public static bool HasValidSignature(string fileName) {
try {
if (_isValidCache.Contains(fileName)) {
return true;
}
var wtd = new WinTrustData(fileName);
var guidAction = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2);
WinVerifyTrustResult result = WinTrust.WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd);
bool ret = (result == WinVerifyTrustResult.Success);
if (ret) {
_isValidCache.Add(fileName);
}
#if COAPP_ENGINE_CORE
var response = Event<GetResponseInterface>.RaiseFirst();
if( response != null ) {
response.SignatureValidation(fileName, ret, ret ? Verifier.GetPublisherInformation(fileName)["PublisherName"] : null);
}
#endif
return ret;
} catch (Exception) {
return false;
}
}
public static bool HasValidSignature(string fileName)
{
try {
if (_isValidCache.Contains(fileName))
{
return(true);
}
var wtd = new WinTrustData(fileName);
var guidAction = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2);
WinVerifyTrustResult result = WinTrust.WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd);
bool ret = (result == WinVerifyTrustResult.Success);
if (ret)
{
_isValidCache.Add(fileName);
}
#if COAPP_ENGINE_CORE
var response = Event <GetResponseInterface> .RaiseFirst();
if (response != null)
{
response.SignatureValidation(fileName, ret, ret ? Verifier.GetPublisherInformation(fileName)["PublisherName"] : null);
}
#endif
return(ret);
} catch (Exception) {
return(false);
}
}
///
/// Calls WinTrust.WinVerifyTrust() to check embedded file signature
///
/// absolute path and file name
/// validation to perform
/// enumeration
/// true if the signature is valid, otherwise false
public static bool VerifyEmbeddedSignature(string fileName, Guid guidAction, WinTrustDataRevocationChecks revocationChecks)
{
WinTrustData wtd = new WinTrustData(fileName, revocationChecks);
WinVerifyTrustResult result = WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd);
return(result == WinVerifyTrustResult.Success);
}
/// <summary>
/// Given a catalog file, extracts the signer name
/// </summary>
/// <param name="FileName"></param>
/// <param name="SignerName"></param>
/// <returns></returns>
public static WinVerifyTrustResult VerifyCatalogFile(string FileName, string CatalogName, string Hash, IntPtr hCatAdmin)
{
// Much of this comes from: http://forum.sysinternals.com/howto-verify-the-digital-signature-of-a-file_topic19247.html
WinVerifyTrustResult result = WinVerifyTrustResult.FileNotSigned;
WinTrustData wtd = new WinTrustData(FileName, true, Hash, CatalogName, hCatAdmin);
wtd.dwStateAction = WinTrustDataStateAction.Verify;
Guid guidAction = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2);
try
{
result = WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd);
if (result != WinVerifyTrustResult.Success)
{
return(result);
}
}
finally
{
// Clean up
wtd.dwStateAction = WinTrustDataStateAction.Close;
WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd);
}
return(result);
}
// call WinTrust.WinVerifyTrust() to check embedded file signature
public static bool VerifyEmbeddedSignature(string fileName) {
var wtd = new WinTrustData(fileName);
var guidAction = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2);
WinVerifyTrustResult result = WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd);
bool ret = (result == WinVerifyTrustResult.Success);
return ret;
}
public static bool CheckSignature(IntPtr ownerWindow, string filename, bool enableUi, out string errorMessage)
{
using (var wtd = new WinTrustData(filename)
{
UIChoice = enableUi ? WinTrustDataUIChoice.All : WinTrustDataUIChoice.None,
UIContext = WinTrustDataUIContext.Execute,
RevocationChecks = WinTrustDataRevocationChecks.WholeChain,
StateAction = WinTrustDataStateAction.Ignore,
ProvFlags = WinTrustDataProvFlags.RevocationCheckChain
}) {
var trustResult = WinTrust.WinVerifyTrust(
ownerWindow, new Guid(WinTrust.WINTRUST_ACTION_GENERIC_VERIFY_V2), wtd
);
if (trustResult == WinVerifyTrustResult.Success)
{
errorMessage = null;
return(true);
}
else
{
var sb = new StringBuilder(1024);
var charCount = FormatMessage(
FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS,
IntPtr.Zero, (uint)trustResult, 0,
sb, (uint)sb.Capacity, IntPtr.Zero
);
errorMessage = sb.ToString(0, (int)charCount);
return(false);
}
}
}
public bool IsSignedAndTrusted(string filename, IRequest request)
{
if (request == null)
{
throw new ArgumentNullException("request");
}
if (!request.IsCanceled)
{
if (String.IsNullOrWhiteSpace(filename) || !filename.FileExists())
{
return(false);
}
Debug(request, "Calling 'ProviderService::IsSignedAndTrusted, '{0}'", filename);
// we are not using this function anywhere. Only MSI provider is using this method.
#if !CORECLR
var wtd = new WinTrustData(filename);
var result = NativeMethods.WinVerifyTrust(new IntPtr(-1), new Guid("{00AAC56B-CD44-11d0-8CC2-00C04FC295EE}"), wtd);
return(result == WinVerifyTrustResult.Success);
#endif
}
return(false);
}
// call WinTrust.WinVerifyTrust() to check embedded file signature
public static bool VerifyEmbeddedSignature(string fileName)
{
WinTrustFileInfo winTrustFileInfo = null;
WinTrustData winTrustData = null;
try
{
winTrustFileInfo = new WinTrustFileInfo(fileName);
winTrustData = new WinTrustData(winTrustFileInfo);
Guid guidAction = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2);
WinVerifyTrustResult result = WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, winTrustData);
bool ret = (result == WinVerifyTrustResult.Success);
return(ret);
}
finally
{
// free the locally-held unmanaged memory in the data structures
if (winTrustFileInfo != null)
{
winTrustFileInfo.Dispose();
}
if (winTrustData != null)
{
winTrustData.Dispose();
}
}
}
/// <summary>
/// Calls WinVerifyTrust() to check embedded file signature
/// </summary>
/// <param name="FileName"></param>
/// <param name="SignerName"></param>
/// <returns></returns>
public static WinVerifyTrustResult VerifyEmbeddedSignature(string FileName)
{
WinVerifyTrustResult result = WinVerifyTrustResult.FileNotSigned;
WinTrustData wtd = new WinTrustData(FileName, false, null, null, IntPtr.Zero);
wtd.dwStateAction = WinTrustDataStateAction.Verify;
Guid guidAction = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2);
try
{
try
{
result = WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd);
if (result != WinVerifyTrustResult.Success)
{
return(result);
}
}
catch (Exception)
{
}
}
finally
{
// Clean up
wtd.dwStateAction = WinTrustDataStateAction.Close;
WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd);
}
return(result);
}
// call WinTrust.WinVerifyTrust() to check embedded file signature
public static bool VerifyEmbeddedSignature(string fileName)
{
WinTrustData wtd = new WinTrustData(fileName);
Guid guidAction = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2);
WinVerifyTrustResult result = WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd);
bool ret = (result == WinVerifyTrustResult.Success);
return(ret);
}
// call WinTrust.WinVerifyTrust() to check embedded file signature
public static bool VerifyEmbeddedSignature(string fileName, bool allowInvalidRoot)
{
WinTrustData wtd = new WinTrustData(fileName);
Guid guidAction = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2);
WinVerifyTrustResult result = WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd);
logger.Info("Result: {0}", result);
bool ret = (result == WinVerifyTrustResult.Success || (allowInvalidRoot && result == WinVerifyTrustResult.UntrustedRoot));
return(ret);
}
// call WinTrust.WinVerifyTrust() to check embedded file signature
public static WinVerifyTrustResult VerifyEmbeddedSignature(string fileName)
{
var result = WinVerifyTrustResult.Success;
using (WinTrustData wtd = new WinTrustData(fileName))
{
Guid guidAction = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2);
result = WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd);
}
return(result);
}
public bool SignatureExist(string fileName)
{
WinTrustFileInfo wtfi = new WinTrustFileInfo(fileName);
WinTrustData wtd = new WinTrustData(wtfi);
Guid guidAction = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2);
WinVerifyTrustResult result = Win32Api.WinVerifyTrust(new IntPtr(-1), guidAction, wtd);
bool ret = (result == WinVerifyTrustResult.Success);
wtfi.Dispose();
wtd.Dispose();
return(ret);
}
private bool IsFileTrusted(string filePath)
{
if (string.IsNullOrEmpty(filePath))
{
throw new ArgumentNullException(nameof(filePath));
}
_file = File.OpenRead(filePath);
using (var fileInfo = new WinTrustFileInfo(filePath))
using (var winTrustData = new WinTrustData(fileInfo))
{
var result = WinVerifyTrust(IntPtr.Zero, WINTRUST_ACTION_GENERIC_VERIFY_V2, winTrustData);
return(result == WinVerifyTrustResult.Success);
}
}
public static bool IsAuthenticodeSigned(string path)
{
var fileInfo = new WinTrustFileInfo
{
cbStruct = (uint)Marshal.SizeOf <WinTrustFileInfo>(),
pcwszFilePath = Path.GetFullPath(path),
hFile = IntPtr.Zero,
pgKnownSubject = IntPtr.Zero
};
var data = new WinTrustData
{
cbStruct = (uint)Marshal.SizeOf <WinTrustData>(),
dwProvFlags = Convert.ToUInt32(Provider.WTD_SAFER_FLAG),
dwStateAction = Convert.ToUInt32(StateAction.WTD_STATEACTION_IGNORE),
dwUIChoice = Convert.ToUInt32(UIChoice.WTD_UI_NONE),
dwUIContext = 0,
dwUnionChoice = Convert.ToUInt32(UnionChoice.WTD_CHOICE_FILE),
fdwRevocationChecks = Convert.ToUInt32(RevocationChecks.WTD_REVOKE_NONE),
hWVTStateData = IntPtr.Zero,
pFile = Marshal.AllocHGlobal(Marshal.SizeOf <WinTrustFileInfo>()),
pPolicyCallbackData = IntPtr.Zero,
pSIPClientData = IntPtr.Zero,
pwszURLReference = IntPtr.Zero
};
// TODO: Potential memory leak. Need to invetigate
Marshal.StructureToPtr(fileInfo, data.pFile, false);
var pGuid = Marshal.AllocHGlobal(Marshal.SizeOf <Guid>());
var pData = Marshal.AllocHGlobal(Marshal.SizeOf <WinTrustData>());
Marshal.StructureToPtr(data, pData, true);
Marshal.StructureToPtr(new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2), pGuid, true);
var result = WinVerifyTrust(IntPtr.Zero, pGuid, pData);
Marshal.FreeHGlobal(pGuid);
Marshal.FreeHGlobal(pData);
return(result == 0);
}
/// <summary>
/// Calls WinVerifyTrust() to check embedded file signature
/// </summary>
/// <param name="FileName"></param>
/// <param name="SignerName"></param>
/// <returns></returns>
public static WinVerifyTrustResult VerifyEmbeddedSignature(string FileName, out List <Signer> Signers)
{
Signers = null;
WinVerifyTrustResult result = WinVerifyTrustResult.FileNotSigned;
WinTrustData wtd = new WinTrustData(FileName, false, null, null, IntPtr.Zero);
wtd.dwStateAction = WinTrustDataStateAction.Verify;
Guid guidAction = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2);
try
{
try
{
Log.Debug("Getting embedded signature");
result = WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd);
if (result != WinVerifyTrustResult.Success)
{
if (result != WinVerifyTrustResult.FileNotSigned)
{
// TODO We should handle this as this is weird
Log.Warn("Verification failed due to reason {0}", result);
}
return(result);
}
var signer = GetSignerFromStateData(wtd.hWVTStateData);
Signers = new List <Signer>();
Signers.Add(signer);
}
catch (Exception e)
{
Log.Exception(e, "Exception in VerifyEmbeddedSignature");
}
}
finally
{
// Clean up
wtd.dwStateAction = WinTrustDataStateAction.Close;
WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd);
}
return(result);
}
public static uint IsSigned(string path)
{
WinTrustFileInfo fileInfo = new WinTrustFileInfo()
{
cbStruct = (uint)Marshal.SizeOf(typeof(WinTrustFileInfo)),
pcwszFilePath = Path.GetFullPath(path),
hFile = IntPtr.Zero,
pgKnownSubject = IntPtr.Zero
};
WinTrustData data = new WinTrustData()
{
cbStruct = (uint)Marshal.SizeOf(typeof(WinTrustData)),
dwProvFlags = 0,
dwStateAction = Convert.ToUInt32(StateAction.WTD_STATEACTION_IGNORE),
dwUIChoice = Convert.ToUInt32(UIChoice.WTD_UI_NONE),
dwUIContext = 0,
dwUnionChoice = Convert.ToUInt32(UnionChoice.WTD_CHOICE_FILE),
fdwRevocationChecks = Convert.ToUInt32(RevocationChecks.WTD_REVOKE_NONE),
hWVTStateData = IntPtr.Zero,
pFile = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(WinTrustFileInfo))),
pPolicyCallbackData = IntPtr.Zero,
pSIPClientData = IntPtr.Zero,
pwszURLReference = IntPtr.Zero
};
// Potential memory leak. Need to investigate
Marshal.StructureToPtr(fileInfo, data.pFile, false);
IntPtr pGuid = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(Guid)));
IntPtr pData = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(WinTrustData)));
Marshal.StructureToPtr(data, pData, true);
Marshal.StructureToPtr(WinTrust.WINTRUST_ACTION_GENERIC_VERIFY_V2, pGuid, true);
uint result = WinTrust.WinVerifyTrust(IntPtr.Zero, pGuid, pData);
Marshal.FreeHGlobal(pGuid);
Marshal.FreeHGlobal(pData);
return(result);
}
public bool IsSignedAndTrusted(string filename, Object requestImpl)
{
if (requestImpl == null)
{
throw new ArgumentNullException("requestImpl");
}
if (string.IsNullOrEmpty(filename) || !FileExists(filename))
{
return(false);
}
using (var request = requestImpl.As <Request>()) {
request.Debug("Calling 'ProviderService::IsSignedAndTrusted, '{0}'", filename);
var wtd = new WinTrustData(filename);
var result = NativeMethods.WinVerifyTrust(new IntPtr(-1), new Guid("{00AAC56B-CD44-11d0-8CC2-00C04FC295EE}"), wtd);
return(result == WinVerifyTrustResult.Success);
}
}
public static WinVerifyResult VerifyEmbeddedSignature(string path)
{
WinTrustFileInfo winTrustFileInfo = null;
WinTrustData winTrustData = null;
try
{
// specify the WinVerifyTrust function/action that we want
var action = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2);
// instantiate our WinTrustFileInfo and WinTrustData data structures
winTrustFileInfo = new WinTrustFileInfo(path);
winTrustData = new WinTrustData(winTrustFileInfo);
// call into WinVerifyTrust
return(WinVerifyTrust(INVALID_HANDLE_VALUE, action, winTrustData));
}
finally
{
// free the locally-held unmanaged memory in the data structures
winTrustFileInfo?.Dispose();
winTrustData?.Dispose();
}
}
/// <summary>
/// Given a catalog file, extracts the signer name
/// </summary>
/// <param name="FileName"></param>
/// <param name="SignerName"></param>
/// <returns></returns>
public static WinVerifyTrustResult VerifyCatalogFile(string FileName, string CatalogName, string Hash, out List <Signer> Signers, IntPtr hCatAdmin)
{
// Much of this comes from: http://forum.sysinternals.com/howto-verify-the-digital-signature-of-a-file_topic19247.html
WinVerifyTrustResult result = WinVerifyTrustResult.FileNotSigned;
WinTrustData wtd = new WinTrustData(FileName, true, Hash, CatalogName, hCatAdmin);
wtd.dwStateAction = WinTrustDataStateAction.Verify;
Guid guidAction = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2);
Signers = null;
try
{
result = WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd);
if (result != WinVerifyTrustResult.Success)
{
if (result != WinVerifyTrustResult.FileNotSigned)
{
Log.Warn("Verification failed due to reason {0}", result);
}
return(result);
}
var signer = GetSignerFromStateData(wtd.hWVTStateData);
Signers = new List <Signer>();
Signers.Add(signer);
}
finally
{
// Clean up
wtd.dwStateAction = WinTrustDataStateAction.Close;
WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd);
}
return(result);
}
public static string VerifyEmbeddedSignature(string filename)
{
try
{
WinTrustFileInfo winTrustFileInfo = null;
WinTrustData winTrustData = null;
// specify the WinVerifyTrust function/action that we want
Guid action = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2);
// instantiate our WinTrustFileInfo and WinTrustData data structures
winTrustFileInfo = new WinTrustFileInfo(filename);
winTrustData = new WinTrustData(filename);
WinVerifyTrustResult result = WinVerifyTrust(INVALID_HANDLE_VALUE, action, winTrustData);
// call into WinVerifyTrust
switch (result)
{
case WinVerifyTrustResult.Success:
return("Valid");
case WinVerifyTrustResult.ProviderUnknown:
return("ProviderUnknown");
case WinVerifyTrustResult.ActionUnknown:
return("ActionUnknown");
case WinVerifyTrustResult.SubjectFormUnknown:
return("SubjectFormUnknown");
case WinVerifyTrustResult.SubjectNotTrusted:
return("SubjectNotTrusted");
case WinVerifyTrustResult.FileNotSigned:
return("FileNotSigned");
case WinVerifyTrustResult.SubjectExplicitlyDistrusted:
return("SubjectExplicitlyDistrusted");
case WinVerifyTrustResult.SignatureOrFileCorrupt:
return("SignatureOrFileCorrupt");
case WinVerifyTrustResult.SubjectCertExpired:
return("SubjectCertExpired");
case WinVerifyTrustResult.SubjectCertificateRevoked:
return("SubjectCertificateRevoked");
case WinVerifyTrustResult.UntrustedRoot:
return("UntrustedRoot");
default:
// The UI was disabled in dwUIChoice or the admin policy
// has disabled user trust. lStatus contains the
// publisher or time stamp chain error.
return(result.ToString());
}
}
catch (Exception e) when(
e is System.AccessViolationException ||
e is Exception)
{
Dictionary <string, string> ExceptionEvent = new Dictionary <string, string>();
ExceptionEvent.Add("Exception Type", e.GetType().ToString());
AsaTelemetry.TrackEvent("VerifyEmbeddedSignatureException", ExceptionEvent);
return("FailedToFetch");
}
}
internal static extern long WinVerifyTrust(IntPtr windowHandle, ref Guid actionGuid, ref WinTrustData trustData);
internal static extern WinVerifyTrustResult WinVerifyTrust(IntPtr hwnd, [MarshalAs(UnmanagedType.LPStruct)] Guid pgActionID, WinTrustData pWVTData);
static extern WinVerifyTrustResult WinVerifyTrust(
[In] IntPtr hwnd, // _In_ HWND hWnd,
[In][MarshalAs(UnmanagedType.LPStruct)] Guid pgActionID, // _In_ GUID *pgActionID,
[In, Out] WinTrustData pWVTData // _In_ LPVOID pWVTData
);
public static bool CheckSignature(IntPtr ownerWindow, string filename, bool enableUi, out string errorMessage)
{
using (var wtd = new WinTrustData(filename) {
UIChoice = enableUi ? WinTrustDataUIChoice.All : WinTrustDataUIChoice.None,
UIContext = WinTrustDataUIContext.Execute,
RevocationChecks = WinTrustDataRevocationChecks.WholeChain,
StateAction = WinTrustDataStateAction.Ignore,
ProvFlags = WinTrustDataProvFlags.RevocationCheckChain
}) {
var trustResult = WinTrust.WinVerifyTrust(
ownerWindow, new Guid(WinTrust.WINTRUST_ACTION_GENERIC_VERIFY_V2), wtd
);
if (trustResult == WinVerifyTrustResult.Success) {
errorMessage = null;
return true;
} else {
var sb = new StringBuilder(1024);
var charCount = FormatMessage(
FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS,
IntPtr.Zero, (uint)trustResult, 0,
sb, (uint)sb.Capacity, IntPtr.Zero
);
errorMessage = sb.ToString(0, (int)charCount);
return false;
}
}
}
private static extern WinVerifyResult WinVerifyTrust(
[In] IntPtr hwnd,
[In][MarshalAs(UnmanagedType.LPStruct)] Guid pgActionID,
[In] WinTrustData pWVTData
);
internal static extern long WinVerifyTrust(IntPtr windowHandle, ref Guid actionGuid, ref WinTrustData trustData);
public bool IsSignedAndTrusted(string filename, IRequest request) {
if (request == null) {
throw new ArgumentNullException("request");
}
if (!request.IsCanceled) {
if (String.IsNullOrWhiteSpace(filename) || !filename.FileExists()) {
return false;
}
Debug(request, "Calling 'ProviderService::IsSignedAndTrusted, '{0}'", filename);
// we are not using this function anywhere
#if !UNIX
var wtd = new WinTrustData(filename);
var result = NativeMethods.WinVerifyTrust(new IntPtr(-1), new Guid("{00AAC56B-CD44-11d0-8CC2-00C04FC295EE}"), wtd);
return result == WinVerifyTrustResult.Success;
#endif
}
return false;
}
public static bool IsAuthenticodeSigned(string path)
{
WinTrustFileInfo fileInfo = new WinTrustFileInfo()
{
cbStruct = (uint)Marshal.SizeOf(typeof(WinTrustFileInfo)),
pcwszFilePath = Path.GetFullPath(path),
hFile = IntPtr.Zero,
pgKnownSubject = IntPtr.Zero
};
WinTrustData data = new WinTrustData()
{
cbStruct = (uint)Marshal.SizeOf(typeof(WinTrustData)),
dwProvFlags = Convert.ToUInt32(Provider.WTD_SAFER_FLAG),
dwStateAction = Convert.ToUInt32(StateAction.WTD_STATEACTION_IGNORE),
dwUIChoice = Convert.ToUInt32(UIChoice.WTD_UI_NONE),
dwUIContext = 0,
dwUnionChoice = Convert.ToUInt32(UnionChoice.WTD_CHOICE_FILE),
fdwRevocationChecks = Convert.ToUInt32(RevocationChecks.WTD_REVOKE_NONE),
hWVTStateData = IntPtr.Zero,
pFile = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(WinTrustFileInfo))),
pPolicyCallbackData = IntPtr.Zero,
pSIPClientData = IntPtr.Zero,
pwszURLReference = IntPtr.Zero
};
// TODO: Potential memory leak. Need to invetigate
Marshal.StructureToPtr(fileInfo, data.pFile, false);
IntPtr pGuid = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(Guid)));
IntPtr pData = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(WinTrustData)));
Marshal.StructureToPtr(data, pData, true);
Marshal.StructureToPtr(new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2), pGuid, true);
uint result = WinVerifyTrust(IntPtr.Zero, pGuid, pData);
Marshal.FreeHGlobal(pGuid);
Marshal.FreeHGlobal(pData);
return result == 0;
}
public static WinVerifyTrustResult VerifyEmbeddedSignature(string filename)
{
var data = new WinTrustData(filename);
var action = new Guid(WintrustActionGenericVerifyV2);
return WinVerifyTrust(InvalidHandleValue, action, data);
}
// call WinTrust.WinVerifyTrust() to check embedded file signature
public static string VerifyEmbeddedSignature(string filename)
{
WinTrustFileInfo winTrustFileInfo = null;
WinTrustData winTrustData = null;
try
{
// specify the WinVerifyTrust function/action that we want
Guid action = new Guid(WINTRUST_ACTION_GENERIC_VERIFY_V2);
// instantiate our WinTrustFileInfo and WinTrustData data structures
winTrustFileInfo = new WinTrustFileInfo(filename);
winTrustData = new WinTrustData(filename);
// call into WinVerifyTrust
WinVerifyTrustResult result = WinVerifyTrust(INVALID_HANDLE_VALUE, action, winTrustData);
switch (result)
{
case WinVerifyTrustResult.Success:
return("Valid");
case WinVerifyTrustResult.ProviderUnknown:
return("ProviderUnknown");
case WinVerifyTrustResult.ActionUnknown:
return("ActionUnknown");
case WinVerifyTrustResult.SubjectFormUnknown:
return("SubjectFormUnknown");
case WinVerifyTrustResult.SubjectNotTrusted:
return("SubjectNotTrusted");
case WinVerifyTrustResult.FileNotSigned:
return("FileNotSigned");
case WinVerifyTrustResult.SubjectExplicitlyDistrusted:
return("SubjectExplicitlyDistrusted");
case WinVerifyTrustResult.SignatureOrFileCorrupt:
return("SignatureOrFileCorrupt");
case WinVerifyTrustResult.SubjectCertExpired:
return("SubjectCertExpired");
case WinVerifyTrustResult.SubjectCertificateRevoked:
return("SubjectCertificateRevoked");
case WinVerifyTrustResult.UntrustedRoot:
return("UntrustedRoot");
default:
// The UI was disabled in dwUIChoice or the admin policy
// has disabled user trust. lStatus contains the
// publisher or time stamp chain error.
return(result.ToString());
}
}
catch (Exception e)
{
Log.Debug("{0} error decoding signature on {1}", e.GetType().ToString(), filename);
}
return("Unknown");
}
public void InstallPackage(string fastPath, RequestImpl requestImpl)
{
if (requestImpl == null)
{
throw new ArgumentNullException("requestImpl");
}
// ensure that mandatory parameters are present.
using (var request = requestImpl.As <Request>()) {
request.Debug("Calling 'Bootstrap::InstallPackage'");
// verify the package integrity (ie, check if it's digitally signed before installing)
var master = request.DownloadSwidtag(_urls);
if (master == null)
{
request.Warning(Constants.ProviderSwidtagUnavailable);
return;
}
var provider = request.GetProvider(master, fastPath);
if (provider != null)
{
// install the 'package'
if (!provider.XPath("/swid:SoftwareIdentity/swid:Meta[@providerType = 'assembly']").Any())
{
request.Error(ErrorCategory.InvalidOperation, fastPath, request.FormatMessageString(Constants.UnsupportedProviderType, fastPath));
return;
}
if (!Directory.Exists(request.DestinationPath))
{
request.Error(ErrorCategory.InvalidOperation, fastPath, request.FormatMessageString(Constants.DestinationPathNotSet));
return;
}
var targetFilename = provider.XPath("/swid:SoftwareIdentity/swid:Meta[@targetFilename]").GetAttribute("targetFilename");
if (string.IsNullOrEmpty(targetFilename))
{
request.Error(ErrorCategory.InvalidOperation, fastPath, request.FormatMessageString(Constants.InvalidFilename));
return;
}
targetFilename = Path.GetFileName(targetFilename);
var targetFile = Path.Combine(request.DestinationPath, targetFilename);
string tmpFile = null;
var failedBecauseInvalid = false;
// download the file
foreach (var link in provider.XPath("/swid:SoftwareIdentity/swid:Link[@rel = 'installationmedia']"))
{
var href = link.Attributes["href"];
if (string.IsNullOrEmpty(href) || !Uri.IsWellFormedUriString(href, UriKind.Absolute))
{
request.Debug("Bad or missing uri: {0}", href);
continue;
}
try {
tmpFile = targetFilename.GenerateTemporaryFilename();
request.Debug("Downloading '{0}' to '{1}'", href, tmpFile);
if (!request.DownloadFileToLocation(new Uri(href), tmpFile))
{
request.Debug("Failed download of '{0}'", href);
continue;
}
request.Debug("Verifying the package");
// verify the package
var wtd = new WinTrustData(tmpFile);
var result = NativeMethods.WinVerifyTrust(new IntPtr(-1), new Guid("{00AAC56B-CD44-11d0-8CC2-00C04FC295EE}"), wtd);
if (result != WinVerifyTrustResult.Success)
{
request.Debug("Not Valid file '{0}' => '{1}'", href, tmpFile);
failedBecauseInvalid = true;
request.Warning(Constants.FileFailedVerification, href);
#if !DEBUG
tmpFile.TryHardToDelete();
continue;
#endif
}
// looks good! let's keep it
if (File.Exists(targetFile))
{
request.Debug("Removing old file '{0}'", targetFile);
targetFile.TryHardToDelete();
}
// is that file still there?
if (File.Exists(targetFile))
{
request.Error(ErrorCategory.InvalidOperation, fastPath, Constants.UnableToRemoveFile, targetFile);
return;
}
request.Debug("Copying file '{0}' to '{1}'", tmpFile, targetFile);
File.Copy(tmpFile, targetFile);
if (File.Exists(targetFile))
{
// looks good to me.
request.YieldFromSwidtag(provider, null, null, null, fastPath);
return;
}
} catch (Exception e) {
e.Dump();
} finally {
if (!string.IsNullOrEmpty(tmpFile))
{
tmpFile.TryHardToDelete();
}
}
}
if (failedBecauseInvalid)
{
request.Error(ErrorCategory.InvalidData, fastPath, Constants.FileFailedVerification, fastPath);
}
}
else
{
request.Error(ErrorCategory.InvalidData, fastPath, Constants.UnableToResolvePackage, fastPath);
}
}
}
internal static extern WinTrustErrorCode WinVerifyTrust(IntPtr hwnd, [MarshalAs(UnmanagedType.LPStruct)] Guid pgActionID, WinTrustData pWVTData);
