def __init__(self, filename):
self._pFile = WINTRUST_FILE_INFO(filename)
self.cbStruct = DWORD(sizeof(self))
self.pPolicyCallbackData = None
self.pSIPClientData = None
self.dwUIChoice = WTD_UI_NONE
self.fdwRevocationChecks = WTD_REVOKE_NONE
self.dwUnionChoice = WTD_CHOICE_FILE
self.dwStateAction = WTD_STATEACTION_VERIFY
self.hWVTStateData = None
self.pwszURLReference = None
self.dwUIContext = 0
self.pvInfo = addressof(self._pFile)
def world_writable_pipe(self):
sd = create_string_buffer(SECURITY_DESCRIPTOR_MIN_LENGTH)
InitializeSecurityDescriptor(sd, SECURITY_DESCRIPTOR_REVISION)
SetSecurityDescriptorDacl(sd, True, None, False)
sa = SECURITY_ATTRIBUTES()
sa.nLength = sizeof(sa)
sa.lpSecurityDescriptor = addressof(sd)
sa.bInheritHandle = False
self.hPipe = CreateNamedPipe(
self.pipename,
PIPE_ACCESS_DUPLEX,
PIPE_TYPE_MESSAGE | PIPE_READMODE_MESSAGE | PIPE_WAIT,
PIPE_UNLIMITED_INSTANCES,
1024,
1024,
1000,
sa
)
if self.hPipe == INVALID_HANDLE_VALUE:
raise WinError(get_last_error())
def getfilecert(filepath, throw=False):
dwEncoding = DWORD()
dwContentType = DWORD()
dwFormatType = DWORD()
hStore = LPVOID()
hMsg = LPVOID()
bResult = CryptQueryObject(CERT_QUERY_OBJECT_FILE, filepath,
CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED,
CERT_QUERY_FORMAT_FLAG_BINARY, 0,
byref(dwEncoding), byref(dwContentType),
byref(dwFormatType), byref(hStore), byref(hMsg),
None)
if not bResult:
if throw:
raise WinError(get_last_error())
return {}
try:
dwCertsCount = DWORD(-1)
dwArgSize = DWORD(sizeof(dwCertsCount))
bResult = CryptMsgGetParam(hMsg, CMSG_ATTR_CERT_COUNT_PARAM, 0,
byref(dwCertsCount), byref(dwArgSize))
if not bResult:
if throw:
raise WinError(get_last_error())
return {}
certificates = []
for idx in xrange(dwCertsCount.value):
dwArgSize = DWORD(-1)
CryptMsgGetParam(hMsg, CMSG_ATTR_CERT_PARAM, idx, None,
byref(dwArgSize))
if dwArgSize == DWORD(-1):
if throw:
raise WinError(get_last_error())
break
pBuffer = create_string_buffer(dwArgSize.value)
bResult = CryptMsgGetParam(hMsg, CMSG_ATTR_CERT_PARAM, idx,
byref(pBuffer), byref(dwArgSize))
if not bResult:
if throw:
raise WinError(get_last_error())
continue
certificates.append(pBuffer.raw)
return {'Certificates': certificates}
finally:
if hStore:
CertCloseStore(hStore, 0)
if hMsg:
CryptMsgClose(hMsg)
def getfilever(filepath, flags=FILE_VER_GET_NEUTRAL, throw=False):
if not ver_lib:
return {}
result = {}
dwReserved = DWORD(0)
dwVersionSize = GetFileVersionInfoSizeExW(flags, filepath,
byref(dwReserved))
if dwVersionSize == 0:
if throw:
raise WinError(get_last_error())
return result
pBuffer = create_string_buffer(dwVersionSize)
bResult = GetFileVersionInfoExW(flags, filepath, 0, dwVersionSize,
byref(pBuffer))
if not bResult:
if throw:
raise WinError(get_last_error())
return result
info = FIXEDFILEINFO()
dwSize = DWORD(0)
pvData = LPVOID()
bResult = VerQueryValueW(pBuffer, u'\\', byref(pvData), byref(dwSize))
if bResult:
info = cast(pvData, POINTER(FIXEDFILEINFO)).contents
result['FileVersion'] = '{1}.{0}.{3}.{2}'.format(*unpack(
'<HHHH', pack('<II', info.dwFileVersionMS, info.dwFileVersionLS)))
result['ProductVersion'] = '{1}.{0}.{3}.{2}'.format(*unpack(
'<HHHH',
pack('<II', info.dwProductVersionMS, info.dwProductVersionLS)))
flags = []
valid_flags = info.dwFileFlags & info.dwFileFlagsMask
if valid_flags:
for flag, value in VS_FF_STR.iteritems():
if _bit(flag, valid_flags):
flags.append(value)
result['Flags'] = flags
for flag, value in VFT_STR.iteritems():
if _bit(flag, info.dwFileType):
if flag == VFT_UNKNOWN:
break
elif flag == VFT_DRV:
for subflag, subvalue in VFT2_DRV_STR.iteritems():
if _bit(subflag, info.dwFileSubtype):
value += '(' + subvalue + ')'
break
elif flag == VFT_FONT:
for subflag, subvalue in VFT2_FONT_STR.iteritems():
if _bit(subflag, info.dwFileSubtype):
value += '(' + subvalue + ')'
break
elif flag == VFT_VXD:
value += '(VxD={:08x})'.format(info.dwFileSubtype)
result['Type'] = value
break
timestamp = info.dwFileDateMS << 32 | info.dwFileDateLS
result['Timestamp'] = timestamp
bResult = VerQueryValueW(pBuffer, u'\\VarFileInfo\\Translation',
byref(pvData), byref(dwSize))
if bResult:
nRecords = dwSize.value / sizeof(LANGANDCODEPAGE)
records = cast(pvData, POINTER(LANGANDCODEPAGE * nRecords)).contents
translations = {}
for translation in records:
strings = {}
for string in LOCALIZED_STRINGS:
varpath = u'\\\\StringFileInfo\\{:04x}{:04x}\\{}'.format(
translation.wLanguage, translation.wCodePage, string)
bResult = VerQueryValueW(pBuffer, varpath, byref(pvData),
byref(dwSize))
if not bResult:
continue
strings[string] = unicode(cast(pvData,
LPCWSTR).value).encode('utf-8')
if strings:
translations[translation.wLanguage] = strings
if translations:
found = False
for preferred_translation in (0, 2057):
if preferred_translation in translations:
result.update(translations[preferred_translation])
found = True
break
if not found:
# Just pick any
result.update(next(iter(translations.itervalues())))
return result
def __init__(self, filename):
self.cbStruct = sizeof(self)
self.pcwszFilePath = filename
self.hFile = None
self.pgKnownSubject = None