FredAI Posted November 7, 2011 Share Posted November 7, 2011 Hi. Can someone tell me if there's something wrong with this conversion? C code: //Allocate memory. Buffer = (PBYTE)calloc(HashSize, 1); //Actually calculate the hash if( !CryptCATAdminCalcHashFromFileHandle(FileHandle, &HashSize, Buffer, 0) ) { CryptCATAdminReleaseContext(Context, 0); free(Buffer); CloseHandle(FileHandle); return FALSE; } //Convert the hash to a string. MemberTag = (PWCHAR)calloc((HashSize * 2) + 1, sizeof(WCHAR)); for( unsigned int i = 0; i < HashSize; i++ ) { swprintf(&MemberTag[i * 2], L"%02X", Buffer[i ]); } My AutoIt code: ; Allocate memory. Local $Buffer = DllStructCreate('BYTE['&$HashSize&']') $pBuffer = DllStructGetptr($Buffer,1) ; Actually calculate the hash $aRet = DllCall('Wintrust.dll','BOOL','CryptCATAdminCalcHashFromFileHandle','HANDLE',$FileHandle,'DWORD*',$HashSize,'ptr',$pBuffer,'DWORD',0) If Not $aRet[0] Then DllCall('Wintrust.dll','BOOL','CryptCATAdminReleaseContext','Handle',$Context,'DWORD',0) FileClose($FileHandle); $Buffer = 0 Return False EndIf Local $Str = BinaryToString(DllStructGetData($Buffer,1)) Local $sMemberTag = DllStructCreate('WCHAR['&StringLen($Str)+1&']') DllStructSetData($sMemberTag,1,$Str) $pMemberTag = DllStructGetPtr($sMemberTag,1) Thanks. Fred. My UDFs: SetAcl permissions | System restore Examples: File version info editor | GetIp() improved Programs: UVK - Ultra virus killer | ExeFixer | Recent file seeker | SHIcon | Quick_Any2Ico Link to comment Share on other sites More sharing options...
Ascend4nt Posted November 7, 2011 Share Posted November 7, 2011 Main problem I see is you're using AutoIt's built-in FileClose() function which probably means you are using FileOpen() to get the handle. These handles are generic. You'll need to look at _WinAPI_CreateFile and _WinAPI_CloseHandle. Not sure where '$Context' is coming from either. My contributions: Performance Counters in Windows - Measure CPU, Disk, Network etc Performance | Network Interface Info, Statistics, and Traffic | CPU Multi-Processor Usage w/o Performance Counters | Disk and Device Read/Write Statistics | Atom Table Functions | Process, Thread, & DLL Functions UDFs | Process CPU Usage Trackers | PE File Overlay Extraction | A3X Script Extract | File + Process Imports/Exports Information | Windows Desktop Dimmer Shade | Spotlight + Focus GUI - Highlight and Dim for Eyestrain Relief | CrossHairs (FullScreen) | Rubber-Band Boxes using GUI's (_GUIBox) | GUI Fun! | IE Embedded Control Versioning (use IE9+ and HTML5 in a GUI) | Magnifier (Vista+) Functions UDF | _DLLStructDisplay (Debug!) | _EnumChildWindows (controls etc) | _FileFindEx | _ClipGetHTML | _ClipPutHTML + ClipPutHyperlink | _FileGetShortcutEx | _FilePropertiesDialog | I/O Port Functions | File(s) Drag & Drop | _RunWithReducedPrivileges | _ShellExecuteWithReducedPrivileges | _WinAPI_GetSystemInfo | dotNETGetVersions | Drive(s) Power Status | _WinGetDesktopHandle | _StringParseParameters | Screensaver, Sleep, Desktop Lock Disable | Full-Screen Crash Recovery Wrappers/Modifications of others' contributions: _DOSWildcardsToPCRegEx (original code: RobSaunder's) | WinGetAltTabWinList (original: Authenticity) UDF's added support/programming to: _ExplorerWinGetSelectedItems | MIDIEx UDF (original code: eynstyne) (All personal code/wrappers centrally located at Ascend4nt's AutoIT Code) Link to comment Share on other sites More sharing options...
FredAI Posted November 7, 2011 Author Share Posted November 7, 2011 Thanks for your reply , Ascend4nt.No, in fact I'm opening the file with FileCreateW()Here's the code:; Open a file $aRet = DllCall('Kernel32.dll','HANDLE','CreateFileW','Wstr',$File,'DWORD',0x80000000,'DWORD',7, _ 'ptr',0,'DWORD',3,'DWORD',0,'HANDLE',0) $FileHandle = $aRet[0]I just assumed that Fileclose() also closes the returned handle. Doesn't it?The full code I'm converting is here:http://forum.sysinternals.com/howto-verify-the-digital-signature-of-a-file_topic19247.htmlNow I'm very happy because I've just made the function fully work!It was working fine for common files, but always returned $TRUST_E_NOSIGNATURE (0x800B0100) which means "No signature found" for windows files.The problem was in the statement WintrustStructure.dwStateAction = WTD_STATEACTION_VERIFY;It must be WintrustStructure.dwStateAction = WTD_STATEACTION_AUTO_CACHE_FLUSH;Now it's giving the same results as sigcheck or signtool, but works much faster! YES!!!Thanks again. My UDFs: SetAcl permissions | System restore Examples: File version info editor | GetIp() improved Programs: UVK - Ultra virus killer | ExeFixer | Recent file seeker | SHIcon | Quick_Any2Ico Link to comment Share on other sites More sharing options...
Factfinder Posted May 14, 2014 Share Posted May 14, 2014 Now it's giving the same results as sigcheck or signtool, but works much faster! YES!!! I see many developers have tried to do something similar with autoit with no success. Looking at your creations, specially great SetAcl permissions UDF, it could be nice if the UDF could be made public. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now