public static bool HasValidSignature(string fileName) { try { if (_isValidCache.Contains(fileName)) { return true; } var wtd = new WinTrustData(fileName); var guidAction = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2); WinVerifyTrustResult result = WinTrust.WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd); bool ret = (result == WinVerifyTrustResult.Success); if (ret) { _isValidCache.Add(fileName); } #if COAPP_ENGINE_CORE var response = Event<GetResponseInterface>.RaiseFirst(); if( response != null ) { response.SignatureValidation(fileName, ret, ret ? Verifier.GetPublisherInformation(fileName)["PublisherName"] : null); } #endif return ret; } catch (Exception) { return false; } }
public static bool HasValidSignature(string fileName) { try { if (_isValidCache.Contains(fileName)) { return(true); } var wtd = new WinTrustData(fileName); var guidAction = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2); WinVerifyTrustResult result = WinTrust.WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd); bool ret = (result == WinVerifyTrustResult.Success); if (ret) { _isValidCache.Add(fileName); } #if COAPP_ENGINE_CORE var response = Event <GetResponseInterface> .RaiseFirst(); if (response != null) { response.SignatureValidation(fileName, ret, ret ? Verifier.GetPublisherInformation(fileName)["PublisherName"] : null); } #endif return(ret); } catch (Exception) { return(false); } }
/// /// Calls WinTrust.WinVerifyTrust() to check embedded file signature /// /// absolute path and file name /// validation to perform /// enumeration /// true if the signature is valid, otherwise false public static bool VerifyEmbeddedSignature(string fileName, Guid guidAction, WinTrustDataRevocationChecks revocationChecks) { WinTrustData wtd = new WinTrustData(fileName, revocationChecks); WinVerifyTrustResult result = WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd); return(result == WinVerifyTrustResult.Success); }
/// <summary> /// Given a catalog file, extracts the signer name /// </summary> /// <param name="FileName"></param> /// <param name="SignerName"></param> /// <returns></returns> public static WinVerifyTrustResult VerifyCatalogFile(string FileName, string CatalogName, string Hash, IntPtr hCatAdmin) { // Much of this comes from: http://forum.sysinternals.com/howto-verify-the-digital-signature-of-a-file_topic19247.html WinVerifyTrustResult result = WinVerifyTrustResult.FileNotSigned; WinTrustData wtd = new WinTrustData(FileName, true, Hash, CatalogName, hCatAdmin); wtd.dwStateAction = WinTrustDataStateAction.Verify; Guid guidAction = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2); try { result = WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd); if (result != WinVerifyTrustResult.Success) { return(result); } } finally { // Clean up wtd.dwStateAction = WinTrustDataStateAction.Close; WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd); } return(result); }
// call WinTrust.WinVerifyTrust() to check embedded file signature public static bool VerifyEmbeddedSignature(string fileName) { var wtd = new WinTrustData(fileName); var guidAction = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2); WinVerifyTrustResult result = WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd); bool ret = (result == WinVerifyTrustResult.Success); return ret; }
public static bool CheckSignature(IntPtr ownerWindow, string filename, bool enableUi, out string errorMessage) { using (var wtd = new WinTrustData(filename) { UIChoice = enableUi ? WinTrustDataUIChoice.All : WinTrustDataUIChoice.None, UIContext = WinTrustDataUIContext.Execute, RevocationChecks = WinTrustDataRevocationChecks.WholeChain, StateAction = WinTrustDataStateAction.Ignore, ProvFlags = WinTrustDataProvFlags.RevocationCheckChain }) { var trustResult = WinTrust.WinVerifyTrust( ownerWindow, new Guid(WinTrust.WINTRUST_ACTION_GENERIC_VERIFY_V2), wtd ); if (trustResult == WinVerifyTrustResult.Success) { errorMessage = null; return(true); } else { var sb = new StringBuilder(1024); var charCount = FormatMessage( FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS, IntPtr.Zero, (uint)trustResult, 0, sb, (uint)sb.Capacity, IntPtr.Zero ); errorMessage = sb.ToString(0, (int)charCount); return(false); } } }
public bool IsSignedAndTrusted(string filename, IRequest request) { if (request == null) { throw new ArgumentNullException("request"); } if (!request.IsCanceled) { if (String.IsNullOrWhiteSpace(filename) || !filename.FileExists()) { return(false); } Debug(request, "Calling 'ProviderService::IsSignedAndTrusted, '{0}'", filename); // we are not using this function anywhere. Only MSI provider is using this method. #if !CORECLR var wtd = new WinTrustData(filename); var result = NativeMethods.WinVerifyTrust(new IntPtr(-1), new Guid("{00AAC56B-CD44-11d0-8CC2-00C04FC295EE}"), wtd); return(result == WinVerifyTrustResult.Success); #endif } return(false); }
// call WinTrust.WinVerifyTrust() to check embedded file signature public static bool VerifyEmbeddedSignature(string fileName) { WinTrustFileInfo winTrustFileInfo = null; WinTrustData winTrustData = null; try { winTrustFileInfo = new WinTrustFileInfo(fileName); winTrustData = new WinTrustData(winTrustFileInfo); Guid guidAction = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2); WinVerifyTrustResult result = WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, winTrustData); bool ret = (result == WinVerifyTrustResult.Success); return(ret); } finally { // free the locally-held unmanaged memory in the data structures if (winTrustFileInfo != null) { winTrustFileInfo.Dispose(); } if (winTrustData != null) { winTrustData.Dispose(); } } }
/// <summary> /// Calls WinVerifyTrust() to check embedded file signature /// </summary> /// <param name="FileName"></param> /// <param name="SignerName"></param> /// <returns></returns> public static WinVerifyTrustResult VerifyEmbeddedSignature(string FileName) { WinVerifyTrustResult result = WinVerifyTrustResult.FileNotSigned; WinTrustData wtd = new WinTrustData(FileName, false, null, null, IntPtr.Zero); wtd.dwStateAction = WinTrustDataStateAction.Verify; Guid guidAction = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2); try { try { result = WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd); if (result != WinVerifyTrustResult.Success) { return(result); } } catch (Exception) { } } finally { // Clean up wtd.dwStateAction = WinTrustDataStateAction.Close; WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd); } return(result); }
// call WinTrust.WinVerifyTrust() to check embedded file signature public static bool VerifyEmbeddedSignature(string fileName) { WinTrustData wtd = new WinTrustData(fileName); Guid guidAction = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2); WinVerifyTrustResult result = WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd); bool ret = (result == WinVerifyTrustResult.Success); return(ret); }
// call WinTrust.WinVerifyTrust() to check embedded file signature public static bool VerifyEmbeddedSignature(string fileName, bool allowInvalidRoot) { WinTrustData wtd = new WinTrustData(fileName); Guid guidAction = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2); WinVerifyTrustResult result = WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd); logger.Info("Result: {0}", result); bool ret = (result == WinVerifyTrustResult.Success || (allowInvalidRoot && result == WinVerifyTrustResult.UntrustedRoot)); return(ret); }
// call WinTrust.WinVerifyTrust() to check embedded file signature public static WinVerifyTrustResult VerifyEmbeddedSignature(string fileName) { var result = WinVerifyTrustResult.Success; using (WinTrustData wtd = new WinTrustData(fileName)) { Guid guidAction = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2); result = WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd); } return(result); }
public bool SignatureExist(string fileName) { WinTrustFileInfo wtfi = new WinTrustFileInfo(fileName); WinTrustData wtd = new WinTrustData(wtfi); Guid guidAction = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2); WinVerifyTrustResult result = Win32Api.WinVerifyTrust(new IntPtr(-1), guidAction, wtd); bool ret = (result == WinVerifyTrustResult.Success); wtfi.Dispose(); wtd.Dispose(); return(ret); }
private bool IsFileTrusted(string filePath) { if (string.IsNullOrEmpty(filePath)) { throw new ArgumentNullException(nameof(filePath)); } _file = File.OpenRead(filePath); using (var fileInfo = new WinTrustFileInfo(filePath)) using (var winTrustData = new WinTrustData(fileInfo)) { var result = WinVerifyTrust(IntPtr.Zero, WINTRUST_ACTION_GENERIC_VERIFY_V2, winTrustData); return(result == WinVerifyTrustResult.Success); } }
public static bool IsAuthenticodeSigned(string path) { var fileInfo = new WinTrustFileInfo { cbStruct = (uint)Marshal.SizeOf <WinTrustFileInfo>(), pcwszFilePath = Path.GetFullPath(path), hFile = IntPtr.Zero, pgKnownSubject = IntPtr.Zero }; var data = new WinTrustData { cbStruct = (uint)Marshal.SizeOf <WinTrustData>(), dwProvFlags = Convert.ToUInt32(Provider.WTD_SAFER_FLAG), dwStateAction = Convert.ToUInt32(StateAction.WTD_STATEACTION_IGNORE), dwUIChoice = Convert.ToUInt32(UIChoice.WTD_UI_NONE), dwUIContext = 0, dwUnionChoice = Convert.ToUInt32(UnionChoice.WTD_CHOICE_FILE), fdwRevocationChecks = Convert.ToUInt32(RevocationChecks.WTD_REVOKE_NONE), hWVTStateData = IntPtr.Zero, pFile = Marshal.AllocHGlobal(Marshal.SizeOf <WinTrustFileInfo>()), pPolicyCallbackData = IntPtr.Zero, pSIPClientData = IntPtr.Zero, pwszURLReference = IntPtr.Zero }; // TODO: Potential memory leak. Need to invetigate Marshal.StructureToPtr(fileInfo, data.pFile, false); var pGuid = Marshal.AllocHGlobal(Marshal.SizeOf <Guid>()); var pData = Marshal.AllocHGlobal(Marshal.SizeOf <WinTrustData>()); Marshal.StructureToPtr(data, pData, true); Marshal.StructureToPtr(new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2), pGuid, true); var result = WinVerifyTrust(IntPtr.Zero, pGuid, pData); Marshal.FreeHGlobal(pGuid); Marshal.FreeHGlobal(pData); return(result == 0); }
/// <summary> /// Calls WinVerifyTrust() to check embedded file signature /// </summary> /// <param name="FileName"></param> /// <param name="SignerName"></param> /// <returns></returns> public static WinVerifyTrustResult VerifyEmbeddedSignature(string FileName, out List <Signer> Signers) { Signers = null; WinVerifyTrustResult result = WinVerifyTrustResult.FileNotSigned; WinTrustData wtd = new WinTrustData(FileName, false, null, null, IntPtr.Zero); wtd.dwStateAction = WinTrustDataStateAction.Verify; Guid guidAction = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2); try { try { Log.Debug("Getting embedded signature"); result = WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd); if (result != WinVerifyTrustResult.Success) { if (result != WinVerifyTrustResult.FileNotSigned) { // TODO We should handle this as this is weird Log.Warn("Verification failed due to reason {0}", result); } return(result); } var signer = GetSignerFromStateData(wtd.hWVTStateData); Signers = new List <Signer>(); Signers.Add(signer); } catch (Exception e) { Log.Exception(e, "Exception in VerifyEmbeddedSignature"); } } finally { // Clean up wtd.dwStateAction = WinTrustDataStateAction.Close; WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd); } return(result); }
public static uint IsSigned(string path) { WinTrustFileInfo fileInfo = new WinTrustFileInfo() { cbStruct = (uint)Marshal.SizeOf(typeof(WinTrustFileInfo)), pcwszFilePath = Path.GetFullPath(path), hFile = IntPtr.Zero, pgKnownSubject = IntPtr.Zero }; WinTrustData data = new WinTrustData() { cbStruct = (uint)Marshal.SizeOf(typeof(WinTrustData)), dwProvFlags = 0, dwStateAction = Convert.ToUInt32(StateAction.WTD_STATEACTION_IGNORE), dwUIChoice = Convert.ToUInt32(UIChoice.WTD_UI_NONE), dwUIContext = 0, dwUnionChoice = Convert.ToUInt32(UnionChoice.WTD_CHOICE_FILE), fdwRevocationChecks = Convert.ToUInt32(RevocationChecks.WTD_REVOKE_NONE), hWVTStateData = IntPtr.Zero, pFile = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(WinTrustFileInfo))), pPolicyCallbackData = IntPtr.Zero, pSIPClientData = IntPtr.Zero, pwszURLReference = IntPtr.Zero }; // Potential memory leak. Need to investigate Marshal.StructureToPtr(fileInfo, data.pFile, false); IntPtr pGuid = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(Guid))); IntPtr pData = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(WinTrustData))); Marshal.StructureToPtr(data, pData, true); Marshal.StructureToPtr(WinTrust.WINTRUST_ACTION_GENERIC_VERIFY_V2, pGuid, true); uint result = WinTrust.WinVerifyTrust(IntPtr.Zero, pGuid, pData); Marshal.FreeHGlobal(pGuid); Marshal.FreeHGlobal(pData); return(result); }
public bool IsSignedAndTrusted(string filename, Object requestImpl) { if (requestImpl == null) { throw new ArgumentNullException("requestImpl"); } if (string.IsNullOrEmpty(filename) || !FileExists(filename)) { return(false); } using (var request = requestImpl.As <Request>()) { request.Debug("Calling 'ProviderService::IsSignedAndTrusted, '{0}'", filename); var wtd = new WinTrustData(filename); var result = NativeMethods.WinVerifyTrust(new IntPtr(-1), new Guid("{00AAC56B-CD44-11d0-8CC2-00C04FC295EE}"), wtd); return(result == WinVerifyTrustResult.Success); } }
public static WinVerifyResult VerifyEmbeddedSignature(string path) { WinTrustFileInfo winTrustFileInfo = null; WinTrustData winTrustData = null; try { // specify the WinVerifyTrust function/action that we want var action = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2); // instantiate our WinTrustFileInfo and WinTrustData data structures winTrustFileInfo = new WinTrustFileInfo(path); winTrustData = new WinTrustData(winTrustFileInfo); // call into WinVerifyTrust return(WinVerifyTrust(INVALID_HANDLE_VALUE, action, winTrustData)); } finally { // free the locally-held unmanaged memory in the data structures winTrustFileInfo?.Dispose(); winTrustData?.Dispose(); } }
/// <summary> /// Given a catalog file, extracts the signer name /// </summary> /// <param name="FileName"></param> /// <param name="SignerName"></param> /// <returns></returns> public static WinVerifyTrustResult VerifyCatalogFile(string FileName, string CatalogName, string Hash, out List <Signer> Signers, IntPtr hCatAdmin) { // Much of this comes from: http://forum.sysinternals.com/howto-verify-the-digital-signature-of-a-file_topic19247.html WinVerifyTrustResult result = WinVerifyTrustResult.FileNotSigned; WinTrustData wtd = new WinTrustData(FileName, true, Hash, CatalogName, hCatAdmin); wtd.dwStateAction = WinTrustDataStateAction.Verify; Guid guidAction = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2); Signers = null; try { result = WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd); if (result != WinVerifyTrustResult.Success) { if (result != WinVerifyTrustResult.FileNotSigned) { Log.Warn("Verification failed due to reason {0}", result); } return(result); } var signer = GetSignerFromStateData(wtd.hWVTStateData); Signers = new List <Signer>(); Signers.Add(signer); } finally { // Clean up wtd.dwStateAction = WinTrustDataStateAction.Close; WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd); } return(result); }
public static string VerifyEmbeddedSignature(string filename) { try { WinTrustFileInfo winTrustFileInfo = null; WinTrustData winTrustData = null; // specify the WinVerifyTrust function/action that we want Guid action = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2); // instantiate our WinTrustFileInfo and WinTrustData data structures winTrustFileInfo = new WinTrustFileInfo(filename); winTrustData = new WinTrustData(filename); WinVerifyTrustResult result = WinVerifyTrust(INVALID_HANDLE_VALUE, action, winTrustData); // call into WinVerifyTrust switch (result) { case WinVerifyTrustResult.Success: return("Valid"); case WinVerifyTrustResult.ProviderUnknown: return("ProviderUnknown"); case WinVerifyTrustResult.ActionUnknown: return("ActionUnknown"); case WinVerifyTrustResult.SubjectFormUnknown: return("SubjectFormUnknown"); case WinVerifyTrustResult.SubjectNotTrusted: return("SubjectNotTrusted"); case WinVerifyTrustResult.FileNotSigned: return("FileNotSigned"); case WinVerifyTrustResult.SubjectExplicitlyDistrusted: return("SubjectExplicitlyDistrusted"); case WinVerifyTrustResult.SignatureOrFileCorrupt: return("SignatureOrFileCorrupt"); case WinVerifyTrustResult.SubjectCertExpired: return("SubjectCertExpired"); case WinVerifyTrustResult.SubjectCertificateRevoked: return("SubjectCertificateRevoked"); case WinVerifyTrustResult.UntrustedRoot: return("UntrustedRoot"); default: // The UI was disabled in dwUIChoice or the admin policy // has disabled user trust. lStatus contains the // publisher or time stamp chain error. return(result.ToString()); } } catch (Exception e) when( e is System.AccessViolationException || e is Exception) { Dictionary <string, string> ExceptionEvent = new Dictionary <string, string>(); ExceptionEvent.Add("Exception Type", e.GetType().ToString()); AsaTelemetry.TrackEvent("VerifyEmbeddedSignatureException", ExceptionEvent); return("FailedToFetch"); } }
internal static extern long WinVerifyTrust(IntPtr windowHandle, ref Guid actionGuid, ref WinTrustData trustData);
internal static extern WinVerifyTrustResult WinVerifyTrust(IntPtr hwnd, [MarshalAs(UnmanagedType.LPStruct)] Guid pgActionID, WinTrustData pWVTData);
static extern WinVerifyTrustResult WinVerifyTrust( [In] IntPtr hwnd, // _In_ HWND hWnd, [In][MarshalAs(UnmanagedType.LPStruct)] Guid pgActionID, // _In_ GUID *pgActionID, [In, Out] WinTrustData pWVTData // _In_ LPVOID pWVTData );
public static bool CheckSignature(IntPtr ownerWindow, string filename, bool enableUi, out string errorMessage) { using (var wtd = new WinTrustData(filename) { UIChoice = enableUi ? WinTrustDataUIChoice.All : WinTrustDataUIChoice.None, UIContext = WinTrustDataUIContext.Execute, RevocationChecks = WinTrustDataRevocationChecks.WholeChain, StateAction = WinTrustDataStateAction.Ignore, ProvFlags = WinTrustDataProvFlags.RevocationCheckChain }) { var trustResult = WinTrust.WinVerifyTrust( ownerWindow, new Guid(WinTrust.WINTRUST_ACTION_GENERIC_VERIFY_V2), wtd ); if (trustResult == WinVerifyTrustResult.Success) { errorMessage = null; return true; } else { var sb = new StringBuilder(1024); var charCount = FormatMessage( FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS, IntPtr.Zero, (uint)trustResult, 0, sb, (uint)sb.Capacity, IntPtr.Zero ); errorMessage = sb.ToString(0, (int)charCount); return false; } } }
private static extern WinVerifyResult WinVerifyTrust( [In] IntPtr hwnd, [In][MarshalAs(UnmanagedType.LPStruct)] Guid pgActionID, [In] WinTrustData pWVTData );
public bool IsSignedAndTrusted(string filename, IRequest request) { if (request == null) { throw new ArgumentNullException("request"); } if (!request.IsCanceled) { if (String.IsNullOrWhiteSpace(filename) || !filename.FileExists()) { return false; } Debug(request, "Calling 'ProviderService::IsSignedAndTrusted, '{0}'", filename); // we are not using this function anywhere #if !UNIX var wtd = new WinTrustData(filename); var result = NativeMethods.WinVerifyTrust(new IntPtr(-1), new Guid("{00AAC56B-CD44-11d0-8CC2-00C04FC295EE}"), wtd); return result == WinVerifyTrustResult.Success; #endif } return false; }
public static bool IsAuthenticodeSigned(string path) { WinTrustFileInfo fileInfo = new WinTrustFileInfo() { cbStruct = (uint)Marshal.SizeOf(typeof(WinTrustFileInfo)), pcwszFilePath = Path.GetFullPath(path), hFile = IntPtr.Zero, pgKnownSubject = IntPtr.Zero }; WinTrustData data = new WinTrustData() { cbStruct = (uint)Marshal.SizeOf(typeof(WinTrustData)), dwProvFlags = Convert.ToUInt32(Provider.WTD_SAFER_FLAG), dwStateAction = Convert.ToUInt32(StateAction.WTD_STATEACTION_IGNORE), dwUIChoice = Convert.ToUInt32(UIChoice.WTD_UI_NONE), dwUIContext = 0, dwUnionChoice = Convert.ToUInt32(UnionChoice.WTD_CHOICE_FILE), fdwRevocationChecks = Convert.ToUInt32(RevocationChecks.WTD_REVOKE_NONE), hWVTStateData = IntPtr.Zero, pFile = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(WinTrustFileInfo))), pPolicyCallbackData = IntPtr.Zero, pSIPClientData = IntPtr.Zero, pwszURLReference = IntPtr.Zero }; // TODO: Potential memory leak. Need to invetigate Marshal.StructureToPtr(fileInfo, data.pFile, false); IntPtr pGuid = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(Guid))); IntPtr pData = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(WinTrustData))); Marshal.StructureToPtr(data, pData, true); Marshal.StructureToPtr(new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2), pGuid, true); uint result = WinVerifyTrust(IntPtr.Zero, pGuid, pData); Marshal.FreeHGlobal(pGuid); Marshal.FreeHGlobal(pData); return result == 0; }
public static WinVerifyTrustResult VerifyEmbeddedSignature(string filename) { var data = new WinTrustData(filename); var action = new Guid(WintrustActionGenericVerifyV2); return WinVerifyTrust(InvalidHandleValue, action, data); }
// call WinTrust.WinVerifyTrust() to check embedded file signature public static string VerifyEmbeddedSignature(string filename) { WinTrustFileInfo winTrustFileInfo = null; WinTrustData winTrustData = null; try { // specify the WinVerifyTrust function/action that we want Guid action = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2); // instantiate our WinTrustFileInfo and WinTrustData data structures winTrustFileInfo = new WinTrustFileInfo(filename); winTrustData = new WinTrustData(filename); // call into WinVerifyTrust WinVerifyTrustResult result = WinVerifyTrust(INVALID_HANDLE_VALUE, action, winTrustData); switch (result) { case WinVerifyTrustResult.Success: return("Valid"); case WinVerifyTrustResult.ProviderUnknown: return("ProviderUnknown"); case WinVerifyTrustResult.ActionUnknown: return("ActionUnknown"); case WinVerifyTrustResult.SubjectFormUnknown: return("SubjectFormUnknown"); case WinVerifyTrustResult.SubjectNotTrusted: return("SubjectNotTrusted"); case WinVerifyTrustResult.FileNotSigned: return("FileNotSigned"); case WinVerifyTrustResult.SubjectExplicitlyDistrusted: return("SubjectExplicitlyDistrusted"); case WinVerifyTrustResult.SignatureOrFileCorrupt: return("SignatureOrFileCorrupt"); case WinVerifyTrustResult.SubjectCertExpired: return("SubjectCertExpired"); case WinVerifyTrustResult.SubjectCertificateRevoked: return("SubjectCertificateRevoked"); case WinVerifyTrustResult.UntrustedRoot: return("UntrustedRoot"); default: // The UI was disabled in dwUIChoice or the admin policy // has disabled user trust. lStatus contains the // publisher or time stamp chain error. return(result.ToString()); } } catch (Exception e) { Log.Debug("{0} error decoding signature on {1}", e.GetType().ToString(), filename); } return("Unknown"); }
public void InstallPackage(string fastPath, RequestImpl requestImpl) { if (requestImpl == null) { throw new ArgumentNullException("requestImpl"); } // ensure that mandatory parameters are present. using (var request = requestImpl.As <Request>()) { request.Debug("Calling 'Bootstrap::InstallPackage'"); // verify the package integrity (ie, check if it's digitally signed before installing) var master = request.DownloadSwidtag(_urls); if (master == null) { request.Warning(Constants.ProviderSwidtagUnavailable); return; } var provider = request.GetProvider(master, fastPath); if (provider != null) { // install the 'package' if (!provider.XPath("/swid:SoftwareIdentity/swid:Meta[@providerType = 'assembly']").Any()) { request.Error(ErrorCategory.InvalidOperation, fastPath, request.FormatMessageString(Constants.UnsupportedProviderType, fastPath)); return; } if (!Directory.Exists(request.DestinationPath)) { request.Error(ErrorCategory.InvalidOperation, fastPath, request.FormatMessageString(Constants.DestinationPathNotSet)); return; } var targetFilename = provider.XPath("/swid:SoftwareIdentity/swid:Meta[@targetFilename]").GetAttribute("targetFilename"); if (string.IsNullOrEmpty(targetFilename)) { request.Error(ErrorCategory.InvalidOperation, fastPath, request.FormatMessageString(Constants.InvalidFilename)); return; } targetFilename = Path.GetFileName(targetFilename); var targetFile = Path.Combine(request.DestinationPath, targetFilename); string tmpFile = null; var failedBecauseInvalid = false; // download the file foreach (var link in provider.XPath("/swid:SoftwareIdentity/swid:Link[@rel = 'installationmedia']")) { var href = link.Attributes["href"]; if (string.IsNullOrEmpty(href) || !Uri.IsWellFormedUriString(href, UriKind.Absolute)) { request.Debug("Bad or missing uri: {0}", href); continue; } try { tmpFile = targetFilename.GenerateTemporaryFilename(); request.Debug("Downloading '{0}' to '{1}'", href, tmpFile); if (!request.DownloadFileToLocation(new Uri(href), tmpFile)) { request.Debug("Failed download of '{0}'", href); continue; } request.Debug("Verifying the package"); // verify the package var wtd = new WinTrustData(tmpFile); var result = NativeMethods.WinVerifyTrust(new IntPtr(-1), new Guid("{00AAC56B-CD44-11d0-8CC2-00C04FC295EE}"), wtd); if (result != WinVerifyTrustResult.Success) { request.Debug("Not Valid file '{0}' => '{1}'", href, tmpFile); failedBecauseInvalid = true; request.Warning(Constants.FileFailedVerification, href); #if !DEBUG tmpFile.TryHardToDelete(); continue; #endif } // looks good! let's keep it if (File.Exists(targetFile)) { request.Debug("Removing old file '{0}'", targetFile); targetFile.TryHardToDelete(); } // is that file still there? if (File.Exists(targetFile)) { request.Error(ErrorCategory.InvalidOperation, fastPath, Constants.UnableToRemoveFile, targetFile); return; } request.Debug("Copying file '{0}' to '{1}'", tmpFile, targetFile); File.Copy(tmpFile, targetFile); if (File.Exists(targetFile)) { // looks good to me. request.YieldFromSwidtag(provider, null, null, null, fastPath); return; } } catch (Exception e) { e.Dump(); } finally { if (!string.IsNullOrEmpty(tmpFile)) { tmpFile.TryHardToDelete(); } } } if (failedBecauseInvalid) { request.Error(ErrorCategory.InvalidData, fastPath, Constants.FileFailedVerification, fastPath); } } else { request.Error(ErrorCategory.InvalidData, fastPath, Constants.UnableToResolvePackage, fastPath); } } }
internal static extern WinTrustErrorCode WinVerifyTrust(IntPtr hwnd, [MarshalAs(UnmanagedType.LPStruct)] Guid pgActionID, WinTrustData pWVTData);