public IntPtr pSignatureSettings; // WINTRUST_SIGNATURE_SETTINGS* public Win8TrustData(WinTrustFileInfo fileInfo, WINTRUST_SIGNATURE_SETTINGS signatureSettings) { this.StructSize = (uint)Marshal.SizeOf(typeof(Win8TrustData)); this.pFile = new FileInfoSafeHandle(fileInfo); this.pSignatureSettings = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(WINTRUST_SIGNATURE_SETTINGS))); Marshal.StructureToPtr(signatureSettings, this.pSignatureSettings, false); }
/// <summary> /// Helper method to verify that published mp, mpb, or cabinet files have a valid authenticode signature /// </summary> /// <param name="filePath">Path to the file to check the signature on.</param> /// <returns>WinTrustData object</returns> private static WinTrustData VerifyFileAuthenticodeSignatureHelper(string filePath, Tracing trace) { WinTrustData trustData = null; WinTrustFileInfo fileInfo = new WinTrustFileInfo(filePath); WINTRUST_SIGNATURE_SETTINGS signatureSettings = null; WinVerifyTrustResult result; if (Utility.IsWin8OrAbove()) { // On Windows 8 and above we have the APIs to enforce stronger checks const string szOID_CERT_STRONG_SIGN_OS_1 = "1.3.6.1.4.1.311.72.1.1"; //this specifies to enforce SHA-2 based hashes and other strong key requirements signatureSettings = new WINTRUST_SIGNATURE_SETTINGS(new CERT_STRONG_SIGN_PARA(szOID_CERT_STRONG_SIGN_OS_1)); trustData = new Win8TrustData(fileInfo, signatureSettings); } else { // no signature settings trustData = new WinTrustData(filePath); } try { result = UnsafeNativeMethods.WinVerifyTrust( IntPtr.Zero, UnsafeNativeMethods.WINTRUST_ACTION_GENERIC_VERIFY_V2, trustData); if (result == WinVerifyTrustResult.FileNotSigned) { throw new VerificationException(string.Format(CultureInfo.CurrentCulture, "File {0} does not have a valid authenticode signature.", filePath)); } else if (result != WinVerifyTrustResult.Success) { var winTrustResultErrorString = String.Format("{0} ({1})", GetVerboseWinVerifyTrustResultErrorString(result), ConvertWinVerifyTrustResultToHex(result)); throw new VerificationException(string.Format(CultureInfo.CurrentCulture, "WinVerifyTrustWrapper on file {0} failed with unexpected error: {1}", filePath, winTrustResultErrorString)); } } catch (Exception ex) { trace.Error(String.Format("Error occurred while calling WinVerifyTrust: {0}", ex)); // free all objects (trustData and signatureSettings) if (signatureSettings != null) { signatureSettings.Dispose(); } trustData.Dispose(); throw; } trace.Info(String.Format("File {0} has a valid authenticode signature.", filePath)); // only free signatureSettings if (signatureSettings != null) { signatureSettings.Dispose(); // zero out the psignature pointer in trustData to be safe Marshal.FreeHGlobal(((Win8TrustData)trustData).pSignatureSettings); ((Win8TrustData)trustData).pSignatureSettings = IntPtr.Zero; } return(trustData); }
public WinTrustData(string fileName) { WinTrustFileInfo fileInfo = new WinTrustFileInfo(fileName); this.pFile = new FileInfoSafeHandle(fileInfo); }
public FileInfoSafeHandle(WinTrustFileInfo info) : base(true) { this.SetHandle(Marshal.AllocHGlobal(Marshal.SizeOf(typeof(WinTrustFileInfo)))); Marshal.StructureToPtr(info, this.handle, false); }