Bueno les dejo este ejemplo que hice con mi hermano hace tiempo, de verificar la firma digital de un archivo basado en una código que vi en el foro sysinternals. la función no tiene retorno. solo muestra datos en la consola. el código no lo mejoramos porque a la final la hicimos en una librería.

Código: Seleccionar todo

;Written by Danyfirex & Dany3j
;Thanks http://forum.sysinternals.com
;10-03-2014

#include <WinAPI.au3>


Opt("MustDeclareVars", 1) ;0=no, 1=require pre-declaration

#Region Constants
Global Const $WTD_STATEACTION_CLOSE = 0x00000002
Global Const $WTD_CHOICE_FILE = 1
Global Const $WTD_CHOICE_CATALOG = 2
Global Const $WTD_UI_NONE = 2
Global Const $WTD_REVOKE_NONE = 0
Global Const $WTD_STATEACTION_IGNORE = 0
Global Const $WTD_STATEACTION_VERIFY = 1
Global Const $WTD_SAFER_FLAG = 256
#EndRegion Constants



#Region Struct
Global Const $tagWINTRUST_DATA = "dword cbStruct;ptr pPolicyCallbackData;ptr pSIPClientData;dword dwUIChoice;dword fdwRevocationChecks;dword dwUnionChoice;" & _
        "dword pPointer;dword dwStateAction;handle hWVTStateData;ptr pwszURLReference;dword dwProvFlags;dword dwUIContext"

Global Const $tagWINTRUST_FILE_INFO = "dword cbStruct;ptr pcwszFilePath;handle hFile;ptr pgKnownSubject"

Global Const $tagWINTRUST_CATALOG_INFO = "dword cbStruct;dword dwCatalogVersion;ptr pcwszCatalogFilePath;ptr pcwszMemberTag;ptr pcwszMemberFilePath;dword hMemberFile"

Global Const $tagCATALOG_INFO = "dword cbStruct;byte wszCatalogFile[520]"
#EndRegion Struct




Global Const $sWinTrust = "wintrust.dll"
Global $hWinTrustDll = 0


$hWinTrustDll = DllOpen($sWinTrust)
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : $hWinTrustDll = ' & $hWinTrustDll & @CRLF & '>Error code: ' & @error & @CRLF) ;### Debug Console


;check
SignV(@WindowsDir & "\explorer.exe")




Func SignV($sFilePath)


    Local $bRet = False
    Local $hCatAdmin = 0
    Local $bRet = 0
    Local $hFile = 0
    Local $hr = 0
    Local $pszMemberTag = ""
    Local $iHashLen = 100
    $iHashLen
    Local $dw = 0
    Local $hCatInfo = 0
    Local $tagbyHash = "byte byHash[100]"
    ;Structures
    Local $tbyHash = DllStructCreate($tagbyHash)
    Local $tWINTRUST_DATA = DllStructCreate($tagWINTRUST_DATA)
    Local $tWINTRUST_FILE_INFO = DllStructCreate($tagWINTRUST_FILE_INFO)
    Local $tWINTRUST_CATALOG_INFO = DllStructCreate($tagWINTRUST_CATALOG_INFO)
    Local $tCATALOG_INFO = DllStructCreate($tagCATALOG_INFO)


    ;Debug Structures
    ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : $tbyHash = ' & IsDllStruct($tbyHash) & " Size= " & DllStructGetSize($tbyHash) & @CRLF) ;### Debug Console

    ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : $tWINTRUST_DATA = ' & IsDllStruct($tWINTRUST_DATA) & " Size= " & DllStructGetSize($tWINTRUST_DATA) & @CRLF) ;### Debug Console

    ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : $tWINTRUST_FILE_INFO = ' & IsDllStruct($tWINTRUST_FILE_INFO) & " Size= " & DllStructGetSize($tWINTRUST_FILE_INFO) & @CRLF) ;### Debug Console

    ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : $tWINTRUST_CATALOG_INFO = ' & IsDllStruct($tWINTRUST_CATALOG_INFO) & " Size= " & DllStructGetSize($tWINTRUST_CATALOG_INFO) & @CRLF) ;### Debug Console

    ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') :  $tCATALOG_INFO = ' & IsDllStruct($tCATALOG_INFO) & " Size= " & DllStructGetSize($tCATALOG_INFO) & @CRLF) ;### Debug Console




    Local $Ret = DllCall($hWinTrustDll, "bool", "CryptCATAdminAcquireContext", "handle*", 0, "ptr", 0, "dword", 0)
    ConsoleWrite("+ CryptCATAdminAcquireContext Ret= " & $Ret[0] & @TAB & '>Error code: ' & @error & @CRLF)
    $hCatAdmin = $Ret[1]

    ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : $hCatAdmin = ' & ($hCatAdmin) & @TAB & '>Error code: ' & @error & @CRLF) ;### Debug Console




    $hFile = _WinAPI_CreateFile($sFilePath, 2, 2, 2)
    ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : $hFile = ' & $hFile & @TAB & '>Error code: ' & @error & @CRLF) ;### Debug Console

    If $hFile = $INVALID_HANDLE_VALUE Then
        $Ret = DllCall($hWinTrustDll, "bool", "CryptCATAdminReleaseContext", "handle", $hCatAdmin, "dword", 0)
        ConsoleWrite("+ CryptCATAdminReleaseContext Ret= " & $Ret[0] & @TAB & '>Error code: ' & @error & @CRLF)
        ConsoleWrite("! $INVALID_HANDLE_VALUE" & ">Error code: " & @error & @CRLF)
    EndIf








    $Ret = DllCall($hWinTrustDll, "bool", "CryptCATAdminCalcHashFromFileHandle", "handle", $hFile, "dword*", 0, "ptr", 0, "dword", 0)
    ConsoleWrite("+ CryptCATAdminCalcHashFromFileHandle Ret= " & $Ret[0] & @TAB & '>Error code: ' & @error & @CRLF)
    $iHashLen = $Ret[2]
    ConsoleWrite(">> $iHashLen= " & $iHashLen & @CRLF)



    $Ret = DllCall($hWinTrustDll, "bool", "CryptCATAdminCalcHashFromFileHandle", "handle", $hFile, "dword*", $iHashLen, "ptr", DllStructGetPtr($tbyHash), "dword", 0)
    ConsoleWrite("+ CryptCATAdminCalcHashFromFileHandle Ret= " & $Ret[0] & @TAB & '>Error code: ' & @error & @CRLF)




    If $hFile Then _WinAPI_CloseHandle($hFile)


    For $i = 1 To $iHashLen
        $pszMemberTag &= Hex(DllStructGetData($tbyHash, 1, $i), 2)
    Next
    ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : $pszMemberTag = ' & $pszMemberTag & " Len= " & StringLen($pszMemberTag) & @TAB & '>Error code: ' & @error & @CRLF) ;### Debug Console


    $Ret = DllCall($hWinTrustDll, "handle", "CryptCATAdminEnumCatalogFromHash", "handle", $hCatAdmin, "ptr", DllStructGetPtr($tbyHash), "dword", $iHashLen, "dword", 0, "ptr", 0)
    ConsoleWrite("+ CryptCATAdminEnumCatalogFromHash Ret= " & $Ret[0] & @TAB & '>Error code: ' & @error & @CRLF)
    $hCatInfo = $Ret[0]
    ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : $hCatInfo = ' & $hCatInfo & @TAB & '>Error code: ' & @error & @CRLF) ;### Debug Console


    If $hCatInfo = 0 Then
        ConsoleWrite("CryptCATAdminEnumCatalogFromHash failed, verifying embedded signature." & @CRLF)

    Else

        $Ret = DllCall($hWinTrustDll, "bool", "CryptCATCatalogInfoFromContext", "handle", $hCatInfo, "ptr", DllStructGetPtr($tCATALOG_INFO), "dword", 0)
        ConsoleWrite("+ CryptCATCatalogInfoFromContext Ret= " & $Ret[0] & @TAB & '>Error code: ' & @error & @CRLF)

        If Not $Ret[0] Then
            ConsoleWrite("CryptCATCatalogInfoFromContext failed" & @CRLF)
            $Ret = DllCall($hWinTrustDll, "bool", "CryptCATAdminReleaseCatalogContext", "handle", $hCatAdmin, "handle", $hCatInfo, "dword", 0)
            ConsoleWrite("+ CryptCATAdminReleaseCatalogContext Ret= " & $Ret[0] & @TAB & '>Error code: ' & @error & @CRLF)

        EndIf



        ConsoleWrite("!wszCatalogFile 67 = " & DllStructGetData($tCATALOG_INFO, "wszCatalogFile", 1) & @CRLF)
        Local $tFile = DllStructCreate("wchar[" & StringLen($sFilePath) + 2 & "]")
        DllStructSetData($tFile, 1, $sFilePath)
        Local $pFile = DllStructGetPtr($tFile)
        ConsoleWrite("!tFileData = " & DllStructGetData($tFile, 1) & @CRLF)

        DllStructSetData($tWINTRUST_CATALOG_INFO, "cbStruct", DllStructGetSize($tWINTRUST_CATALOG_INFO))
        DllStructSetData($tWINTRUST_CATALOG_INFO, "pcwszCatalogFilePath", DllStructGetPtr($tCATALOG_INFO, "wszCatalogFile"))
        ConsoleWrite("wszCatalogFile Ptr = " & DllStructGetPtr($tCATALOG_INFO, "wszCatalogFile") & @CRLF)



        ConsoleWrite("pcwszCatalogFilePath Data = " & DllStructGetData($tWINTRUST_CATALOG_INFO, "pcwszCatalogFilePath") & @CRLF)

        DllStructSetData($tWINTRUST_CATALOG_INFO, "pcwszMemberFilePath", $pFile)
        ConsoleWrite("pcwszMemberFilePath Ptr = " & DllStructGetData($tWINTRUST_CATALOG_INFO, "pcwszMemberFilePath") & @CRLF)


        Local $tpszMemberTag = DllStructCreate("wchar[" & StringLen($pszMemberTag) + 2 & "]")
        DllStructSetData($tpszMemberTag, 1, $pszMemberTag)
        Local $ptpszMemberTag = DllStructGetPtr($tpszMemberTag)
        ConsoleWrite("!tpszMemberTag  Data = " & DllStructGetData($tpszMemberTag, 1) & @CRLF)

        DllStructSetData($tWINTRUST_CATALOG_INFO, "pcwszMemberTag", $ptpszMemberTag)


        DllStructSetData($tWINTRUST_DATA, "cbStruct", DllStructGetSize($tWINTRUST_DATA))
        DllStructSetData($tWINTRUST_DATA, "dwUnionChoice", $WTD_CHOICE_CATALOG)
        DllStructSetData($tWINTRUST_DATA, "pPointer", DllStructGetPtr($tWINTRUST_CATALOG_INFO))
        DllStructSetData($tWINTRUST_DATA, "dwUIChoice", $WTD_UI_NONE)
        DllStructSetData($tWINTRUST_DATA, "fdwRevocationChecks", $WTD_REVOKE_NONE)
        DllStructSetData($tWINTRUST_DATA, "dwStateAction", $WTD_STATEACTION_VERIFY)
        DllStructSetData($tWINTRUST_DATA, "dwProvFlags", 0)
        DllStructSetData($tWINTRUST_DATA, "hWVTStateData", 0)
        DllStructSetData($tWINTRUST_DATA, "pwszURLReference", 0)

    EndIf


    Local $taction = _GUIDStruct("{00AAC56B-CD44-11D0-8CC200C04FC295EE}")
    ConsoleWrite("Structura action=" & IsDllStruct($taction) & " Valor=" & Hex(DllStructGetData($taction, 1), 8) & " Error= " & @error & @CRLF)


    $Ret = DllCall($hWinTrustDll, "long", "WinVerifyTrust", "long", $INVALID_HANDLE_VALUE, "ptr", DllStructGetPtr($taction), "ptr", DllStructGetPtr($tWINTRUST_DATA))
    ConsoleWrite("+ WinVerifyTrust Ret= " & $Ret[0] & @TAB & '>Error code: ' & @error & @CRLF)

    ConsoleWrite("WinVerifyTrust Retorno= " & ($Ret[0]) & @CRLF)

    Local $hr = $Ret[0]


    If $hCatInfo <> 0 Then
        $Ret = DllCall($hWinTrustDll, "long", "CryptCATAdminReleaseCatalogContext", "long", $hCatAdmin, "long", $hCatInfo, "long", 0)
        ConsoleWrite("+ CryptCATAdminReleaseCatalogContext Ret= " & $Ret[0] & @TAB & '>Error code: ' & @error & @CRLF)

    EndIf


    $Ret = DllCall($hWinTrustDll, "long", "CryptCATAdminReleaseContext", "int", $hCatAdmin, "long", 0)
    ConsoleWrite("+ CryptCATAdminReleaseContext Ret= " & $Ret[0] & @TAB & '>Error code: ' & @error & @CRLF)

    ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : $Ret = ' & $Ret[0] & @CRLF & '>Error code: ' & @error & @CRLF)

    If $hr = 0 Then
        DllStructSetData($tWINTRUST_DATA, "dwStateAction", $WTD_STATEACTION_CLOSE)

        $Ret = DllCall($hWinTrustDll, "long", "WinVerifyTrust", "long", $INVALID_HANDLE_VALUE, "ptr", DllStructGetPtr($taction), "ptr", DllStructGetPtr($tWINTRUST_DATA))
        ConsoleWrite("+ WinVerifyTrust Ret= " & $Ret[0] & @TAB & '>Error code: ' & @error & @CRLF)

    EndIf



    If $hWinTrustDll Then DllClose($hWinTrustDll)

EndFunc   ;==>SignV



;Prog@ndy
Func _GUIDStruct($IID)
    $IID = StringRegExpReplace($IID, "([}{])", "")
    $IID = StringSplit($IID, "-")
    Local $_GUID = "DWORD Data1;  ushort Data2;  ushort Data3;  BYTE Data4[8];"
    Local $GUID = DllStructCreate($_GUID)
    If $IID[0] = 5 Then $IID[4] &= $IID[5]
    If $IID[0] > 5 Or $IID[0] < 4 Then Return SetError(1, 0, 0)
    DllStructSetData($GUID, 1, Dec($IID[1]))
    DllStructSetData($GUID, 2, Dec($IID[2]))
    DllStructSetData($GUID, 3, Dec($IID[3]))
    DllStructSetData($GUID, 4, Binary("0x" & $IID[4]))
    Return $GUID
EndFunc   ;==>_GUIDStruct

Saludos
Imagen
Responder

Volver a “Fuentes”