private static uint GetWinTrustData(string fileName, out NativeStructs.WINTRUST_DATA wtData) { uint num1 = 2147500037U; IntPtr num2 = IntPtr.Zero; IntPtr num3 = IntPtr.Zero; Guid guid = new Guid("00AAC56B-CD44-11d0-8CC2-00C04FC295EE"); try { num2 = Marshal.AllocCoTaskMem(Marshal.SizeOf((object)guid)); Marshal.StructureToPtr((object)guid, num2, false); //NativeStructs.WINTRUST_DATA wintrustData = fileContent != null ? WINTRUST.InitWintrustDataStructFromBlob(WINTRUST.InitWintrustBlobInfoStruct(fileName, fileContent)) : WINTRUST.InitWintrustDataStructFromFile(WINTRUST.InitWintrustFileInfoStruct(fileName)); NativeStructs.WINTRUST_DATA wintrustData = WINTRUST.InitWintrustDataStructFromFile(WINTRUST.InitWintrustFileInfoStruct(fileName)); num3 = Marshal.AllocCoTaskMem(Marshal.SizeOf((object)wintrustData)); Marshal.StructureToPtr((object)wintrustData, num3, false); num1 = WINTRUST.WinVerifyTrust(new IntPtr(-1), num2, num3); wtData = (NativeStructs.WINTRUST_DATA)Marshal.PtrToStructure(num3, typeof(NativeStructs.WINTRUST_DATA)); } finally { Marshal.DestroyStructure(num2, typeof(Guid)); Marshal.FreeCoTaskMem(num2); Marshal.DestroyStructure(num3, typeof(NativeStructs.WINTRUST_DATA)); Marshal.FreeCoTaskMem(num3); } return(num1); }
public static NativeStructs.WINTRUST_DATA InitWintrustDataStructFromFile(NativeStructs.WINTRUST_FILE_INFO wfi) { NativeStructs.WINTRUST_DATA wintrustData = new NativeStructs.WINTRUST_DATA(); wintrustData.cbStruct = (uint)Marshal.SizeOf((object)wintrustData); wintrustData.pPolicyCallbackData = IntPtr.Zero; wintrustData.pSIPClientData = IntPtr.Zero; wintrustData.dwUIChoice = 2U; wintrustData.fdwRevocationChecks = 0U; wintrustData.dwUnionChoice = 1U; IntPtr ptr = Marshal.AllocCoTaskMem(Marshal.SizeOf((object)wfi)); Marshal.StructureToPtr((object)wfi, ptr, false); wintrustData.Choice.pFile = ptr; wintrustData.dwStateAction = 1U; wintrustData.hWVTStateData = IntPtr.Zero; wintrustData.pwszURLReference = (string)null; wintrustData.dwProvFlags = 0U; return(wintrustData); }
public static uint DestroyWintrustDataStruct(NativeStructs.WINTRUST_DATA wtd) { uint num1 = 2147500037U; IntPtr num2 = IntPtr.Zero; IntPtr num3 = IntPtr.Zero; Guid guid = new Guid("00AAC56B-CD44-11d0-8CC2-00C04FC295EE"); try { num2 = Marshal.AllocCoTaskMem(Marshal.SizeOf((object)guid)); Marshal.StructureToPtr((object)guid, num2, false); wtd.dwStateAction = 2U; num3 = Marshal.AllocCoTaskMem(Marshal.SizeOf((object)wtd)); Marshal.StructureToPtr((object)wtd, num3, false); num1 = WINTRUST.WinVerifyTrust(IntPtr.Zero, num2, num3); wtd = (NativeStructs.WINTRUST_DATA)Marshal.PtrToStructure(num3, typeof(NativeStructs.WINTRUST_DATA)); } finally { Marshal.DestroyStructure(num3, typeof(NativeStructs.WINTRUST_DATA)); Marshal.FreeCoTaskMem(num3); Marshal.DestroyStructure(num2, typeof(Guid)); Marshal.FreeCoTaskMem(num2); } if ((int)wtd.dwUnionChoice == 3) { Marshal.FreeCoTaskMem(((NativeStructs.WINTRUST_BLOB_INFO)Marshal.PtrToStructure(wtd.Choice.pBlob, typeof(NativeStructs.WINTRUST_BLOB_INFO))).pbMemObject); Marshal.DestroyStructure(wtd.Choice.pBlob, typeof(NativeStructs.WINTRUST_BLOB_INFO)); Marshal.FreeCoTaskMem(wtd.Choice.pBlob); } else { Marshal.DestroyStructure(wtd.Choice.pFile, typeof(NativeStructs.WINTRUST_FILE_INFO)); Marshal.FreeCoTaskMem(wtd.Choice.pFile); } return(num1); }
private static System.Management.Automation.Signature GetSignatureFromWintrustData(string filePath, uint error, NativeStructs.WINTRUST_DATA wtd) { System.Management.Automation.Signature signature = (System.Management.Automation.Signature)null; X509Certificate2 timestamper = (X509Certificate2)null; IntPtr pProvData = WINTRUST.WTHelperProvDataFromStateData(wtd.hWVTStateData); if (pProvData != IntPtr.Zero) { IntPtr provSignerFromChain = WINTRUST.WTHelperGetProvSignerFromChain(pProvData, 0U, 0U, 0U); if (provSignerFromChain != IntPtr.Zero) { X509Certificate2 certFromChain = SignatureHelper.GetCertFromChain(provSignerFromChain); if (certFromChain != null) { NativeStructs.CRYPT_PROVIDER_SGNR cryptProviderSgnr = (NativeStructs.CRYPT_PROVIDER_SGNR)Marshal.PtrToStructure(provSignerFromChain, typeof(NativeStructs.CRYPT_PROVIDER_SGNR)); if ((int)cryptProviderSgnr.csCounterSigners == 1) { timestamper = SignatureHelper.GetCertFromChain(cryptProviderSgnr.pasCounterSigners); } signature = timestamper == null?SignatureProxy.GenerateSignature(filePath, error, certFromChain) : SignatureProxy.GenerateSignature(filePath, error, certFromChain, timestamper); } } } if (signature == null && (int)error != 0) { signature = SignatureProxy.GenerateSignature(filePath, error); } return(signature); }