private static Signature GetSignatureFromWintrustData( string filePath, uint error, System.Management.Automation.Security.NativeMethods.WINTRUST_DATA wtd) { Signature signature = (Signature)null; X509Certificate2 timestamper = (X509Certificate2)null; SignatureHelper.tracer.WriteLine("GetSignatureFromWintrustData: error: {0}", (object)error); IntPtr pProvData = System.Management.Automation.Security.NativeMethods.WTHelperProvDataFromStateData(wtd.hWVTStateData); if (pProvData != IntPtr.Zero) { IntPtr provSignerFromChain = System.Management.Automation.Security.NativeMethods.WTHelperGetProvSignerFromChain(pProvData, 0U, 0U, 0U); if (provSignerFromChain != IntPtr.Zero) { X509Certificate2 certFromChain = SignatureHelper.GetCertFromChain(provSignerFromChain); if (certFromChain != null) { System.Management.Automation.Security.NativeMethods.CRYPT_PROVIDER_SGNR structure = (System.Management.Automation.Security.NativeMethods.CRYPT_PROVIDER_SGNR)Marshal.PtrToStructure(provSignerFromChain, typeof(System.Management.Automation.Security.NativeMethods.CRYPT_PROVIDER_SGNR)); if (structure.csCounterSigners == 1U) { timestamper = SignatureHelper.GetCertFromChain(structure.pasCounterSigners); } signature = timestamper == null ? new Signature(filePath, error, certFromChain) : new Signature(filePath, error, certFromChain, timestamper); } } } if (signature == null && error != 0U) { signature = new Signature(filePath, error); } return(signature); }
private static uint GetWinTrustData( string fileName, string fileContent, out System.Management.Automation.Security.NativeMethods.WINTRUST_DATA wtData) { using (SignatureHelper.tracer.TraceMethod(fileName, new object[0])) { uint num1 = 2147500037; IntPtr num2 = IntPtr.Zero; IntPtr num3 = IntPtr.Zero; Guid guid = new Guid("00AAC56B-CD44-11d0-8CC2-00C04FC295EE"); try { num2 = Marshal.AllocCoTaskMem(Marshal.SizeOf((object)guid)); Marshal.StructureToPtr((object)guid, num2, false); System.Management.Automation.Security.NativeMethods.WINTRUST_DATA wintrustData = fileContent != null?System.Management.Automation.Security.NativeMethods.InitWintrustDataStructFromBlob(System.Management.Automation.Security.NativeMethods.InitWintrustBlobInfoStruct(fileName, fileContent)) : System.Management.Automation.Security.NativeMethods.InitWintrustDataStructFromFile(System.Management.Automation.Security.NativeMethods.InitWintrustFileInfoStruct(fileName)); num3 = Marshal.AllocCoTaskMem(Marshal.SizeOf((object)wintrustData)); Marshal.StructureToPtr((object)wintrustData, num3, false); num1 = System.Management.Automation.Security.NativeMethods.WinVerifyTrust(IntPtr.Zero, num2, num3); wtData = (System.Management.Automation.Security.NativeMethods.WINTRUST_DATA)Marshal.PtrToStructure(num3, typeof(System.Management.Automation.Security.NativeMethods.WINTRUST_DATA)); } finally { Marshal.DestroyStructure(num2, typeof(Guid)); Marshal.FreeCoTaskMem(num2); Marshal.DestroyStructure(num3, typeof(System.Management.Automation.Security.NativeMethods.WINTRUST_DATA)); Marshal.FreeCoTaskMem(num3); } return(num1); } }
private static uint GetWinTrustData(string fileName, string fileContent, out System.Management.Automation.Security.NativeMethods.WINTRUST_DATA wtData) { uint num = 0x80004005; IntPtr zero = IntPtr.Zero; IntPtr ptr = IntPtr.Zero; Guid structure = new Guid("00AAC56B-CD44-11d0-8CC2-00C04FC295EE"); try { System.Management.Automation.Security.NativeMethods.WINTRUST_DATA wintrust_data; zero = Marshal.AllocCoTaskMem(Marshal.SizeOf(structure)); Marshal.StructureToPtr(structure, zero, false); if (fileContent == null) { wintrust_data = System.Management.Automation.Security.NativeMethods.InitWintrustDataStructFromFile(System.Management.Automation.Security.NativeMethods.InitWintrustFileInfoStruct(fileName)); } else { wintrust_data = System.Management.Automation.Security.NativeMethods.InitWintrustDataStructFromBlob(System.Management.Automation.Security.NativeMethods.InitWintrustBlobInfoStruct(fileName, fileContent)); } ptr = Marshal.AllocCoTaskMem(Marshal.SizeOf(wintrust_data)); Marshal.StructureToPtr(wintrust_data, ptr, false); num = System.Management.Automation.Security.NativeMethods.WinVerifyTrust(IntPtr.Zero, zero, ptr); wtData = (System.Management.Automation.Security.NativeMethods.WINTRUST_DATA)Marshal.PtrToStructure(ptr, typeof(System.Management.Automation.Security.NativeMethods.WINTRUST_DATA)); } finally { Marshal.DestroyStructure(zero, typeof(Guid)); Marshal.FreeCoTaskMem(zero); Marshal.DestroyStructure(ptr, typeof(System.Management.Automation.Security.NativeMethods.WINTRUST_DATA)); Marshal.FreeCoTaskMem(ptr); } return(num); }
private static System.Management.Automation.Signature GetSignatureFromWintrustData(string filePath, uint error, System.Management.Automation.Security.NativeMethods.WINTRUST_DATA wtd) { System.Management.Automation.Signature signature = null; X509Certificate2 signer = null; X509Certificate2 timestamper = null; tracer.WriteLine("GetSignatureFromWintrustData: error: {0}", new object[] { error }); IntPtr pProvData = System.Management.Automation.Security.NativeMethods.WTHelperProvDataFromStateData(wtd.hWVTStateData); if (pProvData != IntPtr.Zero) { IntPtr pSigner = System.Management.Automation.Security.NativeMethods.WTHelperGetProvSignerFromChain(pProvData, 0, 0, 0); if (pSigner != IntPtr.Zero) { signer = GetCertFromChain(pSigner); if (signer != null) { System.Management.Automation.Security.NativeMethods.CRYPT_PROVIDER_SGNR crypt_provider_sgnr = (System.Management.Automation.Security.NativeMethods.CRYPT_PROVIDER_SGNR)Marshal.PtrToStructure(pSigner, typeof(System.Management.Automation.Security.NativeMethods.CRYPT_PROVIDER_SGNR)); if (crypt_provider_sgnr.csCounterSigners == 1) { timestamper = GetCertFromChain(crypt_provider_sgnr.pasCounterSigners); } if (timestamper != null) { signature = new System.Management.Automation.Signature(filePath, error, signer, timestamper); } else { signature = new System.Management.Automation.Signature(filePath, error, signer); } } } } if ((signature == null) && (error != 0)) { signature = new System.Management.Automation.Signature(filePath, error); } return(signature); }