Exemplos de ProcessHacker.Native.Api WintrustFileInfo em C# (CSharp)

Linguagem de programação: C# (CSharp)

Espaço para nome / nome do pacote: ProcessHacker.Native.Api

Classe / Tipo: WintrustFileInfo

Exemplos em hotexamples.com: 2

ProcessHacker.Native.Api WintrustFileInfo em C# (CSharp) - 2 exemplos encontrados. Esses são os exemplos do mundo real mais bem avaliados de ProcessHacker.Native.Api.WintrustFileInfo em C# (CSharp) extraídos de projetos de código aberto. Você pode avaliar os exemplos para nos ajudar a melhorar a qualidade deles.

Relacionados

ChatUpdateService

MarkdownHyperlink

SomeGlobalClass

RenderAOParameters

SqlParameterList

UserReportDataModel

ForEachChunk

ItensTema

ParkingStopExitRequestDto

WebRequestQueueOperation

Related in langs

BaseMessageInterface (PHP)

mkpathA (PHP)

program_new (C++)

AmConfigReader (C++)

NewCredentialsFromFile (Go)

Pkgs (Go)

ZoomOptions (Java)

LinkedHashMap (Java)

PeerDBHandler (Python)

get_backend (Python)

Exemplo n.º 1

0

Exibir arquivo

Arquivo: Cryptography.cs Projeto: andyvand/ProcessHacker

public static VerifyResult VerifyFile(string fileName) { VerifyResult result = VerifyResult.NoSignature; using (MemoryAlloc strMem = new MemoryAlloc(fileName.Length * 2 + 2)) { WintrustFileInfo fileInfo = new WintrustFileInfo(); strMem.WriteUnicodeString(0, fileName); strMem.WriteByte(fileName.Length * 2, 0); strMem.WriteByte(fileName.Length * 2 + 1, 0); fileInfo.Size = Marshal.SizeOf(fileInfo); fileInfo.FilePath = strMem; WintrustData trustData = new WintrustData(); trustData.Size = 12 * 4; trustData.UIChoice = 2; // WTD_UI_NONE trustData.UnionChoice = 1; // WTD_CHOICE_FILE trustData.RevocationChecks = WtRevocationChecks.None; trustData.ProvFlags = WtProvFlags.Safer; if (OSVersion.IsAboveOrEqual(WindowsVersion.Vista)) trustData.ProvFlags |= WtProvFlags.CacheOnlyUrlRetrieval; using (MemoryAlloc mem = new MemoryAlloc(fileInfo.Size)) { Marshal.StructureToPtr(fileInfo, mem, false); trustData.UnionData = mem; uint winTrustResult = Win32.WinVerifyTrust(IntPtr.Zero, WintrustActionGenericVerifyV2, ref trustData); result = StatusToVerifyResult(winTrustResult); } } if (result == VerifyResult.NoSignature) { using (FileHandle sourceFile = FileHandle.CreateWin32(fileName, FileAccess.GenericRead, FileShareMode.Read, FileCreationDispositionWin32.OpenExisting)) { byte[] hash = new byte[256]; int hashLength = 256; if (!Win32.CryptCATAdminCalcHashFromFileHandle(sourceFile, ref hashLength, hash, 0)) { hash = new byte[hashLength]; if (!Win32.CryptCATAdminCalcHashFromFileHandle(sourceFile, ref hashLength, hash, 0)) return VerifyResult.NoSignature; } StringBuilder memberTag = new StringBuilder(hashLength * 2); for (int i = 0; i < hashLength; i++) memberTag.Append(hash[i].ToString("X2")); IntPtr catAdmin; if (!Win32.CryptCATAdminAcquireContext(out catAdmin, DriverActionVerify, 0)) return VerifyResult.NoSignature; IntPtr catInfo = Win32.CryptCATAdminEnumCatalogFromHash(catAdmin, hash, hashLength, 0, IntPtr.Zero); if (catInfo == IntPtr.Zero) { Win32.CryptCATAdminReleaseContext(catAdmin, 0); return VerifyResult.NoSignature; } CatalogInfo ci; if (!Win32.CryptCATCatalogInfoFromContext(catInfo, out ci, 0)) { Win32.CryptCATAdminReleaseCatalogContext(catAdmin, catInfo, 0); Win32.CryptCATAdminReleaseContext(catAdmin, 0); return VerifyResult.NoSignature; } WintrustCatalogInfo wci = new WintrustCatalogInfo(); wci.Size = Marshal.SizeOf(wci); wci.CatalogFilePath = ci.CatalogFile; wci.MemberFilePath = fileName; wci.MemberTag = memberTag.ToString(); WintrustData trustData = new WintrustData(); trustData.Size = 12 * 4; trustData.UIChoice = 1; trustData.UnionChoice = 2; trustData.RevocationChecks = WtRevocationChecks.None; if (OSVersion.IsAboveOrEqual(WindowsVersion.Vista)) trustData.ProvFlags = WtProvFlags.CacheOnlyUrlRetrieval; using (MemoryAlloc mem = new MemoryAlloc(wci.Size)) { Marshal.StructureToPtr(wci, mem, false); try { trustData.UnionData = mem; uint winTrustResult = Win32.WinVerifyTrust(IntPtr.Zero, DriverActionVerify, ref trustData); result = StatusToVerifyResult(winTrustResult); } finally { Win32.CryptCATAdminReleaseCatalogContext(catAdmin, catInfo, 0); Win32.CryptCATAdminReleaseContext(catAdmin, 0); Marshal.DestroyStructure(mem, typeof(WintrustCatalogInfo)); } } } } return result; }

Exemplo n.º 2

0

Exibir arquivo

Arquivo: Cryptography.cs Projeto: john-peterson/processhacker

public static VerifyResult VerifyFile(string fileName, out string signerName) { VerifyResult result; using (MemoryAlloc strMem = new MemoryAlloc(fileName.Length * 2 + 2)) { WintrustFileInfo fileInfo = new WintrustFileInfo(); strMem.WriteUnicodeString(0, fileName); strMem.WriteInt16(fileName.Length * 2, 0); fileInfo.Size = WintrustFileInfo.SizeOf; fileInfo.FilePath = strMem; WintrustData trustData = new WintrustData { Size = WintrustData.SizeOf, UIChoice = 2, // WTD_UI_NONE UnionChoice = 1, // WTD_CHOICE_FILE RevocationChecks = WtdRevocationChecks.None, ProvFlags = WtdProvFlags.Safer, StateAction = WtdStateAction.Verify }; if (OSVersion.IsAboveOrEqual(WindowsVersion.Vista)) trustData.ProvFlags |= WtdProvFlags.CacheOnlyUrlRetrieval; using (MemoryAlloc mem = new MemoryAlloc(fileInfo.Size)) { mem.WriteStruct(fileInfo); trustData.UnionData = mem; uint winTrustResult = Win32.WinVerifyTrust(IntPtr.Zero, WintrustActionGenericVerifyV2, ref trustData); result = StatusToVerifyResult(winTrustResult); try { if (result != VerifyResult.NoSignature) { signerName = GetSignerNameFromStateData(trustData.StateData); return result; } } finally { // Close the state data. trustData.StateAction = WtdStateAction.Close; Win32.WinVerifyTrust(IntPtr.Zero, WintrustActionGenericVerifyV2, ref trustData); } } } signerName = null; using (FileHandle sourceFile = FileHandle.CreateWin32(fileName, FileAccess.GenericRead, FileShareMode.Read, FileCreationDispositionWin32.OpenExisting)) { byte[] hash = new byte[256]; int hashLength = 256; if (!Win32.CryptCATAdminCalcHashFromFileHandle(sourceFile, ref hashLength, hash, 0)) { hash = new byte[hashLength]; if (!Win32.CryptCATAdminCalcHashFromFileHandle(sourceFile, ref hashLength, hash, 0)) return VerifyResult.NoSignature; } StringBuilder memberTag = new StringBuilder(hashLength * 2); for (int i = 0; i < hashLength; i++) memberTag.Append(hash[i].ToString("X2")); IntPtr catAdmin; if (!Win32.CryptCATAdminAcquireContext(out catAdmin, DriverActionVerify, 0)) return VerifyResult.NoSignature; IntPtr catInfo = Win32.CryptCATAdminEnumCatalogFromHash(catAdmin, hash, hashLength, 0, IntPtr.Zero); if (catInfo == IntPtr.Zero) { Win32.CryptCATAdminReleaseContext(catAdmin, 0); return VerifyResult.NoSignature; } CatalogInfo ci; if (!Win32.CryptCATCatalogInfoFromContext(catInfo, out ci, 0)) { Win32.CryptCATAdminReleaseCatalogContext(catAdmin, catInfo, 0); Win32.CryptCATAdminReleaseContext(catAdmin, 0); return VerifyResult.NoSignature; } WintrustCatalogInfo wci = new WintrustCatalogInfo { Size = WintrustCatalogInfo.SizeOf, CatalogFilePath = ci.CatalogFile, MemberFilePath = fileName, MemberTag = memberTag.ToString() }; WintrustData trustData = new WintrustData { Size = WintrustData.SizeOf, UIChoice = 1, UnionChoice = 2, RevocationChecks = WtdRevocationChecks.None, StateAction = WtdStateAction.Verify }; if (OSVersion.IsAboveOrEqual(WindowsVersion.Vista)) trustData.ProvFlags = WtdProvFlags.CacheOnlyUrlRetrieval; using (MemoryAlloc mem = new MemoryAlloc(wci.Size)) { mem.WriteStruct(wci); try { trustData.UnionData = mem; uint winTrustResult = Win32.WinVerifyTrust(IntPtr.Zero, DriverActionVerify, ref trustData); result = StatusToVerifyResult(winTrustResult); if (result != VerifyResult.NoSignature) { signerName = GetSignerNameFromStateData(trustData.StateData); } } finally { try { // Close the state data. trustData.StateAction = WtdStateAction.Close; Win32.WinVerifyTrust(IntPtr.Zero, DriverActionVerify, ref trustData); } finally { Win32.CryptCATAdminReleaseCatalogContext(catAdmin, catInfo, 0); Win32.CryptCATAdminReleaseContext(catAdmin, 0); mem.DestroyStruct<WintrustCatalogInfo>(); } } } } return result; }