Page 2 of 3
Posted: Tue Dec 16, 2008 9:01 pm
by freak
Two things:
1) handles are also pointers. They need to have the .i type
2) every pointer sized value needs to be aligned at 8byte bounds. So extra members need to be added to ensure that.
Something like this:
Code: Select all
Structure WINTRUST_DATA
cbStruct.l
_align1.l
*pPolicyCallbackData.l
*pSIPClientData.l
dwUIChoice.l
fdwRevocationChecks.l
dwUnionChoice.l
_align2.l
StructureUnion
*pFile.WINTRUST_FILE_INFO
*pCatalog.WINTRUST_CATALOG_INFO
*pBlob.WINTRUST_BLOB_INFO
*pSgnr.WINTRUST_SGNR_INFO
*pCert.WINTRUST_CERT_INFO
EndStructureUnion
dwStateAction.l
_align3.l
hWVTStateData.i
*pwszURLReference.l
dwProvFlags.l
dwUIContext.l
EndStructure
Structure WINTRUST_FILE_INFO
cbStruct.l
_align1.l
*pcwszFilePath.l
hFile.i
*pgKnownSubject.l
EndStructure
Posted: Tue Dec 16, 2008 9:07 pm
by Pupil
Also find this line in "wintrust.pb4" and change the type of the variable 'gAction' to .i type.
Code: Select all
Define.l gAction = ?WINTRUST_ACTION_GENERIC_VERIFY_V2
Posted: Tue Dec 16, 2008 9:10 pm
by Thunder93
Wow! Almost fully functional under x64.
Trusted -> moviethumb.exe
Trusted -> npPicasa3.dll
Trusted -> Picasa3.exe
Trusted -> PicasaPhotoViewer.exe
Trusted -> PicasaUpdater.exe
-> qtsupport.dll
Trusted -> setup.exe
-> Uninstall.exe
Under x86, I'm getting (Unknown Application) - Security Warning dialog appearing upon executing
Posted: Tue Dec 16, 2008 9:13 pm
by Thunder93
Under x64, I guess it needs to be aligned little more to fix to retrieve the Not signed ->
Posted: Tue Dec 16, 2008 10:46 pm
by Thunder93
I changed the Wintrust constants #TRUST_E_* values with decimal values instead, and is working now fully under x64. It's not working under x86 since the structure changes, it'll bring up Windows Vista - (Unknown Application) - Security Warning dialog...
Posted: Tue Dec 16, 2008 11:00 pm
by freak
> It's not working under x86 since the structure changes
Of course. The alignment entries are for x64 only.
Posted: Tue Dec 16, 2008 11:20 pm
by Thunder93
Thanks freak.
Oh, is there anyway to have the alignment entries enabled only under x64? or do I have to work between the two sets of structures?
Posted: Tue Dec 16, 2008 11:22 pm
by freak
Code: Select all
CompilerIf #PB_Compiler_Processor = #PB_Processor_x64
; x64 only
CompilerEndIf
I was just too lazy to add that for every alignment field
Posted: Tue Dec 16, 2008 11:24 pm
by Thunder93
LOL!, Thanks freak! Much appreciated, for your time on this matter.
Re: Verifty Digital Signatures with PB?
Posted: Sat Jan 30, 2010 3:56 pm
by peterb
Hi, can someone please publish the code for Verify Digital Signatures? Links from user dagcrack are dead.
Thanks, Petr
Re: Verifty Digital Signatures with PB?
Posted: Fri Nov 12, 2010 3:47 pm
by DoubleDutch
+1 to publishing the code that works on x86 and x64 - on the forum - not as a link...
Re: Verifty Digital Signatures with PB?
Posted: Sat Aug 06, 2011 4:24 pm
by jassing
I've been trying to figure out how to check the owner/publisher/name of the signer... any ideas?
Re: Verifty Digital Signatures with PB?
Posted: Sat Aug 06, 2011 5:51 pm
by DoubleDutch
That would be useful.
Re: Verifty Digital Signatures with PB?
Posted: Wed Jun 17, 2015 4:29 pm
by Kukulkan
Is anyone having a working version of this for recent PB version and working on 32/64 bit? I really need this but I can't get the codes above to work as structures and pointers seem to be not translated very well...
Re: Verifty Digital Signatures with PB?
Posted: Wed Jun 17, 2015 6:21 pm
by Thunder93
Version that supports PureBasic 5.31 x86 and x64
pb-wintrust_test.pb
Code: Select all
;pb/wintrust_test.pb4 - gushh.net
;!Author: Gustavo J. Fiorenza (aim: gushhfx)
;!Date: 15/07/2008 - Rev: 1
;!Comments: Test code for wintrust.pb4
;!License: Bananas.
XIncludeFile "wintrust.pb"
Procedure.s TrustStatus( ReturnCode.l )
Select ReturnCode
Case #ERROR_SUCCESS
ProcedureReturn "Trusted"
Case #TRUST_E_PROVIDER_UNKNOWN
ProcedureReturn "Provider Unknown"
Case #TRUST_E_SUBJECT_FORM_UNKNOWN
ProcedureReturn "Form Unknown"
Case #TRUST_E_SUBJECT_NOT_TRUSTED
ProcedureReturn "Not Trusted"
Case #TRUST_E_NOSIGNATURE
ProcedureReturn "Not signed"
EndSelect
EndProcedure
Define.s szPath = "C:\Program Files\Internet Explorer\" ; You may wanna change this path to a valid one!
If ExamineDirectory(0, szPath, "*.*")
While NextDirectoryEntry(0)
If DirectoryEntryType(0) = #PB_DirectoryEntry_File
Define.s szFile = DirectoryEntryName(0)
Define.l ReturnCode = VerifyFile( szPath + szFile )
Debug TrustStatus(ReturnCode) + " -> " + szFile
EndIf
Wend
FinishDirectory(0)
EndIf
Define.s szFile = "C:\Program Files\Internet Explorer\iexplore.exe"
Debug #CRLF$+" ... "+TrustStatus(VerifyFile( szFile )) + " -> " + GetFilePart(szFile)
wintrust.pb
Code: Select all
;pb/wintrust.pb4 - gushh.net
;!Author: Gustavo J. Fiorenza (aim: gushhfx)
;!Date: 15/07/2008 - Rev: 1
;!Comments: Ported from C, unknown original author (probably Microsoft?).
;!License: Bananas.
XIncludeFile "wintrust.pbi"
; #CP_UTF8 = 65001
; #MB_ERR_INVALID_CHARS = $00000008
Procedure.l VerifyFile( Filename.s )
Define.l WindowsMajorVersion = (LOBYTE(LOWORD(GetVersion_())))
If(WindowsMajorVersion < 5)
ProcedureReturn 2;
EndIf
Define.WINTRUST_DATA WinTD
Define.WINTRUST_FILE_INFO wf
Define.i gAction = ?WINTRUST_ACTION_GENERIC_VERIFY_V2
Define.s wszPath = Space(#MAX_PATH*2)
PokeS( @wszPath, FileName, Len(FileName)+1, #PB_Unicode )
With wf
\cbStruct = SizeOf(WINTRUST_FILE_INFO)
\hFile = #Null
\pcwszFilePath = @wszPath
EndWith
With WinTD
\cbStruct = SizeOf(WINTRUST_DATA)
\dwUIChoice = #WTD_UI_NONE
\dwUnionChoice = #WTD_CHOICE_FILE
\fdwRevocationChecks = #WTD_REVOKE_NONE
\pFile = wf
\dwStateAction = #WTD_STATEACTION_IGNORE
\dwProvFlags = #WTD_HASH_ONLY_FLAG | #WTD_REVOCATION_CHECK_NONE
EndWith
ProcedureReturn WinVerifyTrust_( 0, gAction, WinTD )
EndProcedure
;###
; in the event of malfunction, replace the PokeS(); line with:
; MultiByteToWideChar_(#CP_UTF8, #MB_ERR_INVALID_CHARS, Filename, Len(Filename)+1, wszPath, Len(wszPath))
; Right, you'll also need to define this constants:
; #CP_UTF8 = 65001
; #MB_ERR_INVALID_CHARS = $00000008
;###
wintrust.pbi
Code: Select all
;pb/wintrust.pb4i - gushh.net
;!Author: Gustavo J. Fiorenza (aim: gushhfx)
;!Date: 15/07/2008 - Rev: 1
;!Comments: header of wintrust.pb4
;!License: Bananas.
#WTD_UI_NONE = 2
#WTD_CHOICE_FILE = 1
#WTD_REVOKE_NONE = 0
#WTD_STATEACTION_IGNORE = 0
#WTD_HASH_ONLY_FLAG = $00000200
#WTD_REVOCATION_CHECK_NONE = $00000010
; #ERROR_SUCCESS = 0
#TRUST_E_PROVIDER_UNKNOWN = -2146762751
#TRUST_E_ACTION_UNKNOWN = -2146762750
#TRUST_E_SUBJECT_FORM_UNKNOWN = -2146762749
#TRUST_E_SUBJECT_NOT_TRUSTED = -2146762748
#TRUST_E_NOSIGNATURE = -2146762496
Macro LOWORD( word ) : ( word & $FFFF ) : EndMacro
Macro LOBYTE( byte ) : ( byte & $FF ) : EndMacro
;### Thanks Trond!
Macro GUID(name, l1, w1, w2, b1b2, brest)
DataSection
name:
Data.l $l1
Data.w $w1, $w2
Data.b $b1b2 >> 8, $b1b2 & $FF
Data.b $brest >> 40 & $FF
Data.b $brest >> 32 & $FF
Data.b $brest >> 24 & $FF
Data.b $brest >> 16 & $FF
Data.b $brest >> 8 & $FF
Data.b $brest & $FF
EndDataSection
EndMacro
GUID(WINTRUST_ACTION_GENERIC_VERIFY_V2, 00AAC56B, CD44, 11D0, 8CC2, 00C04FC295EE)
;###
Structure WINTRUST_DATA
cbStruct.l
CompilerIf #PB_Compiler_Processor = #PB_Processor_x64
_align1.l
CompilerEndIf
*pPolicyCallbackData ;.l
*pSIPClientData ;.l
dwUIChoice.l
fdwRevocationChecks.l
dwUnionChoice.l
CompilerIf #PB_Compiler_Processor = #PB_Processor_x64
_align2.l
CompilerEndIf
StructureUnion
*pFile.WINTRUST_FILE_INFO
*pCatalog.WINTRUST_CATALOG_INFO
*pBlob.WINTRUST_BLOB_INFO
*pSgnr.WINTRUST_SGNR_INFO
*pCert.WINTRUST_CERT_INFO
EndStructureUnion
dwStateAction.l
CompilerIf #PB_Compiler_Processor = #PB_Processor_x64
_align3.l
CompilerEndIf
hWVTStateData.i
*pwszURLReference ;.l
dwProvFlags.l
dwUIContext.l
EndStructure
Structure WINTRUST_FILE_INFO
cbStruct.l
CompilerIf #PB_Compiler_Processor = #PB_Processor_x64
align1.l
CompilerEndIf
*pcwszFilePath ;.l
hFile.i
*pgKnownSubject ;.l
EndStructure