public void Execute(List <FileDetails> fileDetails)
{
foreach (var fileDetail in fileDetails)
{
var extractor = new FileInspector(fileDetail.Filename);
fileDetail.IsSigned = extractor.Validate() == SignatureCheckResult.Valid;
if (fileDetail.IsSigned)
{
fileDetail.SignatureVersion = extractor.GetSignatures().FirstOrDefault()?.SigningCertificate.Version.ToString();
fileDetail.SignatureDate = extractor.GetSignatures().FirstOrDefault()?.TimestampSignatures.FirstOrDefault()?.TimestampDateTime?.UtcDateTime.ToString();
}
}
}
public static void ShouldExtractSignaturesEvenForBadDigest()
{
var inspector = new FileInspector(Path.Combine("inputs", "AuthenticodeExaminer-bad.dl_"));
var signatures = inspector.GetSignatures();
Assert.NotEmpty(signatures);
}
private static bool IsCertumSigned(string filename)
{
var inspector = new FileInspector(filename);
return(inspector.Validate() == SignatureCheckResult.Valid &&
inspector.GetSignatures().FirstOrDefault(signature => signature.SigningCertificate.Subject == _certumSubject) != null);
}
public async Task <IEnumerable <IntegrityReport> > GetIntegrityReports()
{
var hashes = new HashSet <string>();
var loadedAssemblies = AppDomain.CurrentDomain.GetAssemblies()
.Select(a =>
{
if (hashes.Contains(a.FullName))
{
return(null);
}
hashes.Add(a.FullName);
return(new IntegrityReport(a));
})
.Where(a => a != null)
.Where(r => r.IsAuthJanitorExtensionLibrary || r.IsAuthJanitorNamedLibrary)
.ToList();
await Task.WhenAll(loadedAssemblies.Select(async asm =>
{
if (string.IsNullOrEmpty(asm.LibraryFile))
{
return;
}
asm.LibraryFileHash = await _cryptographicImplementation.HashFile(asm.LibraryFile);
var inspector = new FileInspector(asm.LibraryFile);
var signatureCheckResult = inspector.Validate();
asm.SignatureCheckResult = Enum.Parse <IntegrityReport.IntegritySignatureCheckResult>(signatureCheckResult.ToString());
if (signatureCheckResult != SignatureCheckResult.NoSignature &&
signatureCheckResult != SignatureCheckResult.BadDigest)
{
asm.Signatures = inspector.GetSignatures().Select(s =>
{
return(new IntegrityReportSignature()
{
Thumbprint = s.SigningCertificate.Thumbprint,
Subject = s.SigningCertificate.Subject,
FriendlyName = s.SigningCertificate.FriendlyName,
Issuer = s.SigningCertificate.Issuer,
IssuerName = s.SigningCertificate.IssuerName?.Name,
NotAfter = s.SigningCertificate.NotAfter,
NotBefore = s.SigningCertificate.NotBefore,
SerialNumber = s.SigningCertificate.SerialNumber,
SubjectName = s.SigningCertificate.SubjectName?.Name,
Version = s.SigningCertificate.Version.ToString(),
PublisherDescription = s.PublisherInformation?.Description,
PublisherUrl = s.PublisherInformation?.UrlLink
});
}).ToList();
}
}));
return(loadedAssemblies);
}
private void SetupDisablerButtonText()
{
if (SelectedTarget != null)
{
var d3d9Path = Path.Combine(MEDirectories.ExecutableDirectory(SelectedTarget), @"d3d9.dll");
if (File.Exists(d3d9Path))
{
// See if it ME3Tweaks disabler or some other tool
var fi = new FileInspector(d3d9Path);
foreach (var sig in fi.GetSignatures())
{
foreach (var signChain in sig.AdditionalCertificates)
{
try
{
var outStr = signChain.Subject.Substring(3); //remove CN=
outStr = outStr.Substring(0, outStr.IndexOf(','));
if (outStr == @"Michael Perez") //My signing cert name
{
D3D9Status = M3L.GetString(M3L.string_overlayDisablerInstalled);
DisablerButtonText = M3L.GetString(M3L.string_uninstallDisabler);
DisablerButtonEnabled = true;
return;
}
}
catch
{
}
}
}
D3D9Status = M3L.GetString(M3L.string_otherD3d9dllInstalledOverlayDisabled);
DisablerButtonText = M3L.GetString(M3L.string_cannotUninstallOtherD3d9File);
DisablerButtonEnabled = false;
return;
}
DisablerButtonEnabled = true;
D3D9Status = M3L.GetString(M3L.string_overlayDisablerNotInstalled);
DisablerButtonText = M3L.GetString(M3L.string_installDisabler);
}
else
{
DisablerButtonEnabled = false;
DisablerButtonText = M3L.GetString(M3L.string_installDisabler);
if (Targets.Any())
{
D3D9Status = M3L.GetString(M3L.string_noTargetSelected);
}
else
{
D3D9Status = M3L.GetString(M3L.string_noOriginBasedGameTargets);
}
}
}
private static bool IsMicrosoftFile(PackageFile file)
{
IReadOnlyList <AuthenticodeSignature> sigs;
SignatureCheckResult isValidSig;
using (var str = file.GetStream())
using (var tempFile = new TemporaryFile(str, Path.GetExtension(file.Name)))
{
var extractor = new FileInspector(tempFile.FileName);
sigs = extractor.GetSignatures().ToList();
isValidSig = extractor.Validate();
if (isValidSig == SignatureCheckResult.Valid && sigs.Count > 0)
{
return(sigs[0].SigningCertificate.Subject.EndsWith(", O=Microsoft Corporation, L=Redmond, S=Washington, C=US", StringComparison.OrdinalIgnoreCase));
}
}
return(false);
}
static int Main(string[] args)
{
Console.Write("Type a program path: ");
var path = Console.ReadLine();
if (!File.Exists(path))
{
Console.WriteLine("File doesn't exist.");
return(1);
}
var extractor = new FileInspector(path);
var validationResult = extractor.Validate();
switch (validationResult)
{
case SignatureCheckResult.Valid:
Console.WriteLine("The file is valid.");
break;
case SignatureCheckResult.NoSignature:
Console.WriteLine("The file is not signed.");
return(1);
case SignatureCheckResult.BadDigest:
Console.WriteLine("The file's signature is not valid.");
return(1);
default:
Console.WriteLine($"The file is not valid: {validationResult}");
return(1);
}
var signatures = extractor.GetSignatures();
foreach (var signature in signatures)
{
DumpSignatureDetails(signature);
}
return(0);
}
public AboutPanel()
{
DataContext = this;
Debug.WriteLine(TelemetryKeyAvailable);
InitializeComponent();
NamedBackgroundWorker nbw = new NamedBackgroundWorker("AboutAuthenticode");
nbw.DoWork += (a, b) =>
{
var info = new FileInspector(App.ExecutableLocation);
var signTime = info.GetSignatures().FirstOrDefault()?.TimestampSignatures.FirstOrDefault()?.TimestampDateTime?.UtcDateTime;
if (signTime != null)
{
BuildDate = signTime.Value.ToString(@"MMMM dd, yyyy");
}
else
{
BuildDate = "WARNING: This build is not signed by ME3Tweaks";
}
};
nbw.RunWorkerAsync();
}
private void ShowFile(PackageFile file)
{
object?content = null;
var isBinary = false;
// find all plugins which can handle this file's extension
var contentViewers = FindContentViewer(file);
if (contentViewers != null)
{
isBinary = true;
try
{
// iterate over all plugins, looking for the first one that return non-null content
foreach (var viewer in contentViewers)
{
// Get peer files
var peerFiles = file.Parent !.GetFiles()
.Select(pf => new PackageFile(pf, Path.GetFileName(pf.Path), file.Parent !))
.ToList();
content = viewer.GetView(file, peerFiles);
if (content != null)
{
// found a plugin that can read this file, stop
break;
}
}
}
catch (Exception ex) when(!(ex is FileNotFoundException))
{
DiagnosticsClient.Notify(ex);
// don't let plugin crash the app
content = Resources.PluginFailToReadContent + Environment.NewLine + ex.ToString();
}
if (content is string)
{
isBinary = false;
}
}
// if plugins fail to read this file, fall back to the default viewer
var truncated = false;
if (content == null)
{
isBinary = FileHelper.IsBinaryFile(file.Name);
if (isBinary)
{
content = Resources.UnsupportedFormatMessage;
}
else
{
content = ReadFileContent(file, out truncated);
}
}
long size = -1;
IReadOnlyList <AuthenticodeSignature> sigs;
SignatureCheckResult isValidSig;
using (var str = file.GetStream())
using (var tempFile = new TemporaryFile(str, Path.GetExtension(file.Name)))
{
var extractor = new FileInspector(tempFile.FileName);
sigs = extractor.GetSignatures().ToList();
isValidSig = extractor.Validate();
size = tempFile.Length;
}
var fileInfo = new FileContentInfo(
file,
file.Path,
content,
!isBinary,
size,
truncated,
sigs,
isValidSig);
ViewModel.ShowFile(fileInfo);
}
private void ShowFile(PackageFile file)
{
object content = null;
var isBinary = false;
// find all plugins which can handle this file's extension
var contentViewers = FindContentViewer(file);
if (contentViewers != null)
{
isBinary = true;
try
{
// iterate over all plugins, looking for the first one that return non-null content
foreach (var viewer in contentViewers)
{
using (var stream = file.GetStream())
{
content = viewer.GetView(Path.GetExtension(file.Name), stream);
if (content != null)
{
// found a plugin that can read this file, stop
break;
}
}
}
}
catch (Exception ex)
{
// don't let plugin crash the app
content = Resources.PluginFailToReadContent + Environment.NewLine + ex.ToString();
}
if (content is string)
{
isBinary = false;
}
}
// if plugins fail to read this file, fall back to the default viewer
long size = -1;
if (content == null)
{
isBinary = FileHelper.IsBinaryFile(file.Name);
if (isBinary)
{
content = Resources.UnsupportedFormatMessage;
}
else
{
content = ReadFileContent(file, out size);
}
}
if (size == -1)
{
// This is inefficient but cn be cleaned up later
using (var str = file.GetStream())
using (var ms = new MemoryStream())
{
str.CopyTo(ms);
size = ms.Length;
}
}
IReadOnlyList <AuthenticodeSignature> sigs;
SignatureCheckResult isValidSig;
using (var str = file.GetStream())
using (var tempFile = new TemporaryFile(str, Path.GetExtension(file.Name)))
{
var extractor = new FileInspector(tempFile.FileName);
sigs = extractor.GetSignatures().ToList();
isValidSig = extractor.Validate();
}
var fileInfo = new FileContentInfo(
file,
file.Path,
content,
!isBinary,
size,
sigs,
isValidSig);
ViewModel.ShowFile(fileInfo);
}
private void ShowFile(PackageFile file)
{
object?content = null;
var isBinary = false;
// find all plugins which can handle this file's extension
var contentViewers = FindContentViewer(file);
if (contentViewers != null)
{
try
{
// iterate over all plugins, looking for the first one that return non-null content
foreach (var viewer in contentViewers)
{
var files = file.GetAssociatedPackageFiles().ToList();
content = viewer.GetView(file, files);
if (content != null)
{
// found a plugin that can read this file, stop
break;
}
}
}
catch (Exception ex) when(!(ex is FileNotFoundException))
{
DiagnosticsClient.TrackException(ex, ViewModel.Package, ViewModel.PublishedOnNuGetOrg);
// don't let plugin crash the app
content = Resources.PluginFailToReadContent + Environment.NewLine + ex.ToString();
}
isBinary = content is not string;
}
// if plugins fail to read this file, fall back to the default viewer
var truncated = false;
if (content == null)
{
isBinary = FileHelper.IsBinaryFile(file.Name);
if (isBinary)
{
content = Resources.UnsupportedFormatMessage;
}
else
{
content = ReadFileContent(file, out truncated);
}
}
long size = -1;
IReadOnlyList <AuthenticodeSignature> sigs;
SignatureCheckResult isValidSig;
{
// note: later, throught binding converter, SigningCertificate's CN value is extracted through native api
if (AppCompat.IsSupported(RuntimeFeature.Cryptography, RuntimeFeature.NativeMethods))
{
using var stream = file.GetStream();
using var tempFile = new TemporaryFile(stream, Path.GetExtension(file.Name));
var extractor = new FileInspector(tempFile.FileName);
sigs = extractor.GetSignatures().ToList();
isValidSig = extractor.Validate();
size = tempFile.Length;
}
else
{
using var stream = StreamUtility.MakeSeekable(file.GetStream(), disposeOriginal: true);
var peFile = new PeFile(stream);
var certificate = CryptoUtility.GetSigningCertificate(peFile);
if (certificate is not null)
{
sigs = new List <AuthenticodeSignature>(0);
isValidSig = SignatureCheckResult.UnknownProvider;
}
else
{
sigs = new List <AuthenticodeSignature>(0);
isValidSig = SignatureCheckResult.NoSignature;
}
size = peFile.FileSize;
}
}
var fileInfo = new FileContentInfo(
file,
file.Path,
content,
!isBinary,
size,
truncated,
sigs,
isValidSig);
ViewModel.ShowFile(fileInfo);
}
