public void Execute(List <FileDetails> fileDetails) { foreach (var fileDetail in fileDetails) { var extractor = new FileInspector(fileDetail.Filename); fileDetail.IsSigned = extractor.Validate() == SignatureCheckResult.Valid; if (fileDetail.IsSigned) { fileDetail.SignatureVersion = extractor.GetSignatures().FirstOrDefault()?.SigningCertificate.Version.ToString(); fileDetail.SignatureDate = extractor.GetSignatures().FirstOrDefault()?.TimestampSignatures.FirstOrDefault()?.TimestampDateTime?.UtcDateTime.ToString(); } } }
public static void ShouldExtractSignaturesEvenForBadDigest() { var inspector = new FileInspector(Path.Combine("inputs", "AuthenticodeExaminer-bad.dl_")); var signatures = inspector.GetSignatures(); Assert.NotEmpty(signatures); }
private static bool IsCertumSigned(string filename) { var inspector = new FileInspector(filename); return(inspector.Validate() == SignatureCheckResult.Valid && inspector.GetSignatures().FirstOrDefault(signature => signature.SigningCertificate.Subject == _certumSubject) != null); }
public async Task <IEnumerable <IntegrityReport> > GetIntegrityReports() { var hashes = new HashSet <string>(); var loadedAssemblies = AppDomain.CurrentDomain.GetAssemblies() .Select(a => { if (hashes.Contains(a.FullName)) { return(null); } hashes.Add(a.FullName); return(new IntegrityReport(a)); }) .Where(a => a != null) .Where(r => r.IsAuthJanitorExtensionLibrary || r.IsAuthJanitorNamedLibrary) .ToList(); await Task.WhenAll(loadedAssemblies.Select(async asm => { if (string.IsNullOrEmpty(asm.LibraryFile)) { return; } asm.LibraryFileHash = await _cryptographicImplementation.HashFile(asm.LibraryFile); var inspector = new FileInspector(asm.LibraryFile); var signatureCheckResult = inspector.Validate(); asm.SignatureCheckResult = Enum.Parse <IntegrityReport.IntegritySignatureCheckResult>(signatureCheckResult.ToString()); if (signatureCheckResult != SignatureCheckResult.NoSignature && signatureCheckResult != SignatureCheckResult.BadDigest) { asm.Signatures = inspector.GetSignatures().Select(s => { return(new IntegrityReportSignature() { Thumbprint = s.SigningCertificate.Thumbprint, Subject = s.SigningCertificate.Subject, FriendlyName = s.SigningCertificate.FriendlyName, Issuer = s.SigningCertificate.Issuer, IssuerName = s.SigningCertificate.IssuerName?.Name, NotAfter = s.SigningCertificate.NotAfter, NotBefore = s.SigningCertificate.NotBefore, SerialNumber = s.SigningCertificate.SerialNumber, SubjectName = s.SigningCertificate.SubjectName?.Name, Version = s.SigningCertificate.Version.ToString(), PublisherDescription = s.PublisherInformation?.Description, PublisherUrl = s.PublisherInformation?.UrlLink }); }).ToList(); } })); return(loadedAssemblies); }
private void SetupDisablerButtonText() { if (SelectedTarget != null) { var d3d9Path = Path.Combine(MEDirectories.ExecutableDirectory(SelectedTarget), @"d3d9.dll"); if (File.Exists(d3d9Path)) { // See if it ME3Tweaks disabler or some other tool var fi = new FileInspector(d3d9Path); foreach (var sig in fi.GetSignatures()) { foreach (var signChain in sig.AdditionalCertificates) { try { var outStr = signChain.Subject.Substring(3); //remove CN= outStr = outStr.Substring(0, outStr.IndexOf(',')); if (outStr == @"Michael Perez") //My signing cert name { D3D9Status = M3L.GetString(M3L.string_overlayDisablerInstalled); DisablerButtonText = M3L.GetString(M3L.string_uninstallDisabler); DisablerButtonEnabled = true; return; } } catch { } } } D3D9Status = M3L.GetString(M3L.string_otherD3d9dllInstalledOverlayDisabled); DisablerButtonText = M3L.GetString(M3L.string_cannotUninstallOtherD3d9File); DisablerButtonEnabled = false; return; } DisablerButtonEnabled = true; D3D9Status = M3L.GetString(M3L.string_overlayDisablerNotInstalled); DisablerButtonText = M3L.GetString(M3L.string_installDisabler); } else { DisablerButtonEnabled = false; DisablerButtonText = M3L.GetString(M3L.string_installDisabler); if (Targets.Any()) { D3D9Status = M3L.GetString(M3L.string_noTargetSelected); } else { D3D9Status = M3L.GetString(M3L.string_noOriginBasedGameTargets); } } }
private static bool IsMicrosoftFile(PackageFile file) { IReadOnlyList <AuthenticodeSignature> sigs; SignatureCheckResult isValidSig; using (var str = file.GetStream()) using (var tempFile = new TemporaryFile(str, Path.GetExtension(file.Name))) { var extractor = new FileInspector(tempFile.FileName); sigs = extractor.GetSignatures().ToList(); isValidSig = extractor.Validate(); if (isValidSig == SignatureCheckResult.Valid && sigs.Count > 0) { return(sigs[0].SigningCertificate.Subject.EndsWith(", O=Microsoft Corporation, L=Redmond, S=Washington, C=US", StringComparison.OrdinalIgnoreCase)); } } return(false); }
static int Main(string[] args) { Console.Write("Type a program path: "); var path = Console.ReadLine(); if (!File.Exists(path)) { Console.WriteLine("File doesn't exist."); return(1); } var extractor = new FileInspector(path); var validationResult = extractor.Validate(); switch (validationResult) { case SignatureCheckResult.Valid: Console.WriteLine("The file is valid."); break; case SignatureCheckResult.NoSignature: Console.WriteLine("The file is not signed."); return(1); case SignatureCheckResult.BadDigest: Console.WriteLine("The file's signature is not valid."); return(1); default: Console.WriteLine($"The file is not valid: {validationResult}"); return(1); } var signatures = extractor.GetSignatures(); foreach (var signature in signatures) { DumpSignatureDetails(signature); } return(0); }
public AboutPanel() { DataContext = this; Debug.WriteLine(TelemetryKeyAvailable); InitializeComponent(); NamedBackgroundWorker nbw = new NamedBackgroundWorker("AboutAuthenticode"); nbw.DoWork += (a, b) => { var info = new FileInspector(App.ExecutableLocation); var signTime = info.GetSignatures().FirstOrDefault()?.TimestampSignatures.FirstOrDefault()?.TimestampDateTime?.UtcDateTime; if (signTime != null) { BuildDate = signTime.Value.ToString(@"MMMM dd, yyyy"); } else { BuildDate = "WARNING: This build is not signed by ME3Tweaks"; } }; nbw.RunWorkerAsync(); }
private void ShowFile(PackageFile file) { object?content = null; var isBinary = false; // find all plugins which can handle this file's extension var contentViewers = FindContentViewer(file); if (contentViewers != null) { isBinary = true; try { // iterate over all plugins, looking for the first one that return non-null content foreach (var viewer in contentViewers) { // Get peer files var peerFiles = file.Parent !.GetFiles() .Select(pf => new PackageFile(pf, Path.GetFileName(pf.Path), file.Parent !)) .ToList(); content = viewer.GetView(file, peerFiles); if (content != null) { // found a plugin that can read this file, stop break; } } } catch (Exception ex) when(!(ex is FileNotFoundException)) { DiagnosticsClient.Notify(ex); // don't let plugin crash the app content = Resources.PluginFailToReadContent + Environment.NewLine + ex.ToString(); } if (content is string) { isBinary = false; } } // if plugins fail to read this file, fall back to the default viewer var truncated = false; if (content == null) { isBinary = FileHelper.IsBinaryFile(file.Name); if (isBinary) { content = Resources.UnsupportedFormatMessage; } else { content = ReadFileContent(file, out truncated); } } long size = -1; IReadOnlyList <AuthenticodeSignature> sigs; SignatureCheckResult isValidSig; using (var str = file.GetStream()) using (var tempFile = new TemporaryFile(str, Path.GetExtension(file.Name))) { var extractor = new FileInspector(tempFile.FileName); sigs = extractor.GetSignatures().ToList(); isValidSig = extractor.Validate(); size = tempFile.Length; } var fileInfo = new FileContentInfo( file, file.Path, content, !isBinary, size, truncated, sigs, isValidSig); ViewModel.ShowFile(fileInfo); }
private void ShowFile(PackageFile file) { object content = null; var isBinary = false; // find all plugins which can handle this file's extension var contentViewers = FindContentViewer(file); if (contentViewers != null) { isBinary = true; try { // iterate over all plugins, looking for the first one that return non-null content foreach (var viewer in contentViewers) { using (var stream = file.GetStream()) { content = viewer.GetView(Path.GetExtension(file.Name), stream); if (content != null) { // found a plugin that can read this file, stop break; } } } } catch (Exception ex) { // don't let plugin crash the app content = Resources.PluginFailToReadContent + Environment.NewLine + ex.ToString(); } if (content is string) { isBinary = false; } } // if plugins fail to read this file, fall back to the default viewer long size = -1; if (content == null) { isBinary = FileHelper.IsBinaryFile(file.Name); if (isBinary) { content = Resources.UnsupportedFormatMessage; } else { content = ReadFileContent(file, out size); } } if (size == -1) { // This is inefficient but cn be cleaned up later using (var str = file.GetStream()) using (var ms = new MemoryStream()) { str.CopyTo(ms); size = ms.Length; } } IReadOnlyList <AuthenticodeSignature> sigs; SignatureCheckResult isValidSig; using (var str = file.GetStream()) using (var tempFile = new TemporaryFile(str, Path.GetExtension(file.Name))) { var extractor = new FileInspector(tempFile.FileName); sigs = extractor.GetSignatures().ToList(); isValidSig = extractor.Validate(); } var fileInfo = new FileContentInfo( file, file.Path, content, !isBinary, size, sigs, isValidSig); ViewModel.ShowFile(fileInfo); }
private void ShowFile(PackageFile file) { object?content = null; var isBinary = false; // find all plugins which can handle this file's extension var contentViewers = FindContentViewer(file); if (contentViewers != null) { try { // iterate over all plugins, looking for the first one that return non-null content foreach (var viewer in contentViewers) { var files = file.GetAssociatedPackageFiles().ToList(); content = viewer.GetView(file, files); if (content != null) { // found a plugin that can read this file, stop break; } } } catch (Exception ex) when(!(ex is FileNotFoundException)) { DiagnosticsClient.TrackException(ex, ViewModel.Package, ViewModel.PublishedOnNuGetOrg); // don't let plugin crash the app content = Resources.PluginFailToReadContent + Environment.NewLine + ex.ToString(); } isBinary = content is not string; } // if plugins fail to read this file, fall back to the default viewer var truncated = false; if (content == null) { isBinary = FileHelper.IsBinaryFile(file.Name); if (isBinary) { content = Resources.UnsupportedFormatMessage; } else { content = ReadFileContent(file, out truncated); } } long size = -1; IReadOnlyList <AuthenticodeSignature> sigs; SignatureCheckResult isValidSig; { // note: later, throught binding converter, SigningCertificate's CN value is extracted through native api if (AppCompat.IsSupported(RuntimeFeature.Cryptography, RuntimeFeature.NativeMethods)) { using var stream = file.GetStream(); using var tempFile = new TemporaryFile(stream, Path.GetExtension(file.Name)); var extractor = new FileInspector(tempFile.FileName); sigs = extractor.GetSignatures().ToList(); isValidSig = extractor.Validate(); size = tempFile.Length; } else { using var stream = StreamUtility.MakeSeekable(file.GetStream(), disposeOriginal: true); var peFile = new PeFile(stream); var certificate = CryptoUtility.GetSigningCertificate(peFile); if (certificate is not null) { sigs = new List <AuthenticodeSignature>(0); isValidSig = SignatureCheckResult.UnknownProvider; } else { sigs = new List <AuthenticodeSignature>(0); isValidSig = SignatureCheckResult.NoSignature; } size = peFile.FileSize; } } var fileInfo = new FileContentInfo( file, file.Path, content, !isBinary, size, truncated, sigs, isValidSig); ViewModel.ShowFile(fileInfo); }