def get_catalog_name_from_handle(handle):
cat_info = CATALOG_INFO()
cat_info.cbStruct = ctypes.sizeof(cat_info)
winproxy.CryptCATCatalogInfoFromContext(handle, ctypes.byref(cat_info), 0)
return cat_info.wszCatalogFile
def verify_file_from_catalog(verify_file_info, hash_algorithm=None):
result = VerifyResult.VrNoSignature
if verify_file_info.file_size_limit_for_hash != -1:
file_size_limit = verify_default_size_limit
if verify_file_info.file_size_limit_for_hash != 0:
file_size_limit = verify_file_info.file_size_limit_for_hash
if os.path.getsize(verify_file_info.file_path) > file_size_limit:
return result, 0, None
cat_admin_handle, file_hash_length, file_hash = calculate_file_hash(
verify_file_info.file_handle, hash_algorithm)
if cat_admin_handle is None or file_hash_length == 0 or file_hash is None:
return result, 0, None
file_hash_tag = bin_to_hexw_fast(file_hash_length, file_hash, True)
cat_info_handle = winproxy.CryptCATAdminEnumCatalogFromHash(
cat_admin_handle, file_hash, file_hash_length, 0, None)
catalog_info = WINTRUST_CATALOG_INFO()
catalog_info.cbStruct = ctypes.sizeof(catalog_info)
verify_result = VerifyResult.VrUnknown
number_of_signatures = 0
signatures = []
if cat_info_handle is None:
for idx in range(verify_file_info.number_of_catalog_file_names):
catalog_info.pcwszCatalogFilePath = verify_file_info.catalog_file_names[
idx]
catalog_info.hMemberFile = verify_file_info.file_handle
catalog_info.pcwszMemberTag = file_hash_tag.value
catalog_info.pbCalculatedFileHash = file_hash
catalog_info.cbCalculatedFileHash = file_hash_length
catalog_info.hCatAdmin = cat_admin_handle
verify_result, number_of_signatures, signatures = verify_file(
verify_file_info,
union_choice=WTD_CHOICE_CATALOG,
union_data=catalog_info,
action_id=WINTRUST_ACTION_GENERIC_VERIFY_V2,
policy_callback_data=None)
if verify_result is VerifyResult.VrTrusted:
break
else:
cat_info = CATALOG_INFO()
cat_info.cbStruct = ctypes.sizeof(cat_info)
if winproxy.CryptCATCatalogInfoFromContext(
cat_info_handle, ctypes.byref(cat_info), 0) is False:
winproxy.CryptCATAdminReleaseCatalogContext(
cat_admin_handle, cat_info_handle, 0)
driver_ver_info = DRIVER_VER_INFO()
driver_ver_info.cbStruct = ctypes.sizeof(driver_ver_info)
catalog_info.pcwszCatalogFilePath = cat_info.wszCatalogFile
catalog_info.hMemberFile = verify_file_info.file_handle
catalog_info.pcwszMemberTag = file_hash_tag.value
catalog_info.pbCalculatedFileHash = file_hash
catalog_info.cbCalculatedFileHash = file_hash_length
catalog_info.hCatAdmin = cat_admin_handle
verify_result, number_of_signatures, signatures = verify_file(
verify_file_info,
union_choice=WTD_CHOICE_CATALOG,
union_data=catalog_info,
action_id=DRIVER_ACTION_VERIFY,
policy_callback_data=ctypes.cast(ctypes.pointer(driver_ver_info),
ctypes.c_void_p))
if driver_ver_info.pcSignerCertContext:
winproxy.CertFreeCertificateContext(
driver_ver_info.pcSignerCertContext)
winproxy.CryptCATAdminReleaseCatalogContext(cat_admin_handle,
cat_info_handle, 0)
return verify_result, number_of_signatures, signatures