Verificar Firma Digital Archivo
Publicado: 26 Jul 2014, 00:16
Bueno les dejo este ejemplo que hice con mi hermano hace tiempo, de verificar la firma digital de un archivo basado en una código que vi en el foro sysinternals. la función no tiene retorno. solo muestra datos en la consola. el código no lo mejoramos porque a la final la hicimos en una librería.
Saludos
Código: Seleccionar todo
;Written by Danyfirex & Dany3j
;Thanks http://forum.sysinternals.com
;10-03-2014
#include <WinAPI.au3>
Opt("MustDeclareVars", 1) ;0=no, 1=require pre-declaration
#Region Constants
Global Const $WTD_STATEACTION_CLOSE = 0x00000002
Global Const $WTD_CHOICE_FILE = 1
Global Const $WTD_CHOICE_CATALOG = 2
Global Const $WTD_UI_NONE = 2
Global Const $WTD_REVOKE_NONE = 0
Global Const $WTD_STATEACTION_IGNORE = 0
Global Const $WTD_STATEACTION_VERIFY = 1
Global Const $WTD_SAFER_FLAG = 256
#EndRegion Constants
#Region Struct
Global Const $tagWINTRUST_DATA = "dword cbStruct;ptr pPolicyCallbackData;ptr pSIPClientData;dword dwUIChoice;dword fdwRevocationChecks;dword dwUnionChoice;" & _
"dword pPointer;dword dwStateAction;handle hWVTStateData;ptr pwszURLReference;dword dwProvFlags;dword dwUIContext"
Global Const $tagWINTRUST_FILE_INFO = "dword cbStruct;ptr pcwszFilePath;handle hFile;ptr pgKnownSubject"
Global Const $tagWINTRUST_CATALOG_INFO = "dword cbStruct;dword dwCatalogVersion;ptr pcwszCatalogFilePath;ptr pcwszMemberTag;ptr pcwszMemberFilePath;dword hMemberFile"
Global Const $tagCATALOG_INFO = "dword cbStruct;byte wszCatalogFile[520]"
#EndRegion Struct
Global Const $sWinTrust = "wintrust.dll"
Global $hWinTrustDll = 0
$hWinTrustDll = DllOpen($sWinTrust)
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : $hWinTrustDll = ' & $hWinTrustDll & @CRLF & '>Error code: ' & @error & @CRLF) ;### Debug Console
;check
SignV(@WindowsDir & "\explorer.exe")
Func SignV($sFilePath)
Local $bRet = False
Local $hCatAdmin = 0
Local $bRet = 0
Local $hFile = 0
Local $hr = 0
Local $pszMemberTag = ""
Local $iHashLen = 100
$iHashLen
Local $dw = 0
Local $hCatInfo = 0
Local $tagbyHash = "byte byHash[100]"
;Structures
Local $tbyHash = DllStructCreate($tagbyHash)
Local $tWINTRUST_DATA = DllStructCreate($tagWINTRUST_DATA)
Local $tWINTRUST_FILE_INFO = DllStructCreate($tagWINTRUST_FILE_INFO)
Local $tWINTRUST_CATALOG_INFO = DllStructCreate($tagWINTRUST_CATALOG_INFO)
Local $tCATALOG_INFO = DllStructCreate($tagCATALOG_INFO)
;Debug Structures
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : $tbyHash = ' & IsDllStruct($tbyHash) & " Size= " & DllStructGetSize($tbyHash) & @CRLF) ;### Debug Console
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : $tWINTRUST_DATA = ' & IsDllStruct($tWINTRUST_DATA) & " Size= " & DllStructGetSize($tWINTRUST_DATA) & @CRLF) ;### Debug Console
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : $tWINTRUST_FILE_INFO = ' & IsDllStruct($tWINTRUST_FILE_INFO) & " Size= " & DllStructGetSize($tWINTRUST_FILE_INFO) & @CRLF) ;### Debug Console
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : $tWINTRUST_CATALOG_INFO = ' & IsDllStruct($tWINTRUST_CATALOG_INFO) & " Size= " & DllStructGetSize($tWINTRUST_CATALOG_INFO) & @CRLF) ;### Debug Console
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : $tCATALOG_INFO = ' & IsDllStruct($tCATALOG_INFO) & " Size= " & DllStructGetSize($tCATALOG_INFO) & @CRLF) ;### Debug Console
Local $Ret = DllCall($hWinTrustDll, "bool", "CryptCATAdminAcquireContext", "handle*", 0, "ptr", 0, "dword", 0)
ConsoleWrite("+ CryptCATAdminAcquireContext Ret= " & $Ret[0] & @TAB & '>Error code: ' & @error & @CRLF)
$hCatAdmin = $Ret[1]
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : $hCatAdmin = ' & ($hCatAdmin) & @TAB & '>Error code: ' & @error & @CRLF) ;### Debug Console
$hFile = _WinAPI_CreateFile($sFilePath, 2, 2, 2)
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : $hFile = ' & $hFile & @TAB & '>Error code: ' & @error & @CRLF) ;### Debug Console
If $hFile = $INVALID_HANDLE_VALUE Then
$Ret = DllCall($hWinTrustDll, "bool", "CryptCATAdminReleaseContext", "handle", $hCatAdmin, "dword", 0)
ConsoleWrite("+ CryptCATAdminReleaseContext Ret= " & $Ret[0] & @TAB & '>Error code: ' & @error & @CRLF)
ConsoleWrite("! $INVALID_HANDLE_VALUE" & ">Error code: " & @error & @CRLF)
EndIf
$Ret = DllCall($hWinTrustDll, "bool", "CryptCATAdminCalcHashFromFileHandle", "handle", $hFile, "dword*", 0, "ptr", 0, "dword", 0)
ConsoleWrite("+ CryptCATAdminCalcHashFromFileHandle Ret= " & $Ret[0] & @TAB & '>Error code: ' & @error & @CRLF)
$iHashLen = $Ret[2]
ConsoleWrite(">> $iHashLen= " & $iHashLen & @CRLF)
$Ret = DllCall($hWinTrustDll, "bool", "CryptCATAdminCalcHashFromFileHandle", "handle", $hFile, "dword*", $iHashLen, "ptr", DllStructGetPtr($tbyHash), "dword", 0)
ConsoleWrite("+ CryptCATAdminCalcHashFromFileHandle Ret= " & $Ret[0] & @TAB & '>Error code: ' & @error & @CRLF)
If $hFile Then _WinAPI_CloseHandle($hFile)
For $i = 1 To $iHashLen
$pszMemberTag &= Hex(DllStructGetData($tbyHash, 1, $i), 2)
Next
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : $pszMemberTag = ' & $pszMemberTag & " Len= " & StringLen($pszMemberTag) & @TAB & '>Error code: ' & @error & @CRLF) ;### Debug Console
$Ret = DllCall($hWinTrustDll, "handle", "CryptCATAdminEnumCatalogFromHash", "handle", $hCatAdmin, "ptr", DllStructGetPtr($tbyHash), "dword", $iHashLen, "dword", 0, "ptr", 0)
ConsoleWrite("+ CryptCATAdminEnumCatalogFromHash Ret= " & $Ret[0] & @TAB & '>Error code: ' & @error & @CRLF)
$hCatInfo = $Ret[0]
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : $hCatInfo = ' & $hCatInfo & @TAB & '>Error code: ' & @error & @CRLF) ;### Debug Console
If $hCatInfo = 0 Then
ConsoleWrite("CryptCATAdminEnumCatalogFromHash failed, verifying embedded signature." & @CRLF)
Else
$Ret = DllCall($hWinTrustDll, "bool", "CryptCATCatalogInfoFromContext", "handle", $hCatInfo, "ptr", DllStructGetPtr($tCATALOG_INFO), "dword", 0)
ConsoleWrite("+ CryptCATCatalogInfoFromContext Ret= " & $Ret[0] & @TAB & '>Error code: ' & @error & @CRLF)
If Not $Ret[0] Then
ConsoleWrite("CryptCATCatalogInfoFromContext failed" & @CRLF)
$Ret = DllCall($hWinTrustDll, "bool", "CryptCATAdminReleaseCatalogContext", "handle", $hCatAdmin, "handle", $hCatInfo, "dword", 0)
ConsoleWrite("+ CryptCATAdminReleaseCatalogContext Ret= " & $Ret[0] & @TAB & '>Error code: ' & @error & @CRLF)
EndIf
ConsoleWrite("!wszCatalogFile 67 = " & DllStructGetData($tCATALOG_INFO, "wszCatalogFile", 1) & @CRLF)
Local $tFile = DllStructCreate("wchar[" & StringLen($sFilePath) + 2 & "]")
DllStructSetData($tFile, 1, $sFilePath)
Local $pFile = DllStructGetPtr($tFile)
ConsoleWrite("!tFileData = " & DllStructGetData($tFile, 1) & @CRLF)
DllStructSetData($tWINTRUST_CATALOG_INFO, "cbStruct", DllStructGetSize($tWINTRUST_CATALOG_INFO))
DllStructSetData($tWINTRUST_CATALOG_INFO, "pcwszCatalogFilePath", DllStructGetPtr($tCATALOG_INFO, "wszCatalogFile"))
ConsoleWrite("wszCatalogFile Ptr = " & DllStructGetPtr($tCATALOG_INFO, "wszCatalogFile") & @CRLF)
ConsoleWrite("pcwszCatalogFilePath Data = " & DllStructGetData($tWINTRUST_CATALOG_INFO, "pcwszCatalogFilePath") & @CRLF)
DllStructSetData($tWINTRUST_CATALOG_INFO, "pcwszMemberFilePath", $pFile)
ConsoleWrite("pcwszMemberFilePath Ptr = " & DllStructGetData($tWINTRUST_CATALOG_INFO, "pcwszMemberFilePath") & @CRLF)
Local $tpszMemberTag = DllStructCreate("wchar[" & StringLen($pszMemberTag) + 2 & "]")
DllStructSetData($tpszMemberTag, 1, $pszMemberTag)
Local $ptpszMemberTag = DllStructGetPtr($tpszMemberTag)
ConsoleWrite("!tpszMemberTag Data = " & DllStructGetData($tpszMemberTag, 1) & @CRLF)
DllStructSetData($tWINTRUST_CATALOG_INFO, "pcwszMemberTag", $ptpszMemberTag)
DllStructSetData($tWINTRUST_DATA, "cbStruct", DllStructGetSize($tWINTRUST_DATA))
DllStructSetData($tWINTRUST_DATA, "dwUnionChoice", $WTD_CHOICE_CATALOG)
DllStructSetData($tWINTRUST_DATA, "pPointer", DllStructGetPtr($tWINTRUST_CATALOG_INFO))
DllStructSetData($tWINTRUST_DATA, "dwUIChoice", $WTD_UI_NONE)
DllStructSetData($tWINTRUST_DATA, "fdwRevocationChecks", $WTD_REVOKE_NONE)
DllStructSetData($tWINTRUST_DATA, "dwStateAction", $WTD_STATEACTION_VERIFY)
DllStructSetData($tWINTRUST_DATA, "dwProvFlags", 0)
DllStructSetData($tWINTRUST_DATA, "hWVTStateData", 0)
DllStructSetData($tWINTRUST_DATA, "pwszURLReference", 0)
EndIf
Local $taction = _GUIDStruct("{00AAC56B-CD44-11D0-8CC200C04FC295EE}")
ConsoleWrite("Structura action=" & IsDllStruct($taction) & " Valor=" & Hex(DllStructGetData($taction, 1), 8) & " Error= " & @error & @CRLF)
$Ret = DllCall($hWinTrustDll, "long", "WinVerifyTrust", "long", $INVALID_HANDLE_VALUE, "ptr", DllStructGetPtr($taction), "ptr", DllStructGetPtr($tWINTRUST_DATA))
ConsoleWrite("+ WinVerifyTrust Ret= " & $Ret[0] & @TAB & '>Error code: ' & @error & @CRLF)
ConsoleWrite("WinVerifyTrust Retorno= " & ($Ret[0]) & @CRLF)
Local $hr = $Ret[0]
If $hCatInfo <> 0 Then
$Ret = DllCall($hWinTrustDll, "long", "CryptCATAdminReleaseCatalogContext", "long", $hCatAdmin, "long", $hCatInfo, "long", 0)
ConsoleWrite("+ CryptCATAdminReleaseCatalogContext Ret= " & $Ret[0] & @TAB & '>Error code: ' & @error & @CRLF)
EndIf
$Ret = DllCall($hWinTrustDll, "long", "CryptCATAdminReleaseContext", "int", $hCatAdmin, "long", 0)
ConsoleWrite("+ CryptCATAdminReleaseContext Ret= " & $Ret[0] & @TAB & '>Error code: ' & @error & @CRLF)
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : $Ret = ' & $Ret[0] & @CRLF & '>Error code: ' & @error & @CRLF)
If $hr = 0 Then
DllStructSetData($tWINTRUST_DATA, "dwStateAction", $WTD_STATEACTION_CLOSE)
$Ret = DllCall($hWinTrustDll, "long", "WinVerifyTrust", "long", $INVALID_HANDLE_VALUE, "ptr", DllStructGetPtr($taction), "ptr", DllStructGetPtr($tWINTRUST_DATA))
ConsoleWrite("+ WinVerifyTrust Ret= " & $Ret[0] & @TAB & '>Error code: ' & @error & @CRLF)
EndIf
If $hWinTrustDll Then DllClose($hWinTrustDll)
EndFunc ;==>SignV
;Prog@ndy
Func _GUIDStruct($IID)
$IID = StringRegExpReplace($IID, "([}{])", "")
$IID = StringSplit($IID, "-")
Local $_GUID = "DWORD Data1; ushort Data2; ushort Data3; BYTE Data4[8];"
Local $GUID = DllStructCreate($_GUID)
If $IID[0] = 5 Then $IID[4] &= $IID[5]
If $IID[0] > 5 Or $IID[0] < 4 Then Return SetError(1, 0, 0)
DllStructSetData($GUID, 1, Dec($IID[1]))
DllStructSetData($GUID, 2, Dec($IID[2]))
DllStructSetData($GUID, 3, Dec($IID[3]))
DllStructSetData($GUID, 4, Binary("0x" & $IID[4]))
Return $GUID
EndFunc ;==>_GUIDStructSaludos