private static System.Management.Automation.Signature GetSignatureFromWintrustData(string filePath, uint error, NativeStructs.WINTRUST_DATA wtd) { System.Management.Automation.Signature signature = (System.Management.Automation.Signature)null; X509Certificate2 timestamper = (X509Certificate2)null; IntPtr pProvData = WINTRUST.WTHelperProvDataFromStateData(wtd.hWVTStateData); if (pProvData != IntPtr.Zero) { IntPtr provSignerFromChain = WINTRUST.WTHelperGetProvSignerFromChain(pProvData, 0U, 0U, 0U); if (provSignerFromChain != IntPtr.Zero) { X509Certificate2 certFromChain = SignatureHelper.GetCertFromChain(provSignerFromChain); if (certFromChain != null) { NativeStructs.CRYPT_PROVIDER_SGNR cryptProviderSgnr = (NativeStructs.CRYPT_PROVIDER_SGNR)Marshal.PtrToStructure(provSignerFromChain, typeof(NativeStructs.CRYPT_PROVIDER_SGNR)); if ((int)cryptProviderSgnr.csCounterSigners == 1) { timestamper = SignatureHelper.GetCertFromChain(cryptProviderSgnr.pasCounterSigners); } signature = timestamper == null?SignatureProxy.GenerateSignature(filePath, error, certFromChain) : SignatureProxy.GenerateSignature(filePath, error, certFromChain, timestamper); } } } if (signature == null && (int)error != 0) { signature = SignatureProxy.GenerateSignature(filePath, error); } return(signature); }
private static uint GetWinTrustData(string fileName, out NativeStructs.WINTRUST_DATA wtData) { uint num1 = 2147500037U; IntPtr num2 = IntPtr.Zero; IntPtr num3 = IntPtr.Zero; Guid guid = new Guid("00AAC56B-CD44-11d0-8CC2-00C04FC295EE"); try { num2 = Marshal.AllocCoTaskMem(Marshal.SizeOf((object)guid)); Marshal.StructureToPtr((object)guid, num2, false); //NativeStructs.WINTRUST_DATA wintrustData = fileContent != null ? WINTRUST.InitWintrustDataStructFromBlob(WINTRUST.InitWintrustBlobInfoStruct(fileName, fileContent)) : WINTRUST.InitWintrustDataStructFromFile(WINTRUST.InitWintrustFileInfoStruct(fileName)); NativeStructs.WINTRUST_DATA wintrustData = WINTRUST.InitWintrustDataStructFromFile(WINTRUST.InitWintrustFileInfoStruct(fileName)); num3 = Marshal.AllocCoTaskMem(Marshal.SizeOf((object)wintrustData)); Marshal.StructureToPtr((object)wintrustData, num3, false); num1 = WINTRUST.WinVerifyTrust(new IntPtr(-1), num2, num3); wtData = (NativeStructs.WINTRUST_DATA)Marshal.PtrToStructure(num3, typeof(NativeStructs.WINTRUST_DATA)); } finally { Marshal.DestroyStructure(num2, typeof(Guid)); Marshal.FreeCoTaskMem(num2); Marshal.DestroyStructure(num3, typeof(NativeStructs.WINTRUST_DATA)); Marshal.FreeCoTaskMem(num3); } return(num1); }
public static Signature GetSignature(string fileName) { CheckArgForNullOrEmpty(fileName, "fileName"); CheckIfFileExists(fileName); System.Management.Automation.Signature signature; try { NativeStructs.WINTRUST_DATA wtData; uint winTrustData = SignatureHelper.GetWinTrustData(fileName, out wtData); //if ((int)winTrustData != 0) // SignatureHelper.tracer.WriteLine("GetWinTrustData failed: {0:x}", new object[1] // { // (object) winTrustData // }); signature = SignatureHelper.GetSignatureFromWintrustData(fileName, winTrustData, wtData); uint num = WINTRUST.DestroyWintrustDataStruct(wtData); //if ((int)num != 0) // SignatureHelper.tracer.WriteLine("DestroyWinTrustDataStruct failed: {0:x}", new object[1] //{ // (object) num //}); } catch { signature = SignatureProxy.GenerateSignature(fileName, 2148204800U); } return(signature); }
private static X509Certificate2 GetCertFromChain(IntPtr pSigner) { X509Certificate2 x509Certificate2 = (X509Certificate2)null; IntPtr provCertFromChain = WINTRUST.WTHelperGetProvCertFromChain(pSigner, 0U); if (provCertFromChain != IntPtr.Zero) { x509Certificate2 = new X509Certificate2(((NativeStructs.CRYPT_PROVIDER_CERT)Marshal.PtrToStructure(provCertFromChain, typeof(NativeStructs.CRYPT_PROVIDER_CERT))).pCert); } return(x509Certificate2); }
public static uint DestroyWintrustDataStruct(NativeStructs.WINTRUST_DATA wtd) { uint num1 = 2147500037U; IntPtr num2 = IntPtr.Zero; IntPtr num3 = IntPtr.Zero; Guid guid = new Guid("00AAC56B-CD44-11d0-8CC2-00C04FC295EE"); try { num2 = Marshal.AllocCoTaskMem(Marshal.SizeOf((object)guid)); Marshal.StructureToPtr((object)guid, num2, false); wtd.dwStateAction = 2U; num3 = Marshal.AllocCoTaskMem(Marshal.SizeOf((object)wtd)); Marshal.StructureToPtr((object)wtd, num3, false); num1 = WINTRUST.WinVerifyTrust(IntPtr.Zero, num2, num3); wtd = (NativeStructs.WINTRUST_DATA)Marshal.PtrToStructure(num3, typeof(NativeStructs.WINTRUST_DATA)); } finally { Marshal.DestroyStructure(num3, typeof(NativeStructs.WINTRUST_DATA)); Marshal.FreeCoTaskMem(num3); Marshal.DestroyStructure(num2, typeof(Guid)); Marshal.FreeCoTaskMem(num2); } if ((int)wtd.dwUnionChoice == 3) { Marshal.FreeCoTaskMem(((NativeStructs.WINTRUST_BLOB_INFO)Marshal.PtrToStructure(wtd.Choice.pBlob, typeof(NativeStructs.WINTRUST_BLOB_INFO))).pbMemObject); Marshal.DestroyStructure(wtd.Choice.pBlob, typeof(NativeStructs.WINTRUST_BLOB_INFO)); Marshal.FreeCoTaskMem(wtd.Choice.pBlob); } else { Marshal.DestroyStructure(wtd.Choice.pFile, typeof(NativeStructs.WINTRUST_FILE_INFO)); Marshal.FreeCoTaskMem(wtd.Choice.pFile); } return(num1); }