golang.zx2c4.com/wireguard/windows@v0.5.4-0.20230123132234-dcc0eb72a04b/updater/authenticode.go (about) 1 /* SPDX-License-Identifier: MIT 2 * 3 * Copyright (C) 2019-2022 WireGuard LLC. All Rights Reserved. 4 */ 5 6 package updater 7 8 import ( 9 "unsafe" 10 11 "golang.org/x/sys/windows" 12 ) 13 14 func verifyAuthenticode(path string) bool { 15 path16, err := windows.UTF16PtrFromString(path) 16 if err != nil { 17 return false 18 } 19 data := &windows.WinTrustData{ 20 Size: uint32(unsafe.Sizeof(windows.WinTrustData{})), 21 UIChoice: windows.WTD_UI_NONE, 22 RevocationChecks: windows.WTD_REVOKE_WHOLECHAIN, // Full revocation checking, as this is called with network connectivity. 23 UnionChoice: windows.WTD_CHOICE_FILE, 24 StateAction: windows.WTD_STATEACTION_VERIFY, 25 FileOrCatalogOrBlobOrSgnrOrCert: unsafe.Pointer(&windows.WinTrustFileInfo{ 26 Size: uint32(unsafe.Sizeof(windows.WinTrustFileInfo{})), 27 FilePath: path16, 28 }), 29 } 30 verified := windows.WinVerifyTrustEx(windows.InvalidHWND, &windows.WINTRUST_ACTION_GENERIC_VERIFY_V2, data) == nil 31 data.StateAction = windows.WTD_STATEACTION_CLOSE 32 windows.WinVerifyTrustEx(windows.InvalidHWND, &windows.WINTRUST_ACTION_GENERIC_VERIFY_V2, data) 33 return verified 34 }