Esempio n. 1
0
        internal static COM.TYPEATTR GetTypeAttr(COM.ITypeInfo typeinfo)
        {
            IntPtr pTypeAttr;

            typeinfo.GetTypeAttr(out pTypeAttr);
            COM.TYPEATTR typeattr = ClrFacade.PtrToStructure <COM.TYPEATTR>(pTypeAttr);
            typeinfo.ReleaseTypeAttr(pTypeAttr);
            return(typeattr);
        }
Esempio n. 2
0
        internal static COM.FUNCDESC GetFuncDesc(COM.ITypeInfo typeinfo, int index)
        {
            IntPtr pFuncDesc;

            typeinfo.GetFuncDesc(index, out pFuncDesc);
            COM.FUNCDESC funcdesc = ClrFacade.PtrToStructure <COM.FUNCDESC>(pFuncDesc);
            typeinfo.ReleaseFuncDesc(pFuncDesc);
            return(funcdesc);
        }
Esempio n. 3
0
        /// <summary>
        /// Obtains the parameter information for a given FuncDesc
        /// </summary>
        internal static ParameterInformation[] GetParameterInformation(COM.FUNCDESC funcdesc, bool skipLastParameter)
        {
            int cParams = funcdesc.cParams;

            if (skipLastParameter)
            {
                Diagnostics.Assert(cParams > 0, "skipLastParameter is only true for property setters where there is at least one parameter");
                cParams--;
            }
            ParameterInformation[] parameters = new ParameterInformation[cParams];

            IntPtr ElementDescriptionArrayPtr = funcdesc.lprgelemdescParam;
            int    ElementDescriptionSize     = ClrFacade.SizeOf <COM.ELEMDESC>();

            for (int i = 0; i < cParams; i++)
            {
                COM.ELEMDESC ElementDescription;
                int          ElementDescriptionArrayByteOffset;
                IntPtr       ElementDescriptionPointer;
                bool         fOptional = false;

                ElementDescription = new COM.ELEMDESC();
                ElementDescriptionArrayByteOffset = i * ElementDescriptionSize;
                //Disable PRefast warning for converting to int32 and converting back into intptr.
                //Code below takes into account 32 bit vs 64 bit conversions
#pragma warning disable 56515

                if (IntPtr.Size == 4)
                {
                    ElementDescriptionPointer = (IntPtr)(ElementDescriptionArrayPtr.ToInt32() + ElementDescriptionArrayByteOffset);
                }
                else
                {
                    ElementDescriptionPointer = (IntPtr)(ElementDescriptionArrayPtr.ToInt64() + ElementDescriptionArrayByteOffset);
                }

#pragma warning enable 56515

                ElementDescription = ClrFacade.PtrToStructure <COM.ELEMDESC>(ElementDescriptionPointer);

                //get the type of parameter
                Type   type         = ComUtil.GetTypeFromTypeDesc(ElementDescription.tdesc);
                Object defaultvalue = null;

                //check is this parameter is optional.
                if ((ElementDescription.desc.paramdesc.wParamFlags & COM.PARAMFLAG.PARAMFLAG_FOPT) != 0)
                {
                    fOptional    = true;
                    defaultvalue = Type.Missing;
                }

                bool fByRef = (ElementDescription.desc.paramdesc.wParamFlags & COM.PARAMFLAG.PARAMFLAG_FOUT) != 0;
                parameters[i] = new ParameterInformation(type, fOptional, defaultvalue, fByRef);
            }

            return(parameters);
        }
Esempio n. 4
0
        private static DWORD GetWinTrustData(string fileName, string fileContent,
                                             out NativeMethods.WINTRUST_DATA wtData)
        {
            DWORD  dwResult = Win32Errors.E_FAIL;
            IntPtr WINTRUST_ACTION_GENERIC_VERIFY_V2 = IntPtr.Zero;
            IntPtr wtdBuffer = IntPtr.Zero;

            Guid actionVerify =
                new Guid("00AAC56B-CD44-11d0-8CC2-00C04FC295EE");

            try
            {
                WINTRUST_ACTION_GENERIC_VERIFY_V2 =
                    Marshal.AllocCoTaskMem(Marshal.SizeOf(actionVerify));
                Marshal.StructureToPtr(actionVerify,
                                       WINTRUST_ACTION_GENERIC_VERIFY_V2,
                                       false);

                NativeMethods.WINTRUST_DATA wtd;

                if (fileContent == null)
                {
                    NativeMethods.WINTRUST_FILE_INFO wfi = NativeMethods.InitWintrustFileInfoStruct(fileName);
                    wtd = NativeMethods.InitWintrustDataStructFromFile(wfi);
                }
                else
                {
                    NativeMethods.WINTRUST_BLOB_INFO wbi = NativeMethods.InitWintrustBlobInfoStruct(fileName, fileContent);
                    wtd = NativeMethods.InitWintrustDataStructFromBlob(wbi);
                }

                wtdBuffer = Marshal.AllocCoTaskMem(Marshal.SizeOf(wtd));
                Marshal.StructureToPtr(wtd, wtdBuffer, false);

                // The result is returned to the caller, and handled generically.
                // Disable the PreFast check for Win32 error codes, as we don't care.
#pragma warning disable 56523
                dwResult = NativeMethods.WinVerifyTrust(
                    IntPtr.Zero,
                    WINTRUST_ACTION_GENERIC_VERIFY_V2,
                    wtdBuffer);
#pragma warning enable 56523

                wtData = ClrFacade.PtrToStructure <NativeMethods.WINTRUST_DATA>(wtdBuffer);
            }
            finally
            {
                ClrFacade.DestroyStructure <Guid>(WINTRUST_ACTION_GENERIC_VERIFY_V2);
                Marshal.FreeCoTaskMem(WINTRUST_ACTION_GENERIC_VERIFY_V2);
                ClrFacade.DestroyStructure <NativeMethods.WINTRUST_DATA>(wtdBuffer);
                Marshal.FreeCoTaskMem(wtdBuffer);
            }
            return(dwResult);
        }
Esempio n. 5
0
        internal static string ReadScript(string path)
        {
            using (FileStream readerStream = new FileStream(path, FileMode.Open, FileAccess.Read))
            {
                Encoding defaultEncoding = ClrFacade.GetDefaultEncoding();
                Microsoft.Win32.SafeHandles.SafeFileHandle safeFileHandle = readerStream.SafeFileHandle;

                using (StreamReader scriptReader = new StreamReader(readerStream, defaultEncoding))
                {
                    return(scriptReader.ReadToEnd());
                }
            }
        }
Esempio n. 6
0
        /// <summary>
        /// Add the 'UserName' NoteProperty to the Process object
        /// </summary>
        /// <param name="process"></param>
        /// <returns></returns>
        private static PSObject AddUserNameToProcess(Process process)
        {
            // Return null if we failed to get the owner information
            string userName = ClrFacade.RetrieveProcessUserName(process);

            PSObject       processAsPsobj = PSObject.AsPSObject(process);
            PSNoteProperty noteProperty   = new PSNoteProperty("UserName", userName);

            processAsPsobj.Properties.Add(noteProperty, true);
            processAsPsobj.TypeNames.Insert(0, TypeNameForProcessWithUserName);

            return(processAsPsobj);
        }
Esempio n. 7
0
        /// <summary>
        /// Restore the previous privilege state
        /// </summary>
        /// <param name="privilegeName"></param>
        /// <param name="previousPrivilegeState"></param>
        /// <returns></returns>
        internal static bool RestoreTokenPrivilege(string privilegeName, ref TOKEN_PRIVILEGE previousPrivilegeState)
        {
            // The privilege was not changed, do not need to restore it.
            if (previousPrivilegeState.PrivilegeCount == 0)
            {
                return(true);
            }

            bool            success  = false;
            TOKEN_PRIVILEGE newState = new TOKEN_PRIVILEGE();

            // Check if the caller has the specified privilege or not. If the caller has it, check the LUID specified in previousPrivilegeState
            // to see if the previousPrivilegeState is defined for the same privilege
            if (LookupPrivilegeValue(null, privilegeName, ref newState.Privilege.Luid) &&
                newState.Privilege.Luid.HighPart == previousPrivilegeState.Privilege.Luid.HighPart &&
                newState.Privilege.Luid.LowPart == previousPrivilegeState.Privilege.Luid.LowPart)
            {
                // Get the pseudo handler of the current process
                IntPtr processHandler = GetCurrentProcess();
                if (processHandler != IntPtr.Zero)
                {
                    // Get the handler of the current process's access token
                    IntPtr tokenHandler = IntPtr.Zero;
                    if (OpenProcessToken(processHandler, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, out tokenHandler))
                    {
                        int bufferSize = ClrFacade.SizeOf <TOKEN_PRIVILEGE>();
                        int returnSize = 0;

                        // restore the privilege state back to the previous privilege state
                        if (AdjustTokenPrivileges(tokenHandler, false, ref previousPrivilegeState, bufferSize, out newState, ref returnSize))
                        {
                            if (Marshal.GetLastWin32Error() == ERROR_SUCCESS)
                            {
                                success = true;
                            }
                        }
                    }

                    if (tokenHandler != IntPtr.Zero)
                    {
                        CloseHandle(tokenHandler);
                    }
                    CloseHandle(processHandler);
                }
            }

            return(success);
        }
Esempio n. 8
0
        /// <summary>
        /// Converts a MethodBase[] into a MethodInformation[]
        /// </summary>
        /// <returns>the ComMethodInformation[] corresponding to methods</returns>
        internal static ComMethodInformation[] GetMethodInformationArray(COM.ITypeInfo typeInfo, Collection <int> methods, bool skipLastParameters)
        {
            int methodCount = methods.Count;
            int count       = 0;

            ComMethodInformation[] returnValue = new ComMethodInformation[methodCount];

            foreach (int index in methods)
            {
                IntPtr pFuncDesc;
                typeInfo.GetFuncDesc(index, out pFuncDesc);
                COM.FUNCDESC funcdesc = ClrFacade.PtrToStructure <COM.FUNCDESC>(pFuncDesc);
                returnValue[count++] = ComUtil.GetMethodInformation(funcdesc, skipLastParameters);
                typeInfo.ReleaseFuncDesc(pFuncDesc);
            }
            return(returnValue);
        }
Esempio n. 9
0
        internal string GetDefinition()
        {
            IntPtr pFuncDesc = IntPtr.Zero;

            try
            {
                _typeInfo.GetFuncDesc(GetFuncDescIndex(), out pFuncDesc);
                COM.FUNCDESC funcdesc = ClrFacade.PtrToStructure <COM.FUNCDESC>(pFuncDesc);

                return(ComUtil.GetMethodSignatureFromFuncDesc(_typeInfo, funcdesc, !IsGettable));
            }
            finally
            {
                if (pFuncDesc != IntPtr.Zero)
                {
                    _typeInfo.ReleaseFuncDesc(pFuncDesc);
                }
            }
        }
Esempio n. 10
0
        /// <summary>
        /// Get file attribute (Relative path in our case) from catalog
        /// </summary>
        /// <param name="memberAttrInfo"> Pointer to current attribute of catalog member. </param>
        /// <returns> value of the attribute </returns>
        internal static string ProcessFilePathAttributeInCatalog(IntPtr memberAttrInfo)
        {
            string relativePath = string.Empty;

            NativeMethods.CRYPTCATATTRIBUTE currentMemberAttr = ClrFacade.PtrToStructure <NativeMethods.CRYPTCATATTRIBUTE>(memberAttrInfo);

            // check if this is the attribute we are looking for
            // catalog generated other way not using New-FileCatalog can have attributes we don't understand
            if (currentMemberAttr.pwszReferenceTag.Equals("FilePath", StringComparison.OrdinalIgnoreCase))
            {
                // find the size for the current attribute value and then allocate buffer and copy from byte array
                int    attrValueSize = (int)currentMemberAttr.cbValue;
                byte[] attrValue     = new byte[attrValueSize];
                Marshal.Copy(currentMemberAttr.pbValue, attrValue, 0, attrValueSize);
                relativePath = System.Text.Encoding.Unicode.GetString(attrValue);
                relativePath = relativePath.TrimEnd('\0');
            }

            return(relativePath);
        }
Esempio n. 11
0
        /// <summary>
        /// Returns the different method overloads signatures.
        /// </summary>
        /// <returns></returns>
        internal Collection <String> MethodDefinitions()
        {
            Collection <String> result = new Collection <string>();


            foreach (int index in _methods)
            {
                IntPtr pFuncDesc;

                _typeInfo.GetFuncDesc(index, out pFuncDesc);
                COM.FUNCDESC funcdesc = ClrFacade.PtrToStructure <COM.FUNCDESC>(pFuncDesc);

                string signature = ComUtil.GetMethodSignatureFromFuncDesc(_typeInfo, funcdesc, false);
                result.Add(signature);

                _typeInfo.ReleaseFuncDesc(pFuncDesc);
            }

            return(result);
        }
Esempio n. 12
0
        private static X509Certificate2 GetCertFromChain(IntPtr pSigner)
        {
            X509Certificate2 signerCert = null;

            // We don't care about the Win32 error code here, so disable
            // the PreFast complaint that we're not retrieving it.
#pragma warning disable 56523
            IntPtr pCert =
                NativeMethods.WTHelperGetProvCertFromChain(pSigner, 0);
#pragma warning enable 56523

            if (pCert != IntPtr.Zero)
            {
                NativeMethods.CRYPT_PROVIDER_CERT provCert =
                    (NativeMethods.CRYPT_PROVIDER_CERT)
                    ClrFacade.PtrToStructure <NativeMethods.CRYPT_PROVIDER_CERT>(pCert);
                signerCert = new X509Certificate2(provCert.pCert);
            }

            return(signerCert);
        }
Esempio n. 13
0
        /// <summary>
        /// Returns an equivalent NetworkCredential object for this
        /// PSCredential.
        ///
        /// A null is returned if
        /// -- current object has not been initialized
        /// -- current creds are not compatible with NetworkCredential
        ///    (such as smart card creds or cert creds)
        /// </summary>
        ///
        /// <returns>
        ///     null if the current object has not been initialized.
        ///     null if the current credentials are incompatible with
        ///       a NetworkCredential -- such as smart card credentials.
        ///     the appropriate network credential for this PSCredential otherwise.
        /// </returns>
        public NetworkCredential GetNetworkCredential()
        {
            if (_netCred == null)
            {
                string user   = null;
                string domain = null;

                if (IsValidUserName(_userName, out user, out domain))
                {
#if CORECLR
                    // NetworkCredential constructor only accepts plain string password in .NET Core.
                    // TODO: This raises security concerns about having the plain string password in memory
                    // for an indefinite period of time. So we need to change back to the constructor that
                    // takes a SecureString password once it becomes available in .NET Core.
                    IntPtr unmanagedPtr = IntPtr.Zero;
                    try
                    {
                        unmanagedPtr = ClrFacade.SecureStringToCoTaskMemUnicode(_password);
                        string pwdInPlainText = System.Runtime.InteropServices.Marshal.PtrToStringUni(unmanagedPtr);
                        _netCred = new NetworkCredential(user, pwdInPlainText, domain);
                    }
                    finally
                    {
                        if (unmanagedPtr != IntPtr.Zero)
                        {
                            Marshal.ZeroFreeCoTaskMemUnicode(unmanagedPtr);
                        }
                    }
#else
                    _netCred = new NetworkCredential(user, _password, domain);
#endif
                }
            }

            return(_netCred);
        }
Esempio n. 14
0
        private static bool TryGetProviderSigner(IntPtr wvtStateData, out IntPtr pProvSigner, out X509Certificate2 timestamperCert)
        {
            pProvSigner     = IntPtr.Zero;
            timestamperCert = null;

            // The GetLastWin32Error of this is checked, but PreSharp doesn't seem to be
            // able to see that.
#pragma warning disable 56523
            IntPtr pProvData =
                NativeMethods.WTHelperProvDataFromStateData(wvtStateData);
#pragma warning enable 56523

            if (pProvData != IntPtr.Zero)
            {
                pProvSigner =
                    NativeMethods.WTHelperGetProvSignerFromChain(pProvData, 0, 0, 0);

                if (pProvSigner != IntPtr.Zero)
                {
                    NativeMethods.CRYPT_PROVIDER_SGNR provSigner =
                        (NativeMethods.CRYPT_PROVIDER_SGNR)
                        ClrFacade.PtrToStructure <NativeMethods.CRYPT_PROVIDER_SGNR>(pProvSigner);
                    if (provSigner.csCounterSigners == 1)
                    {
                        //
                        // time stamper cert available
                        //
                        timestamperCert = GetCertFromChain(provSigner.pasCounterSigners);
                    }

                    return(true);
                }
            }

            return(false);
        }
Esempio n. 15
0
        /// <summary>
        /// Retrieve the encoding parameter from the command line
        /// it throws if the encoding does not match the known ones.
        /// </summary>
        /// <returns>A System.Text.Encoding object (null if no encoding specified).</returns>
        internal static Encoding Convert(Cmdlet cmdlet, string encoding)
        {
            if (string.IsNullOrEmpty(encoding))
            {
                // no parameter passed, default to UTF8
                return(ClrFacade.GetDefaultEncoding());
            }

            Encoding foundEncoding;

            if (encodingMap.TryGetValue(encoding, out foundEncoding))
            {
                // Write a warning if using utf7 as it is obsolete in .NET5
                if (string.Compare(encoding, Utf7, StringComparison.OrdinalIgnoreCase) == 0)
                {
                    cmdlet.WriteWarning(PathUtilsStrings.Utf7EncodingObsolete);
                }

                return(foundEncoding);
            }

            // error condition: unknown encoding value
            string validEncodingValues = string.Join(", ", TabCompletionResults);
            string msg = StringUtil.Format(PathUtilsStrings.OutFile_WriteToFileEncodingUnknown, encoding, validEncodingValues);

            ErrorRecord errorRecord = new ErrorRecord(
                PSTraceSource.NewArgumentException("Encoding"),
                "WriteToFileEncodingUnknown",
                ErrorCategory.InvalidArgument,
                null);

            errorRecord.ErrorDetails = new ErrorDetails(msg);
            cmdlet.ThrowTerminatingError(errorRecord);

            return(null);
        }
Esempio n. 16
0
            FileAttributes dwFileAttributes);                    // _In_  DWORD

        /// <summary>
        /// Enable the privilege specified by the privilegeName. If the specified privilege is already enabled, return true
        /// with the oldPrivilegeState.PrivilegeCount set to 0. Otherwise, enable the specified privilege, and the old privilege
        /// state will be saved in oldPrivilegeState.
        /// </summary>
        /// <param name="privilegeName"></param>
        /// <param name="oldPrivilegeState"></param>
        /// <returns></returns>
        internal static bool EnableTokenPrivilege(string privilegeName, ref TOKEN_PRIVILEGE oldPrivilegeState)
        {
            bool success = false;

            TOKEN_PRIVILEGE newPrivilegeState = new TOKEN_PRIVILEGE();

            // Check if the caller has the specified privilege or not
            if (LookupPrivilegeValue(null, privilegeName, ref newPrivilegeState.Privilege.Luid))
            {
                // Get the pseudo handler of the current process
                IntPtr processHandler = GetCurrentProcess();
                if (processHandler != IntPtr.Zero)
                {
                    // Get the handler of the current process's access token
                    IntPtr tokenHandler = IntPtr.Zero;
                    if (OpenProcessToken(processHandler, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, out tokenHandler))
                    {
                        // Check if the specified privilege is already enabled
                        PRIVILEGE_SET requiredPrivilege = new PRIVILEGE_SET();
                        requiredPrivilege.Privilege.Luid = newPrivilegeState.Privilege.Luid;
                        requiredPrivilege.PrivilegeCount = 1;
                        // PRIVILEGE_SET_ALL_NECESSARY is defined as 1
                        requiredPrivilege.Control = 1;
                        bool privilegeEnabled = false;

                        if (PrivilegeCheck(tokenHandler, ref requiredPrivilege, out privilegeEnabled) && privilegeEnabled)
                        {
                            // The specified privilege is already enabled
                            oldPrivilegeState.PrivilegeCount = 0;
                            success = true;
                        }
                        else
                        {
                            // The specified privilege is not enabled yet. Enable it.
                            newPrivilegeState.PrivilegeCount       = 1;
                            newPrivilegeState.Privilege.Attributes = SE_PRIVILEGE_ENABLED;
                            int bufferSize = ClrFacade.SizeOf <TOKEN_PRIVILEGE>();
                            int returnSize = 0;

                            // enable the specified privilege
                            if (AdjustTokenPrivileges(tokenHandler, false, ref newPrivilegeState, bufferSize, out oldPrivilegeState, ref returnSize))
                            {
                                // AdjustTokenPrivileges returns true does not mean all specified privileges have been successfully enabled
                                int retCode = Marshal.GetLastWin32Error();
                                if (retCode == ERROR_SUCCESS)
                                {
                                    success = true;
                                }
                                else if (retCode == 1300)
                                {
                                    // 1300 - Not all privileges referenced are assigned to the caller. This means the specified privilege is not
                                    // assigned to the current user. For example, suppose the role of current caller is "User", then privilege "SeRemoteShutdownPrivilege"
                                    // is not assigned to the role. In this case, we just return true and leave the call to "Win32Shutdown" to decide
                                    // whether the permission is granted or not.
                                    // Set oldPrivilegeState.PrivilegeCount to 0 to avoid the privilege restore later (PrivilegeCount - how many privileges are modified)
                                    oldPrivilegeState.PrivilegeCount = 0;
                                    success = true;
                                }
                            }
                        }
                    }

                    // Close the token handler and the process handler
                    if (tokenHandler != IntPtr.Zero)
                    {
                        CloseHandle(tokenHandler);
                    }
                    CloseHandle(processHandler);
                }
            }

            return(success);
        }
Esempio n. 17
0
        private void ReadScriptContents()
        {
            if (_scriptContents == null)
            {
                // make sure we can actually load the script and that it's non-empty
                // before we call it.

                // Note, although we are passing ASCII as the encoding, the StreamReader
                // class still obeys the byte order marks at the beginning of the file
                // if present. If not present, then ASCII is used as the default encoding.

                try
                {
                    using (FileStream readerStream = new FileStream(_path, FileMode.Open, FileAccess.Read))
                    {
                        Encoding defaultEncoding = ClrFacade.GetDefaultEncoding();
                        Microsoft.Win32.SafeHandles.SafeFileHandle safeFileHandle = readerStream.SafeFileHandle;

                        using (StreamReader scriptReader = new StreamReader(readerStream, defaultEncoding))
                        {
                            _scriptContents   = scriptReader.ReadToEnd();
                            _originalEncoding = scriptReader.CurrentEncoding;

                            // Check if this came from a trusted path. If so, set its language mode to FullLanguage.
                            if (SystemPolicy.GetSystemLockdownPolicy() != SystemEnforcementMode.None)
                            {
                                SystemEnforcementMode scriptSpecificPolicy = SystemPolicy.GetLockdownPolicy(_path, safeFileHandle);
                                if (scriptSpecificPolicy != SystemEnforcementMode.Enforce)
                                {
                                    this.DefiningLanguageMode = PSLanguageMode.FullLanguage;
                                }
                                else
                                {
                                    this.DefiningLanguageMode = PSLanguageMode.ConstrainedLanguage;
                                }
                            }
                            else
                            {
                                if (this.Context != null)
                                {
                                    this.DefiningLanguageMode = this.Context.LanguageMode;
                                }
                            }
                        }
                    }
                }
                catch (ArgumentException e)
                {
                    // This catches PSArgumentException as well.
                    ThrowCommandNotFoundException(e);
                }
                catch (IOException e)
                {
                    ThrowCommandNotFoundException(e);
                }
                catch (NotSupportedException e)
                {
                    ThrowCommandNotFoundException(e);
                }
                catch (UnauthorizedAccessException e)
                {
                    // this is unadvertised exception thrown by the StreamReader ctor when
                    // no permission to read the script file
                    ThrowCommandNotFoundException(e);
                }
            }
        }
Esempio n. 18
0
        private void ReadScriptContents()
        {
            if (_scriptContents == null)
            {
                // make sure we can actually load the script and that it's non-empty
                // before we call it.

                // Note, although we are passing ASCII as the encoding, the StreamReader
                // class still obeys the byte order marks at the beginning of the file
                // if present. If not present, then ASCII is used as the default encoding.

                try
                {
                    using (FileStream readerStream = new FileStream(_path, FileMode.Open, FileAccess.Read))
                    {
                        Encoding defaultEncoding = ClrFacade.GetDefaultEncoding();

                        using (StreamReader scriptReader = new StreamReader(readerStream, defaultEncoding))
                        {
                            _scriptContents   = scriptReader.ReadToEnd();
                            _originalEncoding = scriptReader.CurrentEncoding;

                            // Check this file against any system wide enforcement policies.
                            SystemScriptFileEnforcement filePolicyEnforcement = SystemPolicy.GetFilePolicyEnforcement(_path, readerStream);
                            switch (filePolicyEnforcement)
                            {
                            case SystemScriptFileEnforcement.None:
                                if (Context != null)
                                {
                                    DefiningLanguageMode = Context.LanguageMode;
                                }

                                break;

                            case SystemScriptFileEnforcement.Allow:
                                DefiningLanguageMode = PSLanguageMode.FullLanguage;
                                break;

                            case SystemScriptFileEnforcement.AllowConstrained:
                                DefiningLanguageMode = PSLanguageMode.ConstrainedLanguage;
                                break;

                            case SystemScriptFileEnforcement.Block:
                                throw new PSSecurityException(
                                          string.Format(
                                              Globalization.CultureInfo.CurrentUICulture,
                                              SecuritySupportStrings.ScriptFileBlockedBySystemPolicy,
                                              _path));

                            default:
                                throw new PSSecurityException(
                                          string.Format(
                                              Globalization.CultureInfo.CurrentUICulture,
                                              SecuritySupportStrings.UnknownSystemScriptFileEnforcement,
                                              filePolicyEnforcement));
                            }
                        }
                    }
                }
                catch (ArgumentException e)
                {
                    // This catches PSArgumentException as well.
                    ThrowCommandNotFoundException(e);
                }
                catch (IOException e)
                {
                    ThrowCommandNotFoundException(e);
                }
                catch (NotSupportedException e)
                {
                    ThrowCommandNotFoundException(e);
                }
                catch (UnauthorizedAccessException e)
                {
                    // this is unadvertised exception thrown by the StreamReader ctor when
                    // no permission to read the script file
                    ThrowCommandNotFoundException(e);
                }
            }
        }
Esempio n. 19
0
        /// <summary>
        /// Make list of hashes for given Catalog File
        /// </summary>
        /// <param name="catalogFilePath"> Path to the folder having catalog file </param>
        /// <param name="excludedPatterns"></param>
        /// <param name="catalogVersion"> The version of input catalog we read from catalog meta data after opening it.</param>
        /// <returns> Dictionary mapping files relative paths to HashValues </returns>
        internal static Dictionary <String, String> GetHashesFromCatalog(string catalogFilePath, WildcardPattern[] excludedPatterns, out int catalogVersion)
        {
            IntPtr resultCatalog        = NativeMethods.CryptCATOpen(catalogFilePath, 0, IntPtr.Zero, 1, 0);
            IntPtr INVALID_HANDLE_VALUE = new IntPtr(-1);
            Dictionary <String, String> catalogHashes = new Dictionary <String, String>(StringComparer.CurrentCultureIgnoreCase);

            catalogVersion = 0;

            if (resultCatalog != INVALID_HANDLE_VALUE)
            {
                try
                {
                    IntPtr catAttrInfo = IntPtr.Zero;

                    // First traverse all catalog level attributes to get information about zero size file.
                    do
                    {
                        catAttrInfo = NativeMethods.CryptCATEnumerateCatAttr(resultCatalog, catAttrInfo);

                        // If we found attribute it is a file information  retrieve its relative path
                        // and add it to catalog hash collection if its not in excluded files criteria
                        if (catAttrInfo != IntPtr.Zero)
                        {
                            string relativePath = ProcessFilePathAttributeInCatalog(catAttrInfo);
                            if (!String.IsNullOrEmpty(relativePath))
                            {
                                ProcessCatalogFile(relativePath, string.Empty, excludedPatterns, ref catalogHashes);
                            }
                        }
                    } while (catAttrInfo != IntPtr.Zero);

                    catalogVersion = GetCatalogVersion(resultCatalog);

                    IntPtr memberInfo = IntPtr.Zero;
                    // Next Navigate all members in Catalog files and get their relative paths and hashes
                    do
                    {
                        memberInfo = NativeMethods.CryptCATEnumerateMember(resultCatalog, memberInfo);
                        if (memberInfo != IntPtr.Zero)
                        {
                            NativeMethods.CRYPTCATMEMBER    currentMember = ClrFacade.PtrToStructure <NativeMethods.CRYPTCATMEMBER>(memberInfo);
                            NativeMethods.SIP_INDIRECT_DATA pIndirectData = ClrFacade.PtrToStructure <NativeMethods.SIP_INDIRECT_DATA>(currentMember.pIndirectData);

                            // For Catalog version 2 CryptoAPI puts hashes of file attributes(relative path in our case) in Catalog as well
                            // We validate those along with file hashes so we are skipping duplicate entries
                            if (!((catalogVersion == 2) && (pIndirectData.DigestAlgorithm.pszObjId.Equals(new Oid("SHA1").Value, StringComparison.OrdinalIgnoreCase))))
                            {
                                string relativePath   = String.Empty;
                                IntPtr memberAttrInfo = IntPtr.Zero;
                                do
                                {
                                    memberAttrInfo = NativeMethods.CryptCATEnumerateAttr(resultCatalog, memberInfo, memberAttrInfo);

                                    if (memberAttrInfo != IntPtr.Zero)
                                    {
                                        relativePath = ProcessFilePathAttributeInCatalog(memberAttrInfo);
                                        if (!String.IsNullOrEmpty(relativePath))
                                        {
                                            break;
                                        }
                                    }
                                }while (memberAttrInfo != IntPtr.Zero);

                                // If we did not find any Relative Path for the item in catalog we should quit
                                // This catalog must  not be valid for our use as catalogs generated using New-FileCatalog
                                // always contains relative file Paths
                                if (String.IsNullOrEmpty(relativePath))
                                {
                                    ErrorRecord errorRecord = new ErrorRecord(new InvalidOperationException(StringUtil.Format(CatalogStrings.UnableToOpenCatalogFile, catalogFilePath)), "UnableToOpenCatalogFile", ErrorCategory.InvalidOperation, null);
                                    _cmdlet.ThrowTerminatingError(errorRecord);
                                }

                                ProcessCatalogFile(relativePath, currentMember.pwszReferenceTag, excludedPatterns, ref catalogHashes);
                            }
                        }
                    } while (memberInfo != IntPtr.Zero);
                }
                finally
                {
                    NativeMethods.CryptCATClose(resultCatalog);
                }
            }
            else
            {
                ErrorRecord errorRecord = new ErrorRecord(new InvalidOperationException(StringUtil.Format(CatalogStrings.UnableToOpenCatalogFile, catalogFilePath)), "UnableToOpenCatalogFile", ErrorCategory.InvalidOperation, null);
                _cmdlet.ThrowTerminatingError(errorRecord);
            }
            return(catalogHashes);
        }
Esempio n. 20
0
        internal static Signature SignFile(SigningOption option,
                                           string fileName,
                                           X509Certificate2 certificate,
                                           string timeStampServerUrl,
                                           string hashAlgorithm)
        {
            bool      result    = false;
            Signature signature = null;
            IntPtr    pSignInfo = IntPtr.Zero;
            DWORD     error     = 0;
            string    hashOid   = null;

            Utils.CheckArgForNullOrEmpty(fileName, "fileName");
            Utils.CheckArgForNull(certificate, "certificate");

            // If given, TimeStamp server URLs must begin with http://
            if (!String.IsNullOrEmpty(timeStampServerUrl))
            {
                if ((timeStampServerUrl.Length <= 7) ||
                    (timeStampServerUrl.IndexOf("http://", StringComparison.OrdinalIgnoreCase) != 0))
                {
                    throw PSTraceSource.NewArgumentException(
                              "certificate",
                              Authenticode.TimeStampUrlRequired);
                }
            }

            // Validate that the hash algorithm is valid
            if (!String.IsNullOrEmpty(hashAlgorithm))
            {
                IntPtr intptrAlgorithm = Marshal.StringToHGlobalUni(hashAlgorithm);

                IntPtr oidPtr = NativeMethods.CryptFindOIDInfo(NativeConstants.CRYPT_OID_INFO_NAME_KEY,
                                                               intptrAlgorithm,
                                                               0);


                // If we couldn't find an OID for the hash
                // algorithm, it was invalid.
                if (oidPtr == IntPtr.Zero)
                {
                    throw PSTraceSource.NewArgumentException(
                              "certificate",
                              Authenticode.InvalidHashAlgorithm);
                }
                else
                {
                    NativeMethods.CRYPT_OID_INFO oidInfo =
                        ClrFacade.PtrToStructure <NativeMethods.CRYPT_OID_INFO>(oidPtr);

                    hashOid = oidInfo.pszOID;
                }
            }

            if (!SecuritySupport.CertIsGoodForSigning(certificate))
            {
                throw PSTraceSource.NewArgumentException(
                          "certificate",
                          Authenticode.CertNotGoodForSigning);
            }

            SecuritySupport.CheckIfFileExists(fileName);
            //SecurityUtils.CheckIfFileSmallerThan4Bytes(fileName);

            try
            {
                // CryptUI is not documented either way, but does not
                // support empty strings for the timestamp server URL.
                // It expects null, only.  Instead, it randomly AVs if you
                // try.
                string timeStampServerUrlForCryptUI = null;
                if (!String.IsNullOrEmpty(timeStampServerUrl))
                {
                    timeStampServerUrlForCryptUI = timeStampServerUrl;
                }

                //
                // first initialize the struct to pass to
                // CryptUIWizDigitalSign() function
                //
                NativeMethods.CRYPTUI_WIZ_DIGITAL_SIGN_INFO si = NativeMethods.InitSignInfoStruct(fileName,
                                                                                                  certificate,
                                                                                                  timeStampServerUrlForCryptUI,
                                                                                                  hashOid,
                                                                                                  option);

                pSignInfo = Marshal.AllocCoTaskMem(Marshal.SizeOf(si));
                Marshal.StructureToPtr(si, pSignInfo, false);

                //
                // sign the file
                //
                // The GetLastWin32Error of this is checked, but PreSharp doesn't seem to be
                // able to see that.
#pragma warning disable 56523
                result = NativeMethods.CryptUIWizDigitalSign(
                    (DWORD)NativeMethods.CryptUIFlags.CRYPTUI_WIZ_NO_UI,
                    IntPtr.Zero,
                    IntPtr.Zero,
                    pSignInfo,
                    IntPtr.Zero);
#pragma warning enable 56523

                if (si.pSignExtInfo != null)
                {
                    ClrFacade.DestroyStructure <NativeMethods.CRYPTUI_WIZ_DIGITAL_SIGN_EXTENDED_INFO>(si.pSignExtInfo);
                    Marshal.FreeCoTaskMem(si.pSignExtInfo);
                }

                if (!result)
                {
                    error = GetLastWin32Error();

                    //
                    // ISSUE-2004/05/08-kumarp : there seems to be a bug
                    // in CryptUIWizDigitalSign().
                    // It returns 80004005 or 80070001
                    // but it signs the file correctly. Mask this error
                    // till we figure out this odd behavior.
                    //
                    if ((error == 0x80004005) ||
                        (error == 0x80070001) ||

                        // CryptUIWizDigitalSign introduced a breaking change in Win8 to return this
                        // error code (ERROR_INTERNET_NAME_NOT_RESOLVED) when you provide an invalid
                        // timestamp server. It used to be 0x80070001.
                        // Also masking this out so that we don't introduce a breaking change ourselves.
                        (error == 0x80072EE7)
                        )
                    {
                        result = true;
                    }
                    else
                    {
                        if (error == Win32Errors.NTE_BAD_ALGID)
                        {
                            throw PSTraceSource.NewArgumentException(
                                      "certificate",
                                      Authenticode.InvalidHashAlgorithm);
                        }

                        s_tracer.TraceError("CryptUIWizDigitalSign: failed: {0:x}",
                                            error);
                    }
                }

                if (result)
                {
                    signature = GetSignature(fileName, null);
                }
                else
                {
                    signature = new Signature(fileName, (DWORD)error);
                }
            }
            finally
            {
                ClrFacade.DestroyStructure <NativeMethods.CRYPTUI_WIZ_DIGITAL_SIGN_INFO>(pSignInfo);
                Marshal.FreeCoTaskMem(pSignInfo);
            }

            return(signature);
        }
Esempio n. 21
0
        /// <summary>
        /// retrieve the encoding paramater from the command line
        /// it throws if the encoding does not match the known ones
        /// </summary>
        /// <returns>a System.Text.Encoding object (null if no encoding specified)</returns>
        internal static Encoding Convert(Cmdlet cmdlet, string encoding)
        {
            if (string.IsNullOrEmpty(encoding))
            {
                // no parameter passed, default to Unicode (OS preferred)
                return(System.Text.Encoding.Unicode);
            }

            // Default to unicode (this matches Get-Content)
            if (string.Equals(encoding, Unknown, StringComparison.OrdinalIgnoreCase))
            {
                return(System.Text.Encoding.Unicode);
            }

            if (string.Equals(encoding, String, StringComparison.OrdinalIgnoreCase))
            {
                return(System.Text.Encoding.Unicode);
            }

            // these are the encodings the CLR supports
            if (string.Equals(encoding, Unicode, StringComparison.OrdinalIgnoreCase))
            {
                return(System.Text.Encoding.Unicode);
            }

            if (string.Equals(encoding, BigEndianUnicode, StringComparison.OrdinalIgnoreCase))
            {
                return(System.Text.Encoding.BigEndianUnicode);
            }

            if (string.Equals(encoding, Utf8, StringComparison.OrdinalIgnoreCase))
            {
                return(System.Text.Encoding.UTF8);
            }

            if (string.Equals(encoding, Ascii, StringComparison.OrdinalIgnoreCase))
            {
                return(System.Text.Encoding.ASCII);
            }

            if (string.Equals(encoding, Utf7, StringComparison.OrdinalIgnoreCase))
            {
                return(System.Text.Encoding.UTF7);
            }

            if (string.Equals(encoding, Utf32, StringComparison.OrdinalIgnoreCase))
            {
                return(System.Text.Encoding.UTF32);
            }

            if (string.Equals(encoding, Default, StringComparison.OrdinalIgnoreCase))
            {
                return(ClrFacade.GetDefaultEncoding());
            }

            if (string.Equals(encoding, OEM, StringComparison.OrdinalIgnoreCase))
            {
                return(ClrFacade.GetOEMEncoding());
            }

            // error condition: unknown encoding value
            string validEncodingValues = string.Join(
                ", ",
                new string[] { Unknown, String, Unicode, BigEndianUnicode, Ascii, Utf8, Utf7, Utf32, Default, OEM });
            string msg = StringUtil.Format(PathUtilsStrings.OutFile_WriteToFileEncodingUnknown,
                                           encoding, validEncodingValues);

            ErrorRecord errorRecord = new ErrorRecord(
                PSTraceSource.NewArgumentException("Encoding"),
                "WriteToFileEncodingUnknown",
                ErrorCategory.InvalidArgument,
                null);

            errorRecord.ErrorDetails = new ErrorDetails(msg);
            cmdlet.ThrowTerminatingError(errorRecord);

            return(null);
        }
Esempio n. 22
0
        /// <summary>
        /// Retrieve the UserName through PInvoke
        /// </summary>
        /// <param name="process"></param>
        /// <returns></returns>
        private static string RetrieveProcessUserName(Process process)
        {
            string userName = null;

#if UNIX
            userName = Platform.NonWindowsGetUserFromPid(process.Id);
#else
            IntPtr tokenUserInfo       = IntPtr.Zero;
            IntPtr processTokenHandler = IntPtr.Zero;

            const uint TOKEN_QUERY = 0x0008;

            try
            {
                do
                {
                    int error;
                    if (!Win32Native.OpenProcessToken(ClrFacade.GetSafeProcessHandle(process), TOKEN_QUERY, out processTokenHandler))
                    {
                        break;
                    }

                    // Set the default length to be 256, so it will be sufficient for most cases
                    int tokenInfoLength = 256;
                    tokenUserInfo = Marshal.AllocHGlobal(tokenInfoLength);
                    if (!Win32Native.GetTokenInformation(processTokenHandler, Win32Native.TOKEN_INFORMATION_CLASS.TokenUser, tokenUserInfo, tokenInfoLength, out tokenInfoLength))
                    {
                        error = Marshal.GetLastWin32Error();
                        if (error == Win32Native.ERROR_INSUFFICIENT_BUFFER)
                        {
                            Marshal.FreeHGlobal(tokenUserInfo);
                            tokenUserInfo = Marshal.AllocHGlobal(tokenInfoLength);

                            if (!Win32Native.GetTokenInformation(processTokenHandler, Win32Native.TOKEN_INFORMATION_CLASS.TokenUser, tokenUserInfo, tokenInfoLength, out tokenInfoLength))
                            {
                                break;
                            }
                        }
                        else
                        {
                            break;
                        }
                    }

                    var tokenUser = ClrFacade.PtrToStructure <Win32Native.TOKEN_USER>(tokenUserInfo);

                    // Set the default length to be 256, so it will be sufficient for most cases
                    int userNameLength = 256, domainNameLength = 256;
                    var userNameStr   = new StringBuilder(userNameLength);
                    var domainNameStr = new StringBuilder(domainNameLength);
                    Win32Native.SID_NAME_USE accountType;

                    if (!Win32Native.LookupAccountSid(null, tokenUser.User.Sid, userNameStr, ref userNameLength, domainNameStr, ref domainNameLength, out accountType))
                    {
                        error = Marshal.GetLastWin32Error();
                        if (error == Win32Native.ERROR_INSUFFICIENT_BUFFER)
                        {
                            userNameStr.EnsureCapacity(userNameLength);
                            domainNameStr.EnsureCapacity(domainNameLength);

                            if (!Win32Native.LookupAccountSid(null, tokenUser.User.Sid, userNameStr, ref userNameLength, domainNameStr, ref domainNameLength, out accountType))
                            {
                                break;
                            }
                        }
                        else
                        {
                            break;
                        }
                    }

                    userName = domainNameStr + "\\" + userNameStr;
                } while (false);
            }
            catch (NotSupportedException)
            {
                // The Process not started yet, or it's a process from a remote machine
            }
            catch (InvalidOperationException)
            {
                // The Process has exited, Process.Handle will raise this exception
            }
            catch (Win32Exception)
            {
                // We might get an AccessDenied error
            }
            catch (Exception)
            {
                // I don't expect to get other exceptions,
            }
            finally
            {
                if (tokenUserInfo != IntPtr.Zero)
                {
                    Marshal.FreeHGlobal(tokenUserInfo);
                }

                if (processTokenHandler != IntPtr.Zero)
                {
                    Win32Native.CloseHandle(processTokenHandler);
                }
            }
#endif
            return(userName);
        }
Esempio n. 23
0
        /// <summary>
        /// Gets Method Signature from FuncDesc describing the method.
        /// </summary>
        /// <param name="typeinfo">ITypeInfo interface of the object</param>
        /// <param name="funcdesc">FuncDesc which defines the method</param>
        /// <param name="isPropertyPut">True if this is a property put; these properties take their return type from their first paramenter</param>
        /// <returns>signature of the method</returns>
        internal static string GetMethodSignatureFromFuncDesc(COM.ITypeInfo typeinfo, COM.FUNCDESC funcdesc, bool isPropertyPut)
        {
            StringBuilder builder = new StringBuilder();
            string        name    = GetNameFromFuncDesc(typeinfo, funcdesc);

            if (!isPropertyPut)
            {
                //First get the string for return type.
                string retstring = GetStringFromTypeDesc(typeinfo, funcdesc.elemdescFunc.tdesc);
                builder.Append(retstring + " ");
            }

            //Append the function name
            builder.Append(name);
            builder.Append(" (");

            IntPtr ElementDescriptionArrayPtr = funcdesc.lprgelemdescParam;
            int    ElementDescriptionSize     = ClrFacade.SizeOf <COM.ELEMDESC>();

            for (int i = 0; i < funcdesc.cParams; i++)
            {
                COM.ELEMDESC ElementDescription;
                int          ElementDescriptionArrayByteOffset;
                IntPtr       ElementDescriptionPointer;

                ElementDescription = new COM.ELEMDESC();
                ElementDescriptionArrayByteOffset = i * ElementDescriptionSize;

                //Disable PRefast warning for converting to int32 and converting back into intptr.
                //Code below takes into account 32 bit vs 64 bit conversions
#pragma warning disable 56515
                if (IntPtr.Size == 4)
                {
                    ElementDescriptionPointer = (IntPtr)(ElementDescriptionArrayPtr.ToInt32() + ElementDescriptionArrayByteOffset);
                }
                else
                {
                    ElementDescriptionPointer = (IntPtr)(ElementDescriptionArrayPtr.ToInt64() + ElementDescriptionArrayByteOffset);
                }
#pragma warning restore 56515

                ElementDescription = ClrFacade.PtrToStructure <COM.ELEMDESC>(ElementDescriptionPointer);

                string paramstring = GetStringFromTypeDesc(typeinfo, ElementDescription.tdesc);

                if (i == 0 && isPropertyPut) // use the type of the first argument as the return type
                {
                    builder.Insert(0, paramstring + " ");
                }
                else
                {
                    builder.Append(paramstring);

                    if (i < funcdesc.cParams - 1)
                    {
                        builder.Append(", ");
                    }
                }
            }
            builder.Append(")");

            return(builder.ToString());
        }
Esempio n. 24
0
        private static Signature GetSignatureFromWintrustData(
            string filePath,
            DWORD error,
            NativeMethods.WINTRUST_DATA wtd)
        {
            Signature        signature       = null;
            X509Certificate2 signerCert      = null;
            X509Certificate2 timestamperCert = null;

            s_tracer.WriteLine("GetSignatureFromWintrustData: error: {0}", error);

            // The GetLastWin32Error of this is checked, but PreSharp doesn't seem to be
            // able to see that.
#pragma warning disable 56523
            IntPtr pProvData =
                NativeMethods.WTHelperProvDataFromStateData(wtd.hWVTStateData);
#pragma warning enable 56523

            if (pProvData != IntPtr.Zero)
            {
                IntPtr pProvSigner =
                    NativeMethods.WTHelperGetProvSignerFromChain(pProvData, 0, 0, 0);
                if (pProvSigner != IntPtr.Zero)
                {
                    //
                    // get cert of the signer
                    //
                    signerCert = GetCertFromChain(pProvSigner);

                    if (signerCert != null)
                    {
                        NativeMethods.CRYPT_PROVIDER_SGNR provSigner =
                            (NativeMethods.CRYPT_PROVIDER_SGNR)
                            ClrFacade.PtrToStructure <NativeMethods.CRYPT_PROVIDER_SGNR>(pProvSigner);
                        if (provSigner.csCounterSigners == 1)
                        {
                            //
                            // time stamper cert available
                            //
                            timestamperCert = GetCertFromChain(provSigner.pasCounterSigners);
                        }

                        if (timestamperCert != null)
                        {
                            signature = new Signature(filePath,
                                                      error,
                                                      signerCert,
                                                      timestamperCert);
                        }
                        else
                        {
                            signature = new Signature(filePath,
                                                      error,
                                                      signerCert);
                        }

                        signature.SignatureType = SignatureType.Authenticode;
                    }
                }
            }

            Diagnostics.Assert(((error == 0) && (signature != null)) || (error != 0), "GetSignatureFromWintrustData: general crypto failure");

            if ((signature == null) && (error != 0))
            {
                signature = new Signature(filePath, error);
            }

            return(signature);
        }
Esempio n. 25
0
        // Disable obsolete warning about VarEnum in CoreCLR
#pragma warning disable 618

        /// <summary>
        /// This function gets a string representation of the Type Descriptor
        /// This is used in generating signature for Properties and Methods.
        /// </summary>
        /// <param name="typeinfo">Reference to the type info to which the type descriptor belongs</param>
        /// <param name="typedesc">reference to type descriptor which is being converted to string from</param>
        /// <returns>string representation of the type descriptor</returns>
        private static string GetStringFromTypeDesc(COM.ITypeInfo typeinfo, COM.TYPEDESC typedesc)
        {
            if ((VarEnum)typedesc.vt == VarEnum.VT_PTR)
            {
                COM.TYPEDESC refdesc = ClrFacade.PtrToStructure <COM.TYPEDESC>(typedesc.lpValue);
                return(GetStringFromTypeDesc(typeinfo, refdesc));
            }

            if ((VarEnum)typedesc.vt == VarEnum.VT_SAFEARRAY)
            {
                COM.TYPEDESC refdesc = ClrFacade.PtrToStructure <COM.TYPEDESC>(typedesc.lpValue);
                return("SAFEARRAY(" + GetStringFromTypeDesc(typeinfo, refdesc) + ")");
            }

            if ((VarEnum)typedesc.vt == VarEnum.VT_USERDEFINED)
            {
                return(GetStringFromCustomType(typeinfo, typedesc.lpValue));
            }

            switch ((VarEnum)typedesc.vt)
            {
            case VarEnum.VT_I1:
                return("char");

            case VarEnum.VT_I2:
                return("short");

            case VarEnum.VT_I4:
            case VarEnum.VT_INT:
            case VarEnum.VT_HRESULT:
                return("int");

            case VarEnum.VT_I8:
                return("int64");

            case VarEnum.VT_R4:
                return("float");

            case VarEnum.VT_R8:
                return("double");

            case VarEnum.VT_UI1:
                return("byte");

            case VarEnum.VT_UI2:
                return("ushort");

            case VarEnum.VT_UI4:
            case VarEnum.VT_UINT:
                return("uint");

            case VarEnum.VT_UI8:
                return("uint64");

            case VarEnum.VT_BSTR:
            case VarEnum.VT_LPSTR:
            case VarEnum.VT_LPWSTR:
                return("string");

            case VarEnum.VT_DATE:
                return("Date");

            case VarEnum.VT_BOOL:
                return("bool");

            case VarEnum.VT_CY:
                return("currency");

            case VarEnum.VT_DECIMAL:
                return("decimal");

            case VarEnum.VT_CLSID:
                return("clsid");

            case VarEnum.VT_DISPATCH:
                return("IDispatch");

            case VarEnum.VT_UNKNOWN:
                return("IUnknown");

            case VarEnum.VT_VARIANT:
                return("Variant");

            case VarEnum.VT_VOID:
                return("void");

            case VarEnum.VT_ARRAY:
                return("object[]");

            case VarEnum.VT_EMPTY:
                return("");

            default:
                return("Unknown!");
            }
        }