wintrustapi

package

v0.0.0-...-de9f4d9 Latest Latest Go to latest Published: Aug 13, 2022 License: MIT Imports: 4 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/gentlemanautomaton/wintrust

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func VerifyFile(hwnd syscall.Handle, action Action, data *FileData) (err error)
type Action
type DataType
type FileData
type FileInfo
type RevocationCheck
type SignatureSettings
type StateAction
type UIContext
type UIMode

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	DriverVerify    = Action(winguid.New("F750E6C3-38EE-11d1-85E5-00C04FC295EE")) // DRIVER_ACTION_VERIFY
	GenericVerifyV2 = Action(winguid.New("00AAC56B-CD44-11D0-8CC2-00C04FC295EE")) // WINTRUST_ACTION_GENERIC_VERIFY_V2
)

Supported trust provider actions.

Functions ¶

func VerifyFile ¶

func VerifyFile(hwnd syscall.Handle, action Action, data *FileData) (err error)

VerifyFile calls the WinVerifyTrustEx function within the Windows Trust API to verify the authenticode signature of a file. It returns nil if the file was signed by a trusted publisher and the signature is valid.

It is the caller's responsibility to call this function twice when performing file verification. The first call should use StateActionVerify and the second call should use StateActionClose. This is necessary to release system resources allocated by the first call.

Types ¶

type Action ¶

type Action windows.GUID

Action is a GUID that identifies an action that can be performed by a Windows Trust Provider.

type DataType ¶

type DataType uint32

DataType identifies the type of data provided when making wintrust API calls.

const (
	DataTypeFile    DataType = iota + 1 // WTD_CHOICE_FILE
	DataTypeCatalog                     // WTD_CHOICE_CATALOG
	DataTypeBlob                        // WTD_CHOICE_BLOB
	DataTypeSigner                      // WTD_CHOICE_SIGNER
	DataTypeCert                        // WTD_CHOICE_CERT
)

Possible data types.

type FileData ¶

type FileData struct {
	UserInterfaceMode    UIMode
	RevocationChecks     RevocationCheck
	File                 FileInfo
	StateAction          StateAction
	StateData            syscall.Handle
	ProviderFlags        uint32
	UserInterfaceContext UIContext
	SignatureSettings    *SignatureSettings
}

FileData holds data for wintrust API calls that verify the authenticode signature of a file.

type FileInfo ¶

type FileInfo struct {
	Path         string
	Handle       syscall.Handle // Optional handle to file with read access
	KnownSubject windows.GUID   // Optional subject type
}

FileInfo holds information about a file to be examined by wintrust API calls.

type RevocationCheck ¶

type RevocationCheck uint32

RevocationCheck describes possible options for revocation checking when making wintrust API calls.

const (
	RevocationCheckNone       RevocationCheck = iota // WTD_REVOKE_NONE
	RevocationCheckWholeChain                        // WTD_REVOKE_WHOLECHAIN
)

Revocation checking options.

type SignatureSettings ¶

type SignatureSettings struct {
	Size             uint32
	Index            uint32
	Flags            uint32
	SecondarySigs    uint32
	VerifiedSigIndex uint32
	CryptoPolicy     uintptr
}

SignatureSettings can be used to communicate signature verification requirements in wintrust API calls.

type StateAction ¶

type StateAction uint32

StateAction identifies the type of verification action to be taken.

const (
	StateActionIgnore         StateAction = iota // WTD_STATEACTION_IGNORE
	StateActionVerify                            // WTD_STATEACTION_VERIFY
	StateActionClose                             // WTD_STATEACTION_CLOSE
	StateActionAutoCache                         // WTD_STATEACTION_AUTO_CACHE
	StateActionAutoCacheFlush                    // WTD_STATEACTION_AUTO_CACHE_FLUSH
)

Possible state actions.

type UIContext ¶

type UIContext uint32

UIContext identifiers a user interface context when making wintrust API calls.

const (
	UIContextExecute UIContext = iota // WTD_UICONTEXT_EXECUTE
	UIContextInstall                  // WTD_UICONTEXT_INSTALL
)

User-interface contexts.

type UIMode ¶

type UIMode uint32

UIMode identifies a user interface mode when making wintrust API calls.

const (
	UserInterfaceAll    UIMode = iota + 1 // WTD_UI_ALL
	UserInterfaceNone                     // WTD_UI_NONE
	UserInterfaceNoBad                    // WTD_UI_NOBAD
	UserInterfaceNoGood                   // WTD_UI_NOGOOD
)

User-interface modes.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL