Changeset 1552

Timestamp:

1/18/2010 5:32:15 AM (3 years ago)

Author:

lowjoel

Message:

Combined the functions in AdvApi?, MsCorEEApi and WintrustApi? to Security.cs

Location:

branches/eraser6/CodeReview

Files:

• Eraser.Manager/DirectExecutor.cs (modified) (1 diff)
• Eraser.Manager/EntropySource.cs (modified) (1 diff)
• Eraser.Manager/Plugins.cs (modified) (1 diff)
• Eraser.Util/Eraser.Util.csproj (modified) (2 diffs)
• Eraser.Util/MsCorEEApi.cs (deleted)
• Eraser.Util/Security.cs (moved) (moved from branches/eraser6/CodeReview/Eraser.Util/AdvApi.cs) (2 diffs)

branches/eraser6/CodeReview/Eraser.Manager/DirectExecutor.cs

@@ -327 +327 @@
         {
             //Check for sufficient privileges to run the unused space erasure.
-            if (!AdvApi.IsAdministrator())
+            if (!Security.IsAdministrator())
             {
                 if (Environment.OSVersion.Platform == PlatformID.Win32NT &&

branches/eraser6/CodeReview/Eraser.Manager/EntropySource.cs

@@ -360 +360 @@
             //CryptGenRandom
             byte[] cryptGenRandom = new byte[160];
-            if (CryptApi.CryptGenRandom(cryptGenRandom))
+            if (Security.Randomise(cryptGenRandom))
                 result.AddRange(cryptGenRandom);
 

branches/eraser6/CodeReview/Eraser.Manager/Plugins.cs

@@ -212 +212 @@
             IDictionary<Guid, bool> approvals = ManagerLibrary.Settings.PluginApprovals;
             if ((reflectAssembly.GetName().GetPublicKey().Length == 0 ||
-                !MsCorEEApi.VerifyStrongName(filePath) ||
+                !Security.VerifyStrongName(filePath) ||
                 instance.AssemblyAuthenticode == null) &&
                 !approvals.ContainsKey(instance.AssemblyInfo.Guid))

branches/eraser6/CodeReview/Eraser.Util/Eraser.Util.csproj

@@ -49 +49 @@
       <Link>Version.cs</Link>
     </Compile>
-    <Compile Include="AdvApi.cs" />
+    <Compile Include="Security.cs" />
     <Compile Include="ExtensionMethods\IO.cs" />
     <Compile Include="Localisation.cs" />
-    <Compile Include="MsCorEEApi.cs" />
     <Compile Include="NativeMethods\AdvApi.cs" />
     <Compile Include="NativeMethods\Kernel.cs" />
@@ -76 +75 @@
     <Compile Include="Properties\AssemblyInfo.cs" />
     <Compile Include="UserApi.cs" />
-    <Compile Include="WintrustApi.cs" />
   </ItemGroup>
   <ItemGroup>

branches/eraser6/CodeReview/Eraser.Util/Security.cs

@@ -29 +29 @@
 namespace Eraser.Util
 {
-    public static class AdvApi
+    public static class Security
     {
         /// <summary>
@@ -90 +90 @@
             }
         }
-    }
-
-    public sealed class CryptApi : IDisposable
+
+        /// <summary>
+        /// Verifies the Authenticode signature in a file.
+        /// </summary>
+        /// <param name="pathToFile">The file to verify.</param>
+        /// <returns>True if the file contains a valid Authenticode certificate.</returns>
+        public static bool VerifyAuthenticode(string pathToFile)
+        {
+            IntPtr unionPointer = IntPtr.Zero;
+
+            try
+            {
+                NativeMethods.WINTRUST_FILE_INFO fileinfo = new NativeMethods.WINTRUST_FILE_INFO();
+                fileinfo.cbStruct = (uint)Marshal.SizeOf(typeof(NativeMethods.WINTRUST_FILE_INFO));
+                fileinfo.pcwszFilePath = pathToFile;
+
+                NativeMethods.WINTRUST_DATA data = new NativeMethods.WINTRUST_DATA();
+                data.cbStruct = (uint)Marshal.SizeOf(typeof(NativeMethods.WINTRUST_DATA));
+                data.dwUIChoice = NativeMethods.WINTRUST_DATA.UIChoices.WTD_UI_NONE;
+                data.fdwRevocationChecks = NativeMethods.WINTRUST_DATA.RevocationChecks.WTD_REVOKE_NONE;
+                data.dwUnionChoice = NativeMethods.WINTRUST_DATA.UnionChoices.WTD_CHOICE_FILE;
+                unionPointer = data.pUnion = Marshal.AllocHGlobal((int)fileinfo.cbStruct);
+                Marshal.StructureToPtr(fileinfo, data.pUnion, false);
+
+                Guid guid = NativeMethods.WINTRUST_ACTION_GENERIC_VERIFY_V2;
+                return NativeMethods.WinVerifyTrust(IntPtr.Zero, ref guid, ref data) == 0;
+            }
+            finally
+            {
+                if (unionPointer != IntPtr.Zero)
+                    Marshal.FreeHGlobal(unionPointer);
+            }
+        }
+
+        /// <summary>
+        /// Gets a value indicating whether the assembly manifest at the supplied
+        /// path contains a strong name signature. 
+        /// </summary>
+        /// <param name="assemblyPath">The path to the portable executable (.exe or
+        /// .dll) file for the assembly to be verified.</param>
+        /// <returns>True if the verification was successful; otherwise, false.</returns>
+        /// <remarks>VerifyStrongName is a utility function to check the validity
+        /// of an assembly, taking into account registry settings.</remarks>
+        public static bool VerifyStrongName(string assemblyPath)
+        {
+            bool wasVerified = false;
+            return NativeMethods.StrongNameSignatureVerificationEx(assemblyPath, false,
+                out wasVerified) && wasVerified;
+        }
+
+        /// <summary>
+        /// Randomises the provided buffer using CryptGenRandom.
+        /// </summary>
+        /// <param name="cryptGenRandom">The buffer which receives the random
+        /// data. The contents of this buffer can also be used as a random
+        /// seed.</param>
+        /// <returns>True if the operation suceeded.</returns>
+        public static bool Randomise(byte[] buffer)
+        {
+            return CryptApi.CryptGenRandom(buffer);
+        }
+    }
+
+    internal sealed class CryptApi : IDisposable
     {
         /// <summary>