Pastebin launched a little side project called VERYVIRAL.com, check it out ;-) Want more features on Pastebin? Sign Up, it's FREE!
Guest

Untitled

By: a guest on Feb 18th, 2012  |  syntax: C++  |  size: 5.29 KB  |  views: 132  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. #include "stdafx.h"
  2.  
  3. /*
  4.  * An example of file signature verification using WinTrust API
  5.  * Derived from the sample vertrust.cpp in the Platform SDK
  6.  *
  7.  * Copyright (c) 2009 Mounir IDRASSI <mounir.idrassi@idrix.fr>. All rights reserved.
  8.  *
  9.  * This program is distributed in the hope that it will be useful,
  10.  * but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  11.  * or FITNESS FOR A PARTICULAR PURPOSE.
  12.  *
  13.  */
  14.  
  15. #ifndef UNICODE
  16. #define UNICODE
  17. #endif
  18.  
  19. #ifndef _UNICODE
  20. #define _UNICODE
  21. #endif
  22.  
  23. #define _WIN32_WINNT 0x0500
  24. #define WINVER       0x0500
  25.  
  26. #include <windows.h>
  27. #include <Softpub.h>
  28. #include <Wincrypt.h>
  29. #include <tchar.h>
  30. #include <stdlib.h>
  31.  
  32. #pragma comment(lib, "Crypt32.lib")
  33. #pragma comment(lib, "Wintrust.lib")
  34.  
  35. LPTSTR GetCertificateDescription(PCCERT_CONTEXT pCertCtx)
  36. {
  37.    DWORD dwStrType;
  38.    DWORD dwCount;
  39.    LPTSTR szSubjectRDN = NULL;
  40.  
  41.    dwStrType = CERT_X500_NAME_STR;
  42.    dwCount = CertGetNameString(pCertCtx,
  43.       CERT_NAME_RDN_TYPE,
  44.       0,
  45.       &dwStrType,
  46.       NULL,
  47.       0);
  48.    if (dwCount)
  49.    {
  50.       szSubjectRDN = (LPTSTR) LocalAlloc(0, dwCount * sizeof(TCHAR));
  51.       CertGetNameString(pCertCtx,
  52.          CERT_NAME_RDN_TYPE,
  53.          0,
  54.          &dwStrType,
  55.          szSubjectRDN,
  56.          dwCount);
  57.    }
  58.  
  59.    return szSubjectRDN;
  60. }
  61.  
  62.  
  63. int _tmain(int argc, _TCHAR* argv[])
  64. {
  65.    GUID guidAction = WINTRUST_ACTION_GENERIC_VERIFY_V2;
  66.    WINTRUST_FILE_INFO sWintrustFileInfo;
  67.    WINTRUST_DATA      sWintrustData;
  68.    HRESULT            hr;
  69.  
  70.    if (argc != 2)
  71.    {
  72.       _tprintf(_T("Usage: VerifyExeSignature file_name\n"));
  73.       return -1;
  74.    }
  75.  
  76.    memset((void*)&sWintrustFileInfo, 0x00, sizeof(WINTRUST_FILE_INFO));
  77.    memset((void*)&sWintrustData, 0x00, sizeof(WINTRUST_DATA));
  78.  
  79.    sWintrustFileInfo.cbStruct = sizeof(WINTRUST_FILE_INFO);
  80.    sWintrustFileInfo.pcwszFilePath = argv[1];
  81.    sWintrustFileInfo.hFile = NULL;
  82.  
  83.    sWintrustData.cbStruct            = sizeof(WINTRUST_DATA);
  84.    sWintrustData.dwUIChoice          = WTD_UI_NONE;
  85.    sWintrustData.fdwRevocationChecks = WTD_REVOKE_NONE;
  86.    sWintrustData.dwUnionChoice       = WTD_CHOICE_FILE;
  87.    sWintrustData.pFile               = &sWintrustFileInfo;
  88.    sWintrustData.dwStateAction       = WTD_STATEACTION_VERIFY;
  89.  
  90.    hr = WinVerifyTrust((HWND)INVALID_HANDLE_VALUE, &guidAction, &sWintrustData);
  91.  
  92.    if (TRUST_E_NOSIGNATURE == hr)
  93.    {
  94.       _tprintf(_T("No signature found on the file.\n"));
  95.    }
  96.    else if (TRUST_E_BAD_DIGEST == hr)
  97.    {
  98.       _tprintf(_T("The signature of the file is invalid\n"));
  99.    }
  100.    else if (TRUST_E_PROVIDER_UNKNOWN == hr)
  101.    {
  102.       _tprintf(_T("No trust provider on this machine can verify this type of files.\n"));
  103.    }
  104.    else if (S_OK != hr)
  105.    {
  106.       _tprintf(_T("WinVerifyTrust failed with error 0x%.8X\n"), hr);
  107.    }
  108.    else
  109.    {
  110.       _tprintf(_T("File signature is OK.\n"));
  111.  
  112.       // retreive the signer certificate and display its information
  113.       CRYPT_PROVIDER_DATA const *psProvData     = NULL;
  114.       CRYPT_PROVIDER_SGNR       *psProvSigner   = NULL;
  115.       CRYPT_PROVIDER_CERT       *psProvCert     = NULL;
  116.       FILETIME                   localFt;
  117.       SYSTEMTIME                 sysTime;
  118.  
  119.       psProvData = WTHelperProvDataFromStateData(sWintrustData.hWVTStateData);
  120.       if (psProvData)
  121.       {
  122.          psProvSigner = WTHelperGetProvSignerFromChain((PCRYPT_PROVIDER_DATA)psProvData, 0 , FALSE, 0);
  123.          if (psProvSigner)
  124.          {
  125.             FileTimeToLocalFileTime(&psProvSigner->sftVerifyAsOf, &localFt);
  126.             FileTimeToSystemTime(&localFt, &sysTime);
  127.  
  128.             _tprintf(_T("Signature Date = %.2d/%.2d/%.4d at %.2d:%2.d:%.2d\n"), sysTime.wDay, sysTime.wMonth,sysTime.wYear, sysTime.wHour,sysTime.wMinute,sysTime.wSecond);
  129.  
  130.             psProvCert = WTHelperGetProvCertFromChain(psProvSigner, 0);
  131.             if (psProvCert)
  132.             {
  133.                LPTSTR szCertDesc = GetCertificateDescription(psProvCert->pCert);
  134.                if (szCertDesc)
  135.                {
  136.                   _tprintf(_T("File Signer = %s\n"), szCertDesc);
  137.                   LocalFree(szCertDesc);
  138.                }
  139.             }
  140.  
  141.             if (psProvSigner->csCounterSigners)
  142.             {
  143.                _tprintf(_T("\n"));
  144.                // Timestamp information
  145.                FileTimeToLocalFileTime(&psProvSigner->pasCounterSigners[0].sftVerifyAsOf, &localFt);
  146.                FileTimeToSystemTime(&localFt, &sysTime);
  147.  
  148.                _tprintf(_T("Timestamp Date = %.2d/%.2d/%.4d at %.2d:%2.d:%.2d\n"), sysTime.wDay, sysTime.wMonth,sysTime.wYear, sysTime.wHour,sysTime.wMinute,sysTime.wSecond);              
  149.                psProvCert = WTHelperGetProvCertFromChain(&psProvSigner->pasCounterSigners[0], 0);
  150.                if (psProvCert)
  151.                {
  152.                   LPTSTR szCertDesc = GetCertificateDescription(psProvCert->pCert);
  153.                   if (szCertDesc)
  154.                   {
  155.                      _tprintf(_T("Timestamp Signer = %s\n"), szCertDesc);
  156.                      LocalFree(szCertDesc);
  157.                   }
  158.                }
  159.             }
  160.          }
  161.       }
  162.    }
  163.    
  164.    sWintrustData.dwUIChoice = WTD_UI_NONE;
  165.    sWintrustData.dwStateAction = WTD_STATEACTION_CLOSE;
  166.    WinVerifyTrust((HWND)INVALID_HANDLE_VALUE, &guidAction, &sWintrustData);
  167.  
  168.         return 0;
  169. }