Page 2 of 3

Posted: Tue Dec 16, 2008 9:01 pm
by freak
Two things:

1) handles are also pointers. They need to have the .i type
2) every pointer sized value needs to be aligned at 8byte bounds. So extra members need to be added to ensure that.

Something like this:

Code: Select all

Structure WINTRUST_DATA
 
   cbStruct.l
   _align1.l
   *pPolicyCallbackData.l
   *pSIPClientData.l
   dwUIChoice.l
   fdwRevocationChecks.l
   dwUnionChoice.l
   _align2.l
 
   StructureUnion
      *pFile.WINTRUST_FILE_INFO
      *pCatalog.WINTRUST_CATALOG_INFO
      *pBlob.WINTRUST_BLOB_INFO
      *pSgnr.WINTRUST_SGNR_INFO
      *pCert.WINTRUST_CERT_INFO
   EndStructureUnion
 
   dwStateAction.l
   _align3.l
   hWVTStateData.i
   *pwszURLReference.l
   dwProvFlags.l
   dwUIContext.l
 
EndStructure
 
Structure WINTRUST_FILE_INFO
  cbStruct.l
  _align1.l
  *pcwszFilePath.l
  hFile.i
  *pgKnownSubject.l
EndStructure

Posted: Tue Dec 16, 2008 9:07 pm
by Pupil
Also find this line in "wintrust.pb4" and change the type of the variable 'gAction' to .i type.

Code: Select all

Define.l gAction 			= ?WINTRUST_ACTION_GENERIC_VERIFY_V2

Posted: Tue Dec 16, 2008 9:10 pm
by Thunder93
Wow! Almost fully functional under x64.

Trusted -> moviethumb.exe
Trusted -> npPicasa3.dll
Trusted -> Picasa3.exe
Trusted -> PicasaPhotoViewer.exe
Trusted -> PicasaUpdater.exe
-> qtsupport.dll
Trusted -> setup.exe
-> Uninstall.exe



Under x86, I'm getting (Unknown Application) - Security Warning dialog appearing upon executing

Posted: Tue Dec 16, 2008 9:13 pm
by Thunder93
Under x64, I guess it needs to be aligned little more to fix to retrieve the Not signed ->

Posted: Tue Dec 16, 2008 10:46 pm
by Thunder93
I changed the Wintrust constants #TRUST_E_* values with decimal values instead, and is working now fully under x64. It's not working under x86 since the structure changes, it'll bring up Windows Vista - (Unknown Application) - Security Warning dialog...

Posted: Tue Dec 16, 2008 11:00 pm
by freak
> It's not working under x86 since the structure changes

Of course. The alignment entries are for x64 only.

Posted: Tue Dec 16, 2008 11:20 pm
by Thunder93
Thanks freak.

Oh, is there anyway to have the alignment entries enabled only under x64? or do I have to work between the two sets of structures?

Posted: Tue Dec 16, 2008 11:22 pm
by freak

Code: Select all

CompilerIf #PB_Compiler_Processor = #PB_Processor_x64
  ; x64 only
CompilerEndIf
I was just too lazy to add that for every alignment field ;)

Posted: Tue Dec 16, 2008 11:24 pm
by Thunder93
LOL!, Thanks freak! Much appreciated, for your time on this matter. :D

Re: Verifty Digital Signatures with PB?

Posted: Sat Jan 30, 2010 3:56 pm
by peterb
Hi, can someone please publish the code for Verify Digital Signatures? Links from user dagcrack are dead.

Thanks, Petr

Re: Verifty Digital Signatures with PB?

Posted: Fri Nov 12, 2010 3:47 pm
by DoubleDutch
+1 to publishing the code that works on x86 and x64 - on the forum - not as a link...

Re: Verifty Digital Signatures with PB?

Posted: Sat Aug 06, 2011 4:24 pm
by jassing
I've been trying to figure out how to check the owner/publisher/name of the signer... any ideas?

Re: Verifty Digital Signatures with PB?

Posted: Sat Aug 06, 2011 5:51 pm
by DoubleDutch
That would be useful.

Re: Verifty Digital Signatures with PB?

Posted: Wed Jun 17, 2015 4:29 pm
by Kukulkan
Is anyone having a working version of this for recent PB version and working on 32/64 bit? I really need this but I can't get the codes above to work as structures and pointers seem to be not translated very well...

Re: Verifty Digital Signatures with PB?

Posted: Wed Jun 17, 2015 6:21 pm
by Thunder93
Version that supports PureBasic 5.31 x86 and x64


pb-wintrust_test.pb

Code: Select all

;pb/wintrust_test.pb4 - gushh.net 
;!Author: Gustavo J. Fiorenza (aim: gushhfx)
;!Date: 15/07/2008 - Rev: 1
;!Comments: Test code for wintrust.pb4
;!License: Bananas.

XIncludeFile "wintrust.pb"

Procedure.s TrustStatus( ReturnCode.l )
  Select ReturnCode
    Case #ERROR_SUCCESS
      ProcedureReturn "Trusted"
    Case #TRUST_E_PROVIDER_UNKNOWN
      ProcedureReturn "Provider Unknown"
    Case #TRUST_E_SUBJECT_FORM_UNKNOWN
      ProcedureReturn "Form Unknown"
    Case #TRUST_E_SUBJECT_NOT_TRUSTED
      ProcedureReturn "Not Trusted"
    Case #TRUST_E_NOSIGNATURE
      ProcedureReturn "Not signed"
  EndSelect
EndProcedure

Define.s szPath	= "C:\Program Files\Internet Explorer\" ; You may wanna change this path to a valid one!
If ExamineDirectory(0, szPath, "*.*")  
  While NextDirectoryEntry(0)
    If DirectoryEntryType(0) = #PB_DirectoryEntry_File
      Define.s szFile			= DirectoryEntryName(0)
      Define.l ReturnCode 		= VerifyFile( szPath + szFile )
      Debug TrustStatus(ReturnCode) + " -> " + szFile
    EndIf
  Wend
  FinishDirectory(0)
EndIf

Define.s szFile = "C:\Program Files\Internet Explorer\iexplore.exe"
Debug #CRLF$+" ...  "+TrustStatus(VerifyFile( szFile )) + " -> " + GetFilePart(szFile)

wintrust.pb

Code: Select all

;pb/wintrust.pb4 - gushh.net 
;!Author: Gustavo J. Fiorenza (aim: gushhfx)
;!Date: 15/07/2008 - Rev: 1
;!Comments: Ported from C, unknown original author (probably Microsoft?).
;!License: Bananas.

XIncludeFile "wintrust.pbi"

; 		#CP_UTF8 						= 65001
; 		#MB_ERR_INVALID_CHARS 			= $00000008

Procedure.l VerifyFile( Filename.s )
  
  Define.l WindowsMajorVersion 	= (LOBYTE(LOWORD(GetVersion_())))
  
  If(WindowsMajorVersion < 5)
    ProcedureReturn 2;
  EndIf
  
  Define.WINTRUST_DATA 		WinTD
  Define.WINTRUST_FILE_INFO 	wf
  
  Define.i gAction 			= ?WINTRUST_ACTION_GENERIC_VERIFY_V2
  Define.s wszPath 			= Space(#MAX_PATH*2)
  
  PokeS( @wszPath, FileName, Len(FileName)+1, #PB_Unicode )  
  
  With wf
    \cbStruct 			= SizeOf(WINTRUST_FILE_INFO)
    \hFile 				= #Null
    \pcwszFilePath 			= @wszPath
  EndWith
  
  With WinTD
    \cbStruct 			= SizeOf(WINTRUST_DATA)
    \dwUIChoice 			= #WTD_UI_NONE
    \dwUnionChoice 			= #WTD_CHOICE_FILE
    \fdwRevocationChecks 		= #WTD_REVOKE_NONE
    \pFile 				= wf
    \dwStateAction 			= #WTD_STATEACTION_IGNORE
    \dwProvFlags 			= #WTD_HASH_ONLY_FLAG | #WTD_REVOCATION_CHECK_NONE
  EndWith
  
  ProcedureReturn WinVerifyTrust_( 0, gAction, WinTD )
  
EndProcedure


;###
; in the event of malfunction, replace the PokeS(); line with:
;			MultiByteToWideChar_(#CP_UTF8, #MB_ERR_INVALID_CHARS, Filename, Len(Filename)+1, wszPath, Len(wszPath))
;	Right, you'll also need to define this constants:
; 		#CP_UTF8 						= 65001
;		#MB_ERR_INVALID_CHARS 			= $00000008
;###

wintrust.pbi

Code: Select all

;pb/wintrust.pb4i - gushh.net 
;!Author: Gustavo J. Fiorenza (aim: gushhfx)
;!Date: 15/07/2008 - Rev: 1
;!Comments: header of wintrust.pb4
;!License: Bananas.

#WTD_UI_NONE 					= 2
#WTD_CHOICE_FILE 				= 1
#WTD_REVOKE_NONE 				= 0
#WTD_STATEACTION_IGNORE 			= 0
#WTD_HASH_ONLY_FLAG 				= $00000200
#WTD_REVOCATION_CHECK_NONE			= $00000010


; #ERROR_SUCCESS   = 0

#TRUST_E_PROVIDER_UNKNOWN 			= -2146762751
#TRUST_E_ACTION_UNKNOWN				= -2146762750
#TRUST_E_SUBJECT_FORM_UNKNOWN			= -2146762749
#TRUST_E_SUBJECT_NOT_TRUSTED			= -2146762748
#TRUST_E_NOSIGNATURE				= -2146762496


Macro LOWORD( word ) 	: ( word & $FFFF ) 	: EndMacro
Macro LOBYTE( byte ) 	: ( byte & $FF ) 	: EndMacro

;### Thanks Trond!
Macro GUID(name, l1, w1, w2, b1b2, brest)
  DataSection
    name:
    Data.l $l1
    Data.w $w1, $w2
    Data.b $b1b2 >> 8, $b1b2 & $FF
    Data.b $brest >> 40 & $FF
    Data.b $brest >> 32 & $FF
    Data.b $brest >> 24 & $FF
    Data.b $brest >> 16 & $FF
    Data.b $brest >> 8 & $FF
    Data.b $brest & $FF
  EndDataSection
EndMacro

GUID(WINTRUST_ACTION_GENERIC_VERIFY_V2, 00AAC56B, CD44, 11D0, 8CC2, 00C04FC295EE)

;###

Structure WINTRUST_DATA  
  cbStruct.l
  CompilerIf #PB_Compiler_Processor = #PB_Processor_x64
    _align1.l
  CompilerEndIf   
  *pPolicyCallbackData   ;.l
  *pSIPClientData        ;.l 
  dwUIChoice.l
  fdwRevocationChecks.l 
  dwUnionChoice.l
  CompilerIf #PB_Compiler_Processor = #PB_Processor_x64   
    _align2.l
  CompilerEndIf
  
  StructureUnion 
    *pFile.WINTRUST_FILE_INFO 
    *pCatalog.WINTRUST_CATALOG_INFO 
    *pBlob.WINTRUST_BLOB_INFO 
    *pSgnr.WINTRUST_SGNR_INFO 
    *pCert.WINTRUST_CERT_INFO 
  EndStructureUnion 
  
  dwStateAction.l
  CompilerIf #PB_Compiler_Processor = #PB_Processor_x64   
    _align3.l
  CompilerEndIf
  hWVTStateData.i 
  *pwszURLReference   ;.l 
  dwProvFlags.l 
  dwUIContext.l 
  
EndStructure 

Structure WINTRUST_FILE_INFO 
  cbStruct.l
  CompilerIf #PB_Compiler_Processor = #PB_Processor_x64 
    align1.l
  CompilerEndIf
  *pcwszFilePath   ;.l 
  hFile.i
  *pgKnownSubject   ;.l 
EndStructure