public void AddRuleToTable(string [] displayObjectArray, PolicyCustomRules customRule, bool warnUser)
{
// Attach the int row number we added it to
customRule.RowNumber = this.rulesDataGrid.RowCount - 1;
string action = displayObjectArray[0];
string level = displayObjectArray[1];
string name = warnUser ? "*Hash* " + displayObjectArray[2] : displayObjectArray[2];
string files = displayObjectArray[3];
string exceptions = displayObjectArray[4];
// Add to the DisplayObject
this.displayObjects.Add(new DisplayObject(action, level, name, files, exceptions));
this.rulesDataGrid.RowCount += 1;
// Add custom list to RulesList
this.Policy.CustomRules.Add(customRule);
// Scroll to bottom to see new rule added to list
this.rulesDataGrid.FirstDisplayedScrollingRowIndex = this.rulesDataGrid.RowCount - 1;
bubbleUp();
// close the custom Rule Conditions Panel
this.customRuleConditionsPanel.Close();
this.customRuleConditionsPanel = null;
// this.label_AddCustomRules.Text = "+ Custom Rules";
}
public Exceptions_Control(CustomRuleConditionsPanel pRuleConditionsPanel)
{
InitializeComponent();
this.ExceptionRule = new PolicyCustomRules();
this.Log = pRuleConditionsPanel.Log;
this.CustomRule = pRuleConditionsPanel.PolicyCustomRule;
this.ConditionsPanel = pRuleConditionsPanel;
}
public string CreateCustomRuleScript(PolicyCustomRules customRule)
{
string customRuleScript = string.Empty;
// Create new CI Rule: https://docs.microsoft.com/en-us/powershell/module/configci/new-cipolicyrule
switch (customRule.GetRuleType())
{
case PolicyCustomRules.RuleType.Publisher:
{
customRuleScript = String.Format("$Rule_{0} = New-CIPolicyRule -Level {1} -DriverFilePath \'{2}\'" +
" -Fallback Hash", customRule.PSVariable, customRule.GetRuleLevel(), customRule.ReferenceFile);
}
break;
case PolicyCustomRules.RuleType.FilePath:
{
customRuleScript = String.Format("$Rule_{0} = New-CIPolicyRule -Level FilePath -DriverFilePath \"{1}\"" +
" -Fallback Hash -UserWriteablePaths", customRule.PSVariable, customRule.ReferenceFile); // -UserWriteablePaths allows all paths (userWriteable and non) to be added as filepath rules
}
break;
case PolicyCustomRules.RuleType.Folder:
{
// Check if part of the folder path can be replaced with an env variable eg. %OSDRIVE% == "C:\"
if (customRule.GetRuleType() == PolicyCustomRules.RuleType.FilePath && Properties.Settings.Default.useEnvVars)
{
customRuleScript = String.Format("$Rule_{0} = New-CIPolicyRule -FilePathRule \"{1}\"", customRule.PSVariable, Helper.GetEnvPath(customRule.ReferenceFile));
}
else
{
customRuleScript = String.Format("$Rule_{0} = New-CIPolicyRule -FilePathRule \"{1}\"", customRule.PSVariable, customRule.ReferenceFile);
}
}
break;
case PolicyCustomRules.RuleType.FileAttributes:
{
customRuleScript = String.Format("$Rule_{0} = New-CIPolicyRule -Level FileName -SpecificFileNameLevel {1} -DriverFilePath \"{2}\" " +
"-Fallback Hash", customRule.PSVariable, customRule.GetRuleLevel(), customRule.ReferenceFile);
}
break;
case PolicyCustomRules.RuleType.Hash:
{
customRuleScript = String.Format("$Rule_{0} = New-CIPolicyRule -Level {1} -DriverFilePath \"{2}\" ", customRule.PSVariable, customRule.GetRuleLevel(), customRule.ReferenceFile);
}
break;
}
// If this is a deny rule, append the Deny switch
if (customRule.GetRulePermission() == PolicyCustomRules.RulePermission.Deny)
{
customRuleScript += " -Deny";
}
return(customRuleScript);
}
// Methods
public void AddException(PolicyCustomRules.RuleType type, PolicyCustomRules.RuleLevel level, Dictionary <string, string> fileInfo, string refFile)
{
PolicyCustomRules ruleException = new PolicyCustomRules();
ruleException.Type = type;
ruleException.Level = level;
ruleException.FileInfo = fileInfo;
ruleException.ReferenceFile = refFile;
this.ExceptionList.Add(ruleException);
}
public void AddException(PolicyCustomRules ruleException)
{
if (ruleException.Type != PolicyCustomRules.RuleType.None || ruleException.Level != PolicyCustomRules.RuleLevel.None ||
ruleException.FileInfo != null || ruleException.ReferenceFile != null)
{
this.ExceptionList.Add(ruleException);
}
else
{
// Log error or something
}
}
/// <summary>
/// Creates a unique CI Policy file per custom rule defined in the SigningRules_Control. Writes to a unique filepath.
/// </summary>
public string CreatePolicyScript(PolicyCustomRules customRule, string tempPolicyPath)
{
string policyScript;
if (this.Policy._Format == WDAC_Policy.Format.MultiPolicy)
{
policyScript = String.Format("New-CIPolicy -MultiplePolicyFormat -FilePath \"{0}\" -Rules $Rule_{1}", tempPolicyPath, customRule.PSVariable);
}
else
{
policyScript = String.Format("New-CIPolicy -FilePath \"{0}\" -Rules $Rule_{1}", tempPolicyPath, customRule.PSVariable);
}
return(policyScript);
}
// Triggered by Add Exception button click on custom rule conditions panel.
// Add exception to the exception table
public void AddException()
{
//Set ExceptionRule.Level to opposite of the PolicyCustomRule.Level
if (this.CustomRule.Permission == PolicyCustomRules.RulePermission.Allow)
{
this.ExceptionRule.Permission = PolicyCustomRules.RulePermission.Deny;
}
else
{
this.ExceptionRule.Permission = PolicyCustomRules.RulePermission.Allow;
}
// Check that fields are valid, otherwise break and show error msg
if (this.ExceptionRule == null || this.ExceptionRule.ReferenceFile == null ||
this.ExceptionRule.Level == PolicyCustomRules.RuleLevel.None)
{
this.ConditionsPanel.SetLabel_ErrorText("Invalid exception selection. Please select a level and reference file");
return;
}
// Add the exception to the custom rule and table
this.CustomRule.AddException(this.ExceptionRule);
// New Display object
DisplayObject displayObject = new DisplayObject();
displayObject.Action = this.ExceptionRule.Permission.ToString();
displayObject.Level = this.ExceptionRule.Level.ToString();
displayObject.Name = Path.GetFileName(this.ExceptionRule.ReferenceFile.ToString());
this.displayObjects.Add(displayObject);
this.dataGridView_Exceptions.RowCount += 1;
// Scroll to bottom to see new rule added to list
this.dataGridView_Exceptions.FirstDisplayedScrollingRowIndex = this.dataGridView_Exceptions.RowCount - 1;
this.ExceptionRule = new PolicyCustomRules();
// Reset the UI
ClearCustomRulesPanel(true);
}
// Dump all of the package family names for the custom rules table
public static string GetListofPackages(PolicyCustomRules policyCustomRule)
{
string output = String.Empty;
if (policyCustomRule.PackagedFamilyNames == null)
{
return(String.Empty);
}
if (policyCustomRule.PackagedFamilyNames.Count == 0)
{
return(String.Empty);
}
foreach (var package in policyCustomRule.PackagedFamilyNames)
{
output += String.Format("{0}, ", package);
}
output = output.Substring(0, output.Length - 2); // Trim off trailing whitespace and comma
return(output);
}
private List <string> ConvertDriverFilestoXml(List <DriverFile> driverFiles)
{
List <string> policyPaths = new List <string>();
for (int i = 0; i < driverFiles.Count(); i++)
{
var file = driverFiles[i];
string tmpPolicyPath = Helper.GetUniquePolicyPath(this._MainWindow.TempFolderPath);
PolicyCustomRules customRule = new PolicyCustomRules();
customRule.ReferenceFile = file.Path;
switch ((int)this.SelectedLevel)
{
case 0:
customRule.Type = PolicyCustomRules.RuleType.Publisher;
customRule.Level = PolicyCustomRules.RuleLevel.RootCertificate;
break;
case 1:
customRule.Type = PolicyCustomRules.RuleType.Publisher;
customRule.Level = PolicyCustomRules.RuleLevel.PcaCertificate;
break;
case 2:
customRule.Type = PolicyCustomRules.RuleType.Publisher;
customRule.Level = PolicyCustomRules.RuleLevel.Publisher;
break;
case 3:
customRule.Type = PolicyCustomRules.RuleType.Publisher;
customRule.Level = PolicyCustomRules.RuleLevel.SignedVersion;
break;
case 4:
customRule.Type = PolicyCustomRules.RuleType.Publisher;
customRule.Level = PolicyCustomRules.RuleLevel.FilePublisher;
break;
case 5:
customRule.Type = PolicyCustomRules.RuleType.FilePath;
customRule.Level = PolicyCustomRules.RuleLevel.FilePath;
break;
case 6:
customRule.Type = PolicyCustomRules.RuleType.Hash;
customRule.Level = PolicyCustomRules.RuleLevel.Hash;
break;
}
customRule.Permission = PolicyCustomRules.RulePermission.Allow;
customRule.PSVariable = i.ToString();
string ruleScript = CreateCustomRuleScript(customRule);
string policyScript = CreatePolicyScript(customRule, tmpPolicyPath);
// Add script to pipeline and run PS command
Pipeline pipeline = this.runspace.CreatePipeline();
pipeline.Commands.AddScript(ruleScript);
pipeline.Commands.AddScript(policyScript);
// Update progress bar per completion of custom rule created
double prog = Math.Ceiling((double)i / (double)driverFiles.Count * (double)100);
this.backgroundWorker.ReportProgress((int)prog);
try
{
Collection <PSObject> results = pipeline.Invoke();
policyPaths.Add(tmpPolicyPath);
}
catch (Exception exp)
{
this.Log.AddErrorMsg("CreatePolicyFileRuleOptions() caught the following exception ", exp);
}
pipeline.Dispose();
}
return(policyPaths);
}
private void button_CreateException_Click(object sender, EventArgs e)
{
// Add the exception to the table
this.CustomRule.AddException(this.ExceptionRule);
this.ExceptionRule = null;
}
