// Close the state data.
trustData.StateAction = WtdStateAction.Close;
Win32.WinVerifyTrust(IntPtr.Zero, WintrustActionGenericVerifyV2, ref trustData);
}
}
}
signerName = null;
using (FileHandle sourceFile = FileHandle.CreateWin32(fileName, FileAccess.GenericRead, FileShareMode.Read, FileCreationDispositionWin32.OpenExisting))
{
byte[] hash = new byte[256];
int hashLength = 256;
if (!Win32.CryptCATAdminCalcHashFromFileHandle(sourceFile, ref hashLength, hash, 0))
{
hash = new byte[hashLength];
if (!Win32.CryptCATAdminCalcHashFromFileHandle(sourceFile, ref hashLength, hash, 0))
{
return(VerifyResult.NoSignature);
}
}
StringBuilder memberTag = new StringBuilder(hashLength * 2);
for (int i = 0; i < hashLength; i++)
{
memberTag.Append(hash[i].ToString("X2"));
}
IntPtr catAdmin;
if (!Win32.CryptCATAdminAcquireContext(out catAdmin, DriverActionVerify, 0))
{
return(VerifyResult.NoSignature);
}
IntPtr catInfo = Win32.CryptCATAdminEnumCatalogFromHash(catAdmin, hash, hashLength, 0, IntPtr.Zero);
if (catInfo == IntPtr.Zero)
{
Win32.CryptCATAdminReleaseContext(catAdmin, 0);
return(VerifyResult.NoSignature);
}
CatalogInfo ci;
if (!Win32.CryptCATCatalogInfoFromContext(catInfo, out ci, 0))
{
Win32.CryptCATAdminReleaseCatalogContext(catAdmin, catInfo, 0);
Win32.CryptCATAdminReleaseContext(catAdmin, 0);
return(VerifyResult.NoSignature);
}
WintrustCatalogInfo wci = new WintrustCatalogInfo
{
Size = WintrustCatalogInfo.SizeOf,
CatalogFilePath = ci.CatalogFile,
MemberFilePath = fileName,
MemberTag = memberTag.ToString()
};
WintrustData trustData = new WintrustData
{
Size = WintrustData.SizeOf,
UIChoice = 1,
UnionChoice = 2,
RevocationChecks = WtdRevocationChecks.None,
StateAction = WtdStateAction.Verify
};
if (OSVersion.IsAboveOrEqual(WindowsVersion.Vista))
{
trustData.ProvFlags = WtdProvFlags.CacheOnlyUrlRetrieval;
}
using (MemoryAlloc mem = new MemoryAlloc(wci.Size))
{
mem.WriteStruct(wci);
try
{
trustData.UnionData = mem;
uint winTrustResult = Win32.WinVerifyTrust(IntPtr.Zero, DriverActionVerify, ref trustData);
result = StatusToVerifyResult(winTrustResult);
if (result != VerifyResult.NoSignature)
{
signerName = GetSignerNameFromStateData(trustData.StateData);
}
}
finally
{
try
{
// Close the state data.
trustData.StateAction = WtdStateAction.Close;
Win32.WinVerifyTrust(IntPtr.Zero, DriverActionVerify, ref trustData);
}
finally
{
Win32.CryptCATAdminReleaseCatalogContext(catAdmin, catInfo, 0);
Win32.CryptCATAdminReleaseContext(catAdmin, 0);
mem.DestroyStruct <WintrustCatalogInfo>();
}
}
}
}
return(result);
}
