From 1b3ce06cd14318c0ae3041c67f2a2a013182e009 Mon Sep 17 00:00:00 2001 From: Mark Jansen Date: Fri, 4 Mar 2016 20:54:56 +0100 Subject: [PATCH] WINTRUST: Implement PE file hashing for WinVerifyTrust Signed-off-by: Mark Jansen --- dlls/wintrust/softpub.c | 108 +++++++++++++++++++++++ dlls/wintrust/tests/softpub.c | 197 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 305 insertions(+) diff --git a/dlls/wintrust/softpub.c b/dlls/wintrust/softpub.c index 4e8582e..1db263f 100644 --- a/dlls/wintrust/softpub.c +++ b/dlls/wintrust/softpub.c @@ -1,5 +1,6 @@ /* * Copyright 2007 Juan Lang + * Copyright 2016 Mark Jansen * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public @@ -208,6 +209,110 @@ static DWORD SOFTPUB_GetMessageFromFile(CRYPT_PROVIDER_DATA *data, HANDLE file, return err; } + +/* See https://www.cs.auckland.ac.nz/~pgut001/pubs/authenticode.txt for details about the hashing */ + +static BOOL SOFTPUB_HashPEFile(BYTE* file, LARGE_INTEGER* size, HCRYPTHASH hHash) +{ + PIMAGE_DOS_HEADER dos = (PIMAGE_DOS_HEADER)file; + PIMAGE_NT_HEADERS nt = RtlImageNtHeader((HMODULE)file); + SIZE_T Length, DirectorySize; + PBYTE SecurityInfo = (PBYTE)RtlImageDirectoryEntryToData((HMODULE)dos, TRUE, IMAGE_DIRECTORY_ENTRY_SECURITY, &DirectorySize); + + if (!nt || !SecurityInfo) + return FALSE; + + if (SecurityInfo > (file + size->QuadPart)) + return FALSE; + + /* Hash until the CheckSum */ + Length = (BYTE*)&nt->OptionalHeader.CheckSum - file; + if (!CryptHashData(hHash, file, Length, 0)) + return FALSE; + file += Length + 4; + + /* Hash until the DataDirectory[IMAGE_DIRECTORY_ENTRY_SECURITY] entry */ + Length = (BYTE*)&nt->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_SECURITY] - file; + if (!CryptHashData(hHash, file, Length, 0)) + return FALSE; + file += Length + sizeof(nt->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_SECURITY]); + + /* Hash the rest of the file */ + if (!CryptHashData(hHash, file, SecurityInfo - file, 0)) + return FALSE; + + return TRUE; +} + +static DWORD SOFTPUB_VerifyImageHash(CRYPT_PROVIDER_DATA *data, HANDLE file) +{ + DWORD err = TRUST_E_SYSTEM_ERROR; + SPC_INDIRECT_DATA_CONTENT* indirect = (SPC_INDIRECT_DATA_CONTENT*)data->u.pPDSip->psIndirectData; + HCRYPTPROV hProv = data->hProv; + BOOL ReleaseProv = FALSE; + ALG_ID algID; + HCRYPTHASH hHash; + DWORD cbHash, cbHashSize = sizeof(cbHash); + BYTE* rgbHash; + HANDLE map; + LARGE_INTEGER size; + + /* Are we a PE file? */ + if (!HIWORD(indirect->Data.pszObjId) || strcmp(indirect->Data.pszObjId, SPC_PE_IMAGE_DATA_OBJID)) + return ERROR_SUCCESS; + + algID = CertOIDToAlgId(indirect->DigestAlgorithm.pszObjId); + + if (!hProv) + { + ReleaseProv = TRUE; + if (!CryptAcquireContextW(&hProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) + return GetLastError(); + } + + if (!CryptCreateHash(hProv, algID, 0, 0, &hHash)) + { + if (ReleaseProv) + CryptReleaseContext(hProv, 0); + return GetLastError(); + } + + GetFileSizeEx(file, &size); + map = CreateFileMappingW(file, NULL, PAGE_READONLY, 0, 0, NULL); + if (map) + { + BYTE* file_map = MapViewOfFile(map, FILE_MAP_READ, 0, 0, 0); + if (file_map) + { + if (SOFTPUB_HashPEFile(file_map, &size, hHash)) + { + /* If we got this far, we could read the hash from the PE file, + so assume all other failures are a bad digest */ + err = TRUST_E_BAD_DIGEST; + + if (CryptGetHashParam(hHash, HP_HASHSIZE, (BYTE*)&cbHash, &cbHashSize, 0)) + { + rgbHash = data->psPfns->pfnAlloc(cbHash); + if (CryptGetHashParam(hHash, HP_HASHVAL, rgbHash, &cbHash, 0) && cbHash == indirect->Digest.cbData) + { + if (!memcmp(rgbHash, indirect->Digest.pbData, cbHash)) + err = S_OK; + } + data->psPfns->pfnFree(rgbHash); + } + } + UnmapViewOfFile(file_map); + } + CloseHandle(map); + } + CryptDestroyHash(hHash); + if (ReleaseProv) + CryptReleaseContext(hProv, 0); + + return err; +} + + static DWORD SOFTPUB_CreateStoreFromMessage(CRYPT_PROVIDER_DATA *data) { DWORD err = ERROR_SUCCESS; @@ -371,6 +476,9 @@ static DWORD SOFTPUB_LoadFileMessage(CRYPT_PROVIDER_DATA *data) if (err) goto error; err = SOFTPUB_DecodeInnerContent(data); + if (err) + goto error; + err = SOFTPUB_VerifyImageHash(data, data->pWintrustData->u.pFile->hFile); error: if (err && data->fOpenedFile && data->pWintrustData->u.pFile) diff --git a/dlls/wintrust/tests/softpub.c b/dlls/wintrust/tests/softpub.c index 436de47..763fe4b 100644 --- a/dlls/wintrust/tests/softpub.c +++ b/dlls/wintrust/tests/softpub.c @@ -3,6 +3,7 @@ * * Copyright 2007,2010 Juan Lang * Copyright 2010 Andrey Turkin + * Copyright 2016 Mark Jansen * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public @@ -869,6 +870,201 @@ static void test_wintrust(void) ok(r == S_OK, "WinVerifyTrust failed: %08x\n", r); } +static const BYTE SelfSignedFile[] = { + 0x4D, 0x5A, 0x90, 0x00, 0x03, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0x00, 0x00, 0xB8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80, 0x00, 0x00, 0x00, 0x0E, 0x1F, 0xBA, 0x0E, 0x00, 0xB4, 0x09, 0xCD, + 0x21, 0xB8, 0x01, 0x4C, 0xCD, 0x21, 0x54, 0x68, 0x69, 0x73, 0x20, 0x70, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x20, 0x63, 0x61, 0x6E, 0x6E, 0x6F, + 0x74, 0x20, 0x62, 0x65, 0x20, 0x72, 0x75, 0x6E, 0x20, 0x69, 0x6E, 0x20, 0x44, 0x4F, 0x53, 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x2E, 0x0D, 0x0D, 0x0A, + 0x24, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x50, 0x45, 0x00, 0x00, 0x4C, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0xE0, 0x00, 0x0F, 0x03, 0x0B, 0x01, 0x06, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x10, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, + 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, + 0xE7, 0x0C, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x10, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x68, 0x05, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x2E, 0x74, 0x65, 0x78, 0x74, 0x00, 0x00, 0x00, + 0x18, 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x60, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x55, 0x89, 0xE5, 0x81, 0xEC, 0x00, 0x00, 0x00, 0x00, 0x90, 0xB8, 0x00, 0x00, 0x00, 0x00, 0xE9, + 0x00, 0x00, 0x00, 0x00, 0xC9, 0xC3, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x68, 0x05, 0x00, 0x00, 0x00, 0x02, 0x02, 0x00, + 0x30, 0x82, 0x05, 0x5A, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x02, 0xA0, 0x82, 0x05, 0x4B, 0x30, 0x82, 0x05, 0x47, 0x02, + 0x01, 0x01, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x05, 0x00, 0x30, 0x4C, 0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04, 0x01, + 0x82, 0x37, 0x02, 0x01, 0x04, 0xA0, 0x3E, 0x30, 0x3C, 0x30, 0x17, 0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x0F, 0x30, + 0x09, 0x03, 0x01, 0x00, 0xA0, 0x04, 0xA2, 0x02, 0x80, 0x00, 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x05, 0x00, 0x04, + 0x14, 0xA0, 0x95, 0xDE, 0xBD, 0x1A, 0xB7, 0x86, 0xAF, 0x50, 0x63, 0xD8, 0x8F, 0x90, 0xD5, 0x49, 0x96, 0x4E, 0x44, 0xF0, 0x71, 0xA0, 0x82, 0x03, + 0x1D, 0x30, 0x82, 0x03, 0x19, 0x30, 0x82, 0x02, 0x01, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x10, 0x96, 0x53, 0x2C, 0xC9, 0x23, 0x56, 0x8A, 0x87, + 0x42, 0x30, 0x3E, 0xD5, 0x8D, 0x72, 0xD5, 0x25, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, + 0x17, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0C, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x20, 0x52, 0x6F, 0x6F, 0x74, + 0x30, 0x1E, 0x17, 0x0D, 0x31, 0x36, 0x30, 0x33, 0x30, 0x33, 0x32, 0x30, 0x32, 0x37, 0x30, 0x37, 0x5A, 0x17, 0x0D, 0x34, 0x39, 0x31, 0x32, 0x33, + 0x31, 0x32, 0x33, 0x30, 0x30, 0x30, 0x30, 0x5A, 0x30, 0x17, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0C, 0x43, 0x6F, 0x64, + 0x65, 0x53, 0x69, 0x67, 0x6E, 0x54, 0x65, 0x73, 0x74, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xB2, 0xC9, 0x91, 0x98, 0x8C, 0xDC, + 0x80, 0xBC, 0x16, 0xBF, 0xC1, 0x04, 0x77, 0x90, 0xC0, 0xFD, 0x8C, 0xBA, 0x68, 0x26, 0xAC, 0xB7, 0x20, 0x68, 0x41, 0xED, 0xC3, 0x9C, 0x47, 0x7C, + 0x36, 0xC2, 0x7B, 0xE1, 0x5E, 0xFD, 0xA9, 0x99, 0xF4, 0x29, 0x36, 0x86, 0x93, 0x40, 0x55, 0x53, 0x65, 0x79, 0xBC, 0x9F, 0x8F, 0x6E, 0x2B, 0x05, + 0x84, 0xE1, 0xFD, 0xD2, 0xEF, 0xEA, 0x89, 0x8C, 0xEC, 0xF9, 0x55, 0xF0, 0x2C, 0xE5, 0xA7, 0x29, 0xF9, 0x7E, 0x50, 0xDC, 0x9C, 0xA1, 0x23, 0xA5, + 0xD9, 0x78, 0xA1, 0xE7, 0x7C, 0xD7, 0x04, 0x4F, 0x11, 0xAC, 0x9F, 0x4A, 0x47, 0xA1, 0x1E, 0xD5, 0x9E, 0xE7, 0x5B, 0xB5, 0x8C, 0x9C, 0x67, 0x7A, + 0xD0, 0xF8, 0x54, 0xD1, 0x64, 0x7F, 0x39, 0x48, 0xB6, 0xCF, 0x2F, 0x26, 0x7D, 0x7B, 0x13, 0x2B, 0xC2, 0x8F, 0xA6, 0x3F, 0x42, 0x71, 0x95, 0x3E, + 0x59, 0x0F, 0x12, 0xFA, 0xC2, 0x70, 0x89, 0xB7, 0xB6, 0x10, 0x49, 0xE0, 0x7D, 0x4D, 0xFC, 0x80, 0x61, 0x53, 0x50, 0x72, 0xFD, 0x46, 0x35, 0x51, + 0x36, 0xE6, 0x06, 0xA9, 0x4C, 0x0D, 0x82, 0x15, 0xF6, 0x5D, 0xDE, 0xD4, 0xDB, 0xE7, 0x82, 0x10, 0x40, 0xA1, 0x47, 0x68, 0x88, 0x0C, 0x0A, 0x80, + 0xD1, 0xE5, 0x9A, 0x35, 0x28, 0x82, 0x1F, 0x0F, 0x80, 0x5A, 0x6E, 0x1D, 0x22, 0x22, 0xB3, 0xA7, 0xA2, 0x9E, 0x82, 0x2D, 0xC0, 0x7F, 0x5A, 0xD0, + 0xBA, 0xB2, 0xCA, 0x20, 0xE2, 0x97, 0xE9, 0x72, 0x41, 0xB7, 0xD6, 0x1A, 0x93, 0x23, 0x97, 0xF0, 0xA9, 0x61, 0xD2, 0x91, 0xBD, 0xB6, 0x6B, 0x95, + 0x12, 0x67, 0x16, 0xAC, 0x0A, 0xB7, 0x55, 0x02, 0x0D, 0xA5, 0xAD, 0x17, 0x95, 0x77, 0xF9, 0x96, 0x03, 0x41, 0xD3, 0xE1, 0x61, 0x68, 0xBB, 0x0A, + 0xB5, 0xC4, 0xEE, 0x70, 0x40, 0x08, 0x05, 0xC4, 0xF1, 0x5D, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x61, 0x30, 0x5F, 0x30, 0x13, 0x06, 0x03, 0x55, + 0x1D, 0x25, 0x04, 0x0C, 0x30, 0x0A, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x03, 0x30, 0x48, 0x06, 0x03, 0x55, 0x1D, 0x01, 0x04, + 0x41, 0x30, 0x3F, 0x80, 0x10, 0x35, 0x40, 0x67, 0x8F, 0x7D, 0x03, 0x1B, 0x76, 0x52, 0x62, 0x2D, 0xF5, 0x21, 0xF6, 0x7C, 0xBC, 0xA1, 0x19, 0x30, + 0x17, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0C, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x20, 0x52, 0x6F, 0x6F, 0x74, + 0x82, 0x10, 0xA0, 0x4B, 0xEB, 0xAC, 0xFA, 0x08, 0xF2, 0x8B, 0x47, 0xD2, 0xB3, 0x54, 0x60, 0x6C, 0xE6, 0x29, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x5F, 0x8C, 0x7F, 0xDA, 0x1D, 0x21, 0x7A, 0x15, 0xD8, 0x20, + 0x04, 0x53, 0x7F, 0x44, 0x6D, 0x7B, 0x57, 0xBE, 0x7F, 0x86, 0x77, 0x58, 0xC4, 0xD4, 0x80, 0xC7, 0x2E, 0x64, 0x9B, 0x44, 0xC5, 0x2D, 0x6D, 0xDB, + 0x35, 0x5A, 0xFE, 0xA4, 0xD8, 0x66, 0x9B, 0xF7, 0x6E, 0xFC, 0xEF, 0x52, 0x7B, 0xC5, 0x16, 0xE6, 0xA3, 0x7D, 0x59, 0xB7, 0x31, 0x28, 0xEB, 0xB5, + 0x45, 0xC9, 0xB1, 0xD1, 0x08, 0x67, 0xC6, 0x37, 0xE7, 0xD7, 0x2A, 0xE6, 0x1F, 0xD9, 0x6A, 0xE5, 0x04, 0xDF, 0x6A, 0x9D, 0x91, 0xFA, 0x41, 0xBD, + 0x2A, 0x50, 0xEA, 0x99, 0x24, 0xA9, 0x0F, 0x2B, 0x50, 0x51, 0x5F, 0xD9, 0x0B, 0x89, 0x1B, 0xCB, 0xDB, 0x88, 0xE8, 0xEC, 0x87, 0xB0, 0x16, 0xCC, + 0x43, 0xEE, 0x5A, 0xBD, 0x57, 0xE2, 0x46, 0xA7, 0x56, 0x54, 0x23, 0x32, 0x8A, 0xFB, 0x25, 0x51, 0x39, 0x38, 0xE6, 0x87, 0xF5, 0x73, 0x63, 0xD0, + 0x5B, 0xC7, 0x3F, 0xFD, 0x04, 0x75, 0x74, 0x4C, 0x3D, 0xB5, 0x31, 0x22, 0x7D, 0xF1, 0x8D, 0xB4, 0xE0, 0xAA, 0xE1, 0xFF, 0x8F, 0xDD, 0xB8, 0x04, + 0x6A, 0x31, 0xEE, 0x30, 0x2D, 0x6E, 0x74, 0x0F, 0x37, 0x71, 0x77, 0x2B, 0xB8, 0x9E, 0x62, 0x47, 0x00, 0x9C, 0xA5, 0x82, 0x2B, 0x9F, 0x24, 0x67, + 0x50, 0x86, 0x8B, 0xC9, 0x36, 0x81, 0xEB, 0x44, 0xC2, 0xF1, 0x91, 0xA6, 0x84, 0x75, 0x15, 0x8F, 0x22, 0xDE, 0xAC, 0xB5, 0x16, 0xE3, 0x96, 0x74, + 0x72, 0x2F, 0x15, 0xD5, 0xFB, 0x01, 0x22, 0xC4, 0x24, 0xEE, 0x3D, 0xDF, 0x9E, 0xA9, 0x0A, 0x5B, 0x16, 0x21, 0xE8, 0x4A, 0x8C, 0x7E, 0x3A, 0x9C, + 0x22, 0xA0, 0x49, 0x60, 0x97, 0x1B, 0x3E, 0x2D, 0x80, 0x91, 0xDB, 0xF7, 0x78, 0x38, 0x76, 0x78, 0x0C, 0xE3, 0xD4, 0x27, 0x77, 0x69, 0x96, 0xE6, + 0x41, 0xC7, 0x2E, 0xE9, 0x61, 0xD6, 0x31, 0x82, 0x01, 0xC4, 0x30, 0x82, 0x01, 0xC0, 0x02, 0x01, 0x01, 0x30, 0x2B, 0x30, 0x17, 0x31, 0x15, 0x30, + 0x13, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0C, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x02, 0x10, 0x96, 0x53, + 0x2C, 0xC9, 0x23, 0x56, 0x8A, 0x87, 0x42, 0x30, 0x3E, 0xD5, 0x8D, 0x72, 0xD5, 0x25, 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x05, + 0x00, 0xA0, 0x70, 0x30, 0x10, 0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x0C, 0x31, 0x02, 0x30, 0x00, 0x30, 0x19, 0x06, + 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x03, 0x31, 0x0C, 0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x04, + 0x30, 0x1C, 0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x0B, 0x31, 0x0E, 0x30, 0x0C, 0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04, + 0x01, 0x82, 0x37, 0x02, 0x01, 0x15, 0x30, 0x23, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x04, 0x31, 0x16, 0x04, 0x14, 0x3D, + 0x08, 0xC8, 0xA3, 0xEE, 0x05, 0x1A, 0x61, 0xD9, 0xFE, 0x1A, 0x63, 0xC0, 0x8A, 0x6E, 0x9D, 0xF9, 0xC3, 0x13, 0x98, 0x30, 0x0D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82, 0x01, 0x00, 0x90, 0xF9, 0xC0, 0x7F, 0x1D, 0x70, 0x8C, 0x04, 0x22, 0x82, + 0xB6, 0x2D, 0x48, 0xBF, 0x30, 0x51, 0x29, 0xF8, 0xE3, 0x11, 0x39, 0xE0, 0x64, 0x23, 0x72, 0xE2, 0x4C, 0x09, 0x9F, 0x39, 0xF2, 0x6F, 0xDD, 0xB9, + 0x5A, 0x3D, 0xEF, 0xEB, 0xBE, 0xEC, 0x3B, 0xE6, 0x58, 0x4C, 0xC9, 0x4F, 0xED, 0xCB, 0x6E, 0x9D, 0x67, 0x8E, 0x89, 0x92, 0x40, 0x39, 0xA2, 0x5F, + 0xF9, 0xEF, 0xD3, 0xF5, 0x24, 0x27, 0x8D, 0xF7, 0x3C, 0x92, 0x66, 0x56, 0xC8, 0x2B, 0xEA, 0x04, 0xA1, 0x0E, 0xDA, 0x89, 0x30, 0xA7, 0x01, 0xD8, + 0x0B, 0xF8, 0xFD, 0x99, 0xB6, 0xC0, 0x38, 0xB0, 0x21, 0x50, 0x3A, 0x86, 0x01, 0xD0, 0xF3, 0x86, 0x72, 0xE3, 0x5A, 0xBB, 0x2A, 0x6E, 0xBD, 0xFB, + 0x22, 0xF9, 0x42, 0xD3, 0x04, 0xFE, 0x8D, 0xD8, 0x79, 0xD1, 0xEE, 0x61, 0xC6, 0x48, 0x04, 0x99, 0x9A, 0xA2, 0x73, 0xE5, 0xFB, 0x24, 0x10, 0xD5, + 0x6B, 0x71, 0x80, 0x0E, 0x09, 0xEA, 0x85, 0x9A, 0xBD, 0xBB, 0xDE, 0x99, 0x5D, 0xA3, 0x18, 0x4D, 0xED, 0x20, 0x73, 0x3E, 0x32, 0xEF, 0x2C, 0xAC, + 0x5A, 0x83, 0x87, 0x1F, 0x7F, 0x19, 0x61, 0x35, 0x53, 0xC1, 0xAA, 0x89, 0x97, 0xB3, 0xDD, 0x8D, 0xA8, 0x67, 0x5B, 0xC2, 0xE2, 0x09, 0xB7, 0xDD, + 0x6A, 0xCB, 0xD5, 0xBF, 0xD6, 0x08, 0xE2, 0x23, 0x1A, 0x41, 0x9D, 0xD5, 0x6A, 0x6B, 0x8D, 0x3C, 0x29, 0x1B, 0xF1, 0x3F, 0x4E, 0x4A, 0x8F, 0x29, + 0x33, 0xF9, 0x1C, 0x60, 0xA0, 0x92, 0x7E, 0x4F, 0x35, 0xB8, 0xDD, 0xEB, 0xD1, 0x68, 0x1A, 0x9D, 0xA2, 0xA6, 0x97, 0x1F, 0x5F, 0xC6, 0x2C, 0xFB, + 0xCA, 0xDF, 0xF7, 0x95, 0x33, 0x95, 0xD4, 0x79, 0x5C, 0x73, 0x87, 0x49, 0x1F, 0x8C, 0x6E, 0xCE, 0x3E, 0x6D, 0x3D, 0x2B, 0x6B, 0xD7, 0x66, 0xE9, + 0x88, 0x6F, 0xF2, 0x83, 0xB9, 0x9B, 0x00, 0x00 +}; + +static BOOL create_test_executable(WCHAR* temp_file, BOOL CorruptFile) +{ + DWORD cbWritten; + BOOL ret = FALSE; + HANDLE file = create_temp_file(temp_file); + if (file) + { + ret = WriteFile(file, SelfSignedFile, sizeof(SelfSignedFile), &cbWritten, NULL); + if (ret && CorruptFile) + { + BYTE Data[] = { 0x11, 0x22, 0x33, 0x44 }; + SetFilePointer(file, 19, NULL, FILE_BEGIN); + ret = WriteFile(file, Data, sizeof(Data), &cbWritten, NULL); + } + CloseHandle(file); + } + return ret; +} + +static void call_winverify(WCHAR* pathW, LONG* pStatus, DWORD* pLastError, BOOL HashOnly) +{ + WINTRUST_FILE_INFO FileData = { sizeof(FileData), 0 }; + static GUID WVTPolicyGUID = WINTRUST_ACTION_GENERIC_VERIFY_V2; + WINTRUST_DATA WinTrustData = { sizeof(WinTrustData), 0 }; + LONG lStatus; + + FileData.pcwszFilePath = pathW; + + WinTrustData.dwUIChoice = WTD_UI_NONE; + WinTrustData.fdwRevocationChecks = WTD_REVOKE_NONE; + WinTrustData.dwUnionChoice = WTD_CHOICE_FILE; + WinTrustData.dwStateAction = WTD_STATEACTION_VERIFY; + WinTrustData.pFile = &FileData; + if (HashOnly) + WinTrustData.dwProvFlags |= WTD_HASH_ONLY_FLAG; + + lStatus = WinVerifyTrust(NULL, &WVTPolicyGUID, &WinTrustData); + if (pLastError) + *pLastError = GetLastError(); + if (pStatus) + *pStatus = lStatus; + + WinTrustData.dwStateAction = WTD_STATEACTION_CLOSE; + lStatus = WinVerifyTrust(NULL, &WVTPolicyGUID, &WinTrustData); + ok(lStatus == S_OK, "WinVerifyTrust failed: %08x\n", lStatus); +} + +static void test_wintrust_digest(void) +{ + WCHAR pathW[MAX_PATH]; + LONG lStatus; + DWORD dwLastError; + + create_test_executable(pathW, FALSE); + + /* First without special flags */ + lStatus = 0xdeadbeef; + dwLastError = 0xdeadbeef; + SetLastError(0xdeadbeef); + call_winverify(pathW, &lStatus, &dwLastError, FALSE); + todo_wine + ok(lStatus == CERT_E_CHAINING, "WinVerifyTrust did not return CERT_E_CHAINING: %08x (%08x)\n", lStatus, dwLastError); + + /* Now run it without chain check */ + lStatus = 0xdeadbeef; + dwLastError = 0xdeadbeef; + SetLastError(0xdeadbeef); + call_winverify(pathW, &lStatus, &dwLastError, TRUE); + ok(lStatus == S_OK, "WinVerifyTrust did not return S_OK: %08x (%08x)\n", lStatus, dwLastError); + + DeleteFileW(pathW); + /* Corrupt the file */ + create_test_executable(pathW, TRUE); + + /* Without special flags, to show digest is checked before cert chain */ + lStatus = 0xdeadbeef; + dwLastError = 0xdeadbeef; + SetLastError(0xdeadbeef); + call_winverify(pathW, &lStatus, &dwLastError, FALSE); + ok(lStatus == TRUST_E_BAD_DIGEST, "WinVerifyTrust did not return TRUST_E_BAD_DIGEST: %08x (%08x)\n", lStatus, dwLastError); + + /* Without chain check */ + lStatus = 0xdeadbeef; + dwLastError = 0xdeadbeef; + SetLastError(0xdeadbeef); + call_winverify(pathW, &lStatus, &dwLastError, FALSE); + ok(lStatus == TRUST_E_BAD_DIGEST, "WinVerifyTrust did not return TRUST_E_BAD_DIGEST: %08x (%08x)\n", lStatus, dwLastError); + + DeleteFileW(pathW); +} + static void test_get_known_usages(void) { BOOL ret; @@ -939,5 +1135,6 @@ START_TEST(softpub) test_provider_funcs(); test_sip_create_indirect_data(); test_wintrust(); + test_wintrust_digest(); test_get_known_usages(); } -- 2.7.0.windows.2