search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
include: Add STORAGE_HOTPLUG_INFO structure.
[wine.git] / dlls / imagehlp / integrity.c
blob0085387159d525cae5c1838766e6dcfbd465d1d6
1 /*
2 * IMAGEHLP library
3 *
4 * Copyright 1998 Patrik Stridvall
5 * Copyright 2003 Mike McCormack
6 * Copyright 2009 Owen Rudge for CodeWeavers
7 * Copyright 2010 Juan Lang
8 * Copyright 2010 Andrey Turkin
9 *
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2.1 of the License, or (at your option) any later version.
14 *
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
19 *
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, write to the Free Software
22 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
23 */
24
25 #include <stdarg.h>
26
27 #include "windef.h"
28 #include "winbase.h"
29 #include "winerror.h"
30 #include "winternl.h"
31 #include "winnt.h"
32 #include "winver.h"
33 #include "imagehlp.h"
34 #include "wine/debug.h"
35
36 WINE_DEFAULT_DEBUG_CHANNEL(imagehlp);
37
38 /*
39 * These functions are partially documented at:
40 * http://www.cs.auckland.ac.nz/~pgut001/pubs/authenticode.txt
41 */
42
43 #define HDR_FAIL -1
44 #define HDR_NT32 0
45 #define HDR_NT64 1
46
47 /***********************************************************************
48 * IMAGEHLP_GetNTHeaders (INTERNAL)
49 *
50 * Return the IMAGE_NT_HEADERS for a PE file, after validating magic
51 * numbers and distinguishing between 32-bit and 64-bit files.
52 */
53 static int IMAGEHLP_GetNTHeaders(HANDLE handle, DWORD *pe_offset, IMAGE_NT_HEADERS32 *nt32, IMAGE_NT_HEADERS64 *nt64)
54 {
55 IMAGE_DOS_HEADER dos_hdr;
56 DWORD count;
57 BOOL r;
58
59 TRACE("handle %p\n", handle);
60
61 if ((!nt32) || (!nt64))
62 return HDR_FAIL;
63
64 /* read the DOS header */
65 count = SetFilePointer(handle, 0, NULL, FILE_BEGIN);
66
67 if (count == INVALID_SET_FILE_POINTER)
68 return HDR_FAIL;
69
70 count = 0;
71
72 r = ReadFile(handle, &dos_hdr, sizeof dos_hdr, &count, NULL);
73
74 if (!r)
75 return HDR_FAIL;
76
77 if (count != sizeof dos_hdr)
78 return HDR_FAIL;
79
80 /* verify magic number of 'MZ' */
81 if (dos_hdr.e_magic != IMAGE_DOS_SIGNATURE)
82 return HDR_FAIL;
83
84 if (pe_offset != NULL)
85 *pe_offset = dos_hdr.e_lfanew;
86
87 /* read the PE header */
88 count = SetFilePointer(handle, dos_hdr.e_lfanew, NULL, FILE_BEGIN);
89
90 if (count == INVALID_SET_FILE_POINTER)
91 return HDR_FAIL;
92
93 count = 0;
94
95 r = ReadFile(handle, nt32, sizeof(IMAGE_NT_HEADERS32), &count, NULL);
96
97 if (!r)
98 return HDR_FAIL;
99
100 if (count != sizeof(IMAGE_NT_HEADERS32))
101 return HDR_FAIL;
102
103 /* verify NT signature */
104 if (nt32->Signature != IMAGE_NT_SIGNATURE)
105 return HDR_FAIL;
106
107 /* check if we have a 32-bit or 64-bit executable */
108 switch (nt32->OptionalHeader.Magic)
109 {
110 case IMAGE_NT_OPTIONAL_HDR32_MAGIC:
111 return HDR_NT32;
112
113 case IMAGE_NT_OPTIONAL_HDR64_MAGIC:
114 /* Re-read as 64-bit */
115
116 count = SetFilePointer(handle, dos_hdr.e_lfanew, NULL, FILE_BEGIN);
117
118 if (count == INVALID_SET_FILE_POINTER)
119 return HDR_FAIL;
120
121 count = 0;
122
123 r = ReadFile(handle, nt64, sizeof(IMAGE_NT_HEADERS64), &count, NULL);
124
125 if (!r)
126 return HDR_FAIL;
127
128 if (count != sizeof(IMAGE_NT_HEADERS64))
129 return HDR_FAIL;
130
131 /* verify NT signature */
132 if (nt64->Signature != IMAGE_NT_SIGNATURE)
133 return HDR_FAIL;
134
135 return HDR_NT64;
136 }
137
138 return HDR_FAIL;
139 }
140
141 /***********************************************************************
142 * IMAGEHLP_GetSecurityDirOffset (INTERNAL)
143 *
144 * Read a file's PE header, and return the offset and size of the
145 * security directory.
146 */
147 static BOOL IMAGEHLP_GetSecurityDirOffset( HANDLE handle,
148 DWORD *pdwOfs, DWORD *pdwSize )
149 {
150 IMAGE_NT_HEADERS32 nt_hdr32;
151 IMAGE_NT_HEADERS64 nt_hdr64;
152 IMAGE_DATA_DIRECTORY *sd;
153 int ret;
154
155 ret = IMAGEHLP_GetNTHeaders(handle, NULL, &nt_hdr32, &nt_hdr64);
156
157 if (ret == HDR_NT32)
158 sd = &nt_hdr32.OptionalHeader.DataDirectory[IMAGE_FILE_SECURITY_DIRECTORY];
159 else if (ret == HDR_NT64)
160 sd = &nt_hdr64.OptionalHeader.DataDirectory[IMAGE_FILE_SECURITY_DIRECTORY];
161 else
162 return FALSE;
163
164 TRACE("ret = %d size = %lx addr = %lx\n", ret, sd->Size, sd->VirtualAddress);
165
166 *pdwSize = sd->Size;
167 *pdwOfs = sd->VirtualAddress;
168
169 return TRUE;
170 }
171
172 /***********************************************************************
173 * IMAGEHLP_SetSecurityDirOffset (INTERNAL)
174 *
175 * Read a file's PE header, and update the offset and size of the
176 * security directory.
177 */
178 static BOOL IMAGEHLP_SetSecurityDirOffset(HANDLE handle,
179 DWORD dwOfs, DWORD dwSize)
180 {
181 IMAGE_NT_HEADERS32 nt_hdr32;
182 IMAGE_NT_HEADERS64 nt_hdr64;
183 IMAGE_DATA_DIRECTORY *sd;
184 int ret, nt_hdr_size = 0;
185 DWORD pe_offset;
186 void *nt_hdr;
187 DWORD count;
188 BOOL r;
189
190 ret = IMAGEHLP_GetNTHeaders(handle, &pe_offset, &nt_hdr32, &nt_hdr64);
191
192 if (ret == HDR_NT32)
193 {
194 sd = &nt_hdr32.OptionalHeader.DataDirectory[IMAGE_FILE_SECURITY_DIRECTORY];
195
196 nt_hdr = &nt_hdr32;
197 nt_hdr_size = sizeof(IMAGE_NT_HEADERS32);
198 }
199 else if (ret == HDR_NT64)
200 {
201 sd = &nt_hdr64.OptionalHeader.DataDirectory[IMAGE_FILE_SECURITY_DIRECTORY];
202
203 nt_hdr = &nt_hdr64;
204 nt_hdr_size = sizeof(IMAGE_NT_HEADERS64);
205 }
206 else
207 return FALSE;
208
209 sd->Size = dwSize;
210 sd->VirtualAddress = dwOfs;
211
212 TRACE("size = %lx addr = %lx\n", sd->Size, sd->VirtualAddress);
213
214 /* write the header back again */
215 count = SetFilePointer(handle, pe_offset, NULL, FILE_BEGIN);
216
217 if (count == INVALID_SET_FILE_POINTER)
218 return FALSE;
219
220 count = 0;
221
222 r = WriteFile(handle, nt_hdr, nt_hdr_size, &count, NULL);
223
224 if (!r)
225 return FALSE;
226
227 if (count != nt_hdr_size)
228 return FALSE;
229
230 return TRUE;
231 }
232
233 /***********************************************************************
234 * IMAGEHLP_GetCertificateOffset (INTERNAL)
235 *
236 * Read a file's PE header, and return the offset and size of the
237 * security directory.
238 */
239 static BOOL IMAGEHLP_GetCertificateOffset( HANDLE handle, DWORD num,
240 DWORD *pdwOfs, DWORD *pdwSize )
241 {
242 DWORD size, count, offset, len, sd_VirtualAddr;
243 BOOL r;
244
245 r = IMAGEHLP_GetSecurityDirOffset( handle, &sd_VirtualAddr, &size );
246 if( !r )
247 return FALSE;
248
249 offset = 0;
250 /* take the n'th certificate */
251 while( 1 )
252 {
253 /* read the length of the current certificate */
254 count = SetFilePointer( handle, sd_VirtualAddr + offset,
255 NULL, FILE_BEGIN );
256 if( count == INVALID_SET_FILE_POINTER )
257 return FALSE;
258 r = ReadFile( handle, &len, sizeof len, &count, NULL );
259 if( !r )
260 return FALSE;
261 if( count != sizeof len )
262 return FALSE;
263
264 /* check the certificate is not too big or too small */
265 if( len < sizeof len )
266 return FALSE;
267 if( len > (size-offset) )
268 return FALSE;
269 if( !num-- )
270 break;
271
272 /* calculate the offset of the next certificate */
273 offset += len;
274
275 /* padded out to the nearest 8-byte boundary */
276 if( len % 8 )
277 offset += 8 - (len % 8);
278
279 if( offset >= size )
280 return FALSE;
281 }
282
283 *pdwOfs = sd_VirtualAddr + offset;
284 *pdwSize = len;
285
286 TRACE("len = %lx addr = %lx\n", len, sd_VirtualAddr + offset);
287
288 return TRUE;
289 }
290
291 /***********************************************************************
292 * IMAGEHLP_RecalculateChecksum (INTERNAL)
293 *
294 * Update the NT header checksum for the specified file.
295 */
296 static BOOL IMAGEHLP_RecalculateChecksum(HANDLE handle)
297 {
298 DWORD FileLength, count, HeaderSum, pe_offset, nt_hdr_size;
299 IMAGE_NT_HEADERS32 nt_hdr32;
300 IMAGE_NT_HEADERS64 nt_hdr64;
301 LPVOID BaseAddress;
302 HANDLE hMapping;
303 DWORD *CheckSum;
304 void *nt_hdr;
305 int ret;
306 BOOL r;
307
308 TRACE("handle %p\n", handle);
309
310 ret = IMAGEHLP_GetNTHeaders(handle, &pe_offset, &nt_hdr32, &nt_hdr64);
311
312 if (ret == HDR_NT32)
313 {
314 CheckSum = &nt_hdr32.OptionalHeader.CheckSum;
315
316 nt_hdr = &nt_hdr32;
317 nt_hdr_size = sizeof(IMAGE_NT_HEADERS32);
318 }
319 else if (ret == HDR_NT64)
320 {
321 CheckSum = &nt_hdr64.OptionalHeader.CheckSum;
322
323 nt_hdr = &nt_hdr64;
324 nt_hdr_size = sizeof(IMAGE_NT_HEADERS64);
325 }
326 else
327 return FALSE;
328
329 hMapping = CreateFileMappingW(handle, NULL, PAGE_READONLY, 0, 0, NULL);
330
331 if (!hMapping)
332 return FALSE;
333
334 BaseAddress = MapViewOfFile(hMapping, FILE_MAP_READ, 0, 0, 0);
335
336 if (!BaseAddress)
337 {
338 CloseHandle(hMapping);
339 return FALSE;
340 }
341
342 FileLength = GetFileSize(handle, NULL);
343
344 *CheckSum = 0;
345 CheckSumMappedFile(BaseAddress, FileLength, &HeaderSum, CheckSum);
346
347 UnmapViewOfFile(BaseAddress);
348 CloseHandle(hMapping);
349
350 if (*CheckSum)
351 {
352 /* write the header back again */
353 count = SetFilePointer(handle, pe_offset, NULL, FILE_BEGIN);
354
355 if (count == INVALID_SET_FILE_POINTER)
356 return FALSE;
357
358 count = 0;
359
360 r = WriteFile(handle, nt_hdr, nt_hdr_size, &count, NULL);
361
362 if (!r)
363 return FALSE;
364
365 if (count != nt_hdr_size)
366 return FALSE;
367
368 return TRUE;
369 }
370
371 return FALSE;
372 }
373
374 /***********************************************************************
375 * ImageAddCertificate (IMAGEHLP.@)
376 *
377 * Adds the specified certificate to the security directory of
378 * open PE file.
379 */
380
381 BOOL WINAPI ImageAddCertificate(
382 HANDLE FileHandle, LPWIN_CERTIFICATE Certificate, PDWORD Index)
383 {
384 DWORD size = 0, count = 0, offset = 0, sd_VirtualAddr = 0, index = 0;
385 WIN_CERTIFICATE hdr;
386 const size_t cert_hdr_size = sizeof hdr - sizeof hdr.bCertificate;
387 BOOL r;
388
389 TRACE("(%p, %p, %p)\n", FileHandle, Certificate, Index);
390
391 r = IMAGEHLP_GetSecurityDirOffset(FileHandle, &sd_VirtualAddr, &size);
392
393 /* If we've already got a security directory, find the end of it */
394 if ((r) && (sd_VirtualAddr != 0))
395 {
396 /* Check if the security directory is at the end of the file.
397 If not, we should probably relocate it. */
398 if (GetFileSize(FileHandle, NULL) != sd_VirtualAddr + size)
399 {
400 FIXME("Security directory already present but not located at EOF, not adding certificate\n");
401
402 SetLastError(ERROR_NOT_SUPPORTED);
403 return FALSE;
404 }
405
406 while (offset < size)
407 {
408 /* read the length of the current certificate */
409 count = SetFilePointer (FileHandle, sd_VirtualAddr + offset,
410 NULL, FILE_BEGIN);
411
412 if (count == INVALID_SET_FILE_POINTER)
413 return FALSE;
414
415 r = ReadFile(FileHandle, &hdr, cert_hdr_size, &count, NULL);
416
417 if (!r)
418 return FALSE;
419
420 if (count != cert_hdr_size)
421 return FALSE;
422
423 /* check the certificate is not too big or too small */
424 if (hdr.dwLength < cert_hdr_size)
425 return FALSE;
426
427 if (hdr.dwLength > (size-offset))
428 return FALSE;
429
430 /* next certificate */
431 offset += hdr.dwLength;
432
433 /* padded out to the nearest 8-byte boundary */
434 if (hdr.dwLength % 8)
435 offset += 8 - (hdr.dwLength % 8);
436
437 index++;
438 }
439
440 count = SetFilePointer (FileHandle, sd_VirtualAddr + offset, NULL, FILE_BEGIN);
441
442 if (count == INVALID_SET_FILE_POINTER)
443 return FALSE;
444 }
445 else
446 {
447 sd_VirtualAddr = SetFilePointer(FileHandle, 0, NULL, FILE_END);
448
449 if (sd_VirtualAddr == INVALID_SET_FILE_POINTER)
450 return FALSE;
451 }
452
453 /* Write the certificate to the file */
454 r = WriteFile(FileHandle, Certificate, Certificate->dwLength, &count, NULL);
455
456 if (!r)
457 return FALSE;
458
459 /* Pad out if necessary */
460 if (Certificate->dwLength % 8)
461 {
462 char null[8];
463
464 ZeroMemory(null, 8);
465 WriteFile(FileHandle, null, 8 - (Certificate->dwLength % 8), &count, NULL);
466
467 size += 8 - (Certificate->dwLength % 8);
468 }
469
470 size += Certificate->dwLength;
471
472 /* Update the security directory offset and size */
473 if (!IMAGEHLP_SetSecurityDirOffset(FileHandle, sd_VirtualAddr, size))
474 return FALSE;
475
476 if (!IMAGEHLP_RecalculateChecksum(FileHandle))
477 return FALSE;
478
479 if(Index)
480 *Index = index;
481 return TRUE;
482 }
483
484 /***********************************************************************
485 * ImageEnumerateCertificates (IMAGEHLP.@)
486 */
487 BOOL WINAPI ImageEnumerateCertificates(
488 HANDLE handle, WORD TypeFilter, PDWORD CertificateCount,
489 PDWORD Indices, DWORD IndexCount)
490 {
491 DWORD size, count, offset, sd_VirtualAddr, index;
492 WIN_CERTIFICATE hdr;
493 const size_t cert_hdr_size = sizeof hdr - sizeof hdr.bCertificate;
494 BOOL r;
495
496 TRACE("%p %hd %p %p %ld\n",
497 handle, TypeFilter, CertificateCount, Indices, IndexCount);
498
499 r = IMAGEHLP_GetSecurityDirOffset( handle, &sd_VirtualAddr, &size );
500 if( !r )
501 return FALSE;
502
503 offset = 0;
504 index = 0;
505 *CertificateCount = 0;
506 while( offset < size )
507 {
508 /* read the length of the current certificate */
509 count = SetFilePointer( handle, sd_VirtualAddr + offset,
510 NULL, FILE_BEGIN );
511 if( count == INVALID_SET_FILE_POINTER )
512 return FALSE;
513 r = ReadFile( handle, &hdr, cert_hdr_size, &count, NULL );
514 if( !r )
515 return FALSE;
516 if( count != cert_hdr_size )
517 return FALSE;
518
519 TRACE("Size = %08lx id = %08hx\n",
520 hdr.dwLength, hdr.wCertificateType );
521
522 /* check the certificate is not too big or too small */
523 if( hdr.dwLength < cert_hdr_size )
524 return FALSE;
525 if( hdr.dwLength > (size-offset) )
526 return FALSE;
527
528 if( (TypeFilter == CERT_SECTION_TYPE_ANY) ||
529 (TypeFilter == hdr.wCertificateType) )
530 {
531 (*CertificateCount)++;
532 if(Indices && *CertificateCount <= IndexCount)
533 *Indices++ = index;
534 }
535
536 /* next certificate */
537 offset += hdr.dwLength;
538
539 /* padded out to the nearest 8-byte boundary */
540 if (hdr.dwLength % 8)
541 offset += 8 - (hdr.dwLength % 8);
542
543 index++;
544 }
545
546 return TRUE;
547 }
548
549 /***********************************************************************
550 * ImageGetCertificateData (IMAGEHLP.@)
551 *
552 * FIXME: not sure that I'm dealing with the Index the right way
553 */
554 BOOL WINAPI ImageGetCertificateData(
555 HANDLE handle, DWORD Index,
556 LPWIN_CERTIFICATE Certificate, PDWORD RequiredLength)
557 {
558 DWORD r, offset, ofs, size, count;
559
560 TRACE("%p %ld %p %p\n", handle, Index, Certificate, RequiredLength);
561
562 if( !RequiredLength)
563 {
564 SetLastError( ERROR_INVALID_PARAMETER );
565 return FALSE;
566 }
567
568 if( !IMAGEHLP_GetCertificateOffset( handle, Index, &ofs, &size ) )
569 return FALSE;
570
571 if( *RequiredLength < size )
572 {
573 *RequiredLength = size;
574 SetLastError( ERROR_INSUFFICIENT_BUFFER );
575 return FALSE;
576 }
577
578 if( !Certificate )
579 {
580 SetLastError( ERROR_INVALID_PARAMETER );
581 return FALSE;
582 }
583
584 *RequiredLength = size;
585
586 offset = SetFilePointer( handle, ofs, NULL, FILE_BEGIN );
587 if( offset == INVALID_SET_FILE_POINTER )
588 return FALSE;
589
590 r = ReadFile( handle, Certificate, size, &count, NULL );
591 if( !r )
592 return FALSE;
593 if( count != size )
594 return FALSE;
595
596 TRACE("OK\n");
597 SetLastError( NO_ERROR );
598
599 return TRUE;
600 }
601
602 /***********************************************************************
603 * ImageGetCertificateHeader (IMAGEHLP.@)
604 */
605 BOOL WINAPI ImageGetCertificateHeader(
606 HANDLE handle, DWORD index, LPWIN_CERTIFICATE pCert)
607 {
608 DWORD r, offset, ofs, size, count;
609 const size_t cert_hdr_size = sizeof *pCert - sizeof pCert->bCertificate;
610
611 TRACE("%p %ld %p\n", handle, index, pCert);
612
613 if( !IMAGEHLP_GetCertificateOffset( handle, index, &ofs, &size ) )
614 return FALSE;
615
616 if( size < cert_hdr_size )
617 return FALSE;
618
619 offset = SetFilePointer( handle, ofs, NULL, FILE_BEGIN );
620 if( offset == INVALID_SET_FILE_POINTER )
621 return FALSE;
622
623 r = ReadFile( handle, pCert, cert_hdr_size, &count, NULL );
624 if( !r )
625 return FALSE;
626 if( count != cert_hdr_size )
627 return FALSE;
628
629 TRACE("OK\n");
630
631 return TRUE;
632 }
633
634 /* Finds the section named section in the array of IMAGE_SECTION_HEADERs hdr. If
635 * found, returns the offset to the section. Otherwise returns 0. If the section
636 * is found, optionally returns the size of the section (in size) and the base
637 * address of the section (in base.)
638 */
639 static DWORD IMAGEHLP_GetSectionOffset( IMAGE_SECTION_HEADER *hdr,
640 DWORD num_sections, LPCSTR section, PDWORD size, PDWORD base )
641 {
642 DWORD i, offset = 0;
643
644 for( i = 0; !offset && i < num_sections; i++, hdr++ )
645 {
646 if( !memcmp( hdr->Name, section, strlen(section) ) )
647 {
648 offset = hdr->PointerToRawData;
649 if( size )
650 *size = hdr->SizeOfRawData;
651 if( base )
652 *base = hdr->VirtualAddress;
653 }
654 }
655 return offset;
656 }
657
658 /* Calls DigestFunction e bytes at offset offset from the file mapped at map.
659 * Returns the return value of DigestFunction, or FALSE if the data is not available.
660 */
661 static BOOL IMAGEHLP_ReportSectionFromOffset( DWORD offset, DWORD size,
662 BYTE *map, DWORD fileSize, DIGEST_FUNCTION DigestFunction, DIGEST_HANDLE DigestHandle )
663 {
664 if( offset + size > fileSize )
665 {
666 SetLastError(ERROR_INVALID_PARAMETER);
667 return FALSE;
668 }
669 return DigestFunction( DigestHandle, map + offset, size );
670 }
671
672 /* Finds the section named section among the IMAGE_SECTION_HEADERs in
673 * section_headers and calls DigestFunction for this section. Returns
674 * the return value from DigestFunction, or FALSE if the data could not be read.
675 */
676 static BOOL IMAGEHLP_ReportSection( IMAGE_SECTION_HEADER *section_headers,
677 DWORD num_sections, LPCSTR section, BYTE *map, DWORD fileSize,
678 DIGEST_FUNCTION DigestFunction, DIGEST_HANDLE DigestHandle )
679 {
680 DWORD offset, size = 0;
681
682 offset = IMAGEHLP_GetSectionOffset( section_headers, num_sections, section,
683 &size, NULL );
684 if( !offset )
685 return FALSE;
686 return IMAGEHLP_ReportSectionFromOffset( offset, size, map, fileSize,
687 DigestFunction, DigestHandle );
688 }
689
690 /* Calls DigestFunction for all sections with the IMAGE_SCN_CNT_CODE flag set.
691 * Returns the return value from * DigestFunction, or FALSE if a section could not be read.
692 */
693 static BOOL IMAGEHLP_ReportCodeSections( IMAGE_SECTION_HEADER *hdr, DWORD num_sections,
694 BYTE *map, DWORD fileSize, DIGEST_FUNCTION DigestFunction, DIGEST_HANDLE DigestHandle )
695 {
696 DWORD i;
697 BOOL ret = TRUE;
698
699 for( i = 0; ret && i < num_sections; i++, hdr++ )
700 {
701 if( hdr->Characteristics & IMAGE_SCN_CNT_CODE )
702 ret = IMAGEHLP_ReportSectionFromOffset( hdr->PointerToRawData,
703 hdr->SizeOfRawData, map, fileSize, DigestFunction, DigestHandle );
704 }
705 return ret;
706 }
707
708 /* Reports the import section from the file FileHandle. If
709 * CERT_PE_IMAGE_DIGEST_ALL_IMPORT_INFO is set in DigestLevel, reports the entire
710 * import section.
711 * FIXME: if it's not set, the function currently fails.
712 */
713 static BOOL IMAGEHLP_ReportImportSection( IMAGE_SECTION_HEADER *hdr,
714 DWORD num_sections, BYTE *map, DWORD fileSize, DWORD DigestLevel,
715 DIGEST_FUNCTION DigestFunction, DIGEST_HANDLE DigestHandle )
716 {
717 BOOL ret = FALSE;
718 DWORD offset, size, base;
719
720 /* Get import data */
721 offset = IMAGEHLP_GetSectionOffset( hdr, num_sections, ".idata", &size,
722 &base );
723 if( !offset )
724 return FALSE;
725
726 /* If CERT_PE_IMAGE_DIGEST_ALL_IMPORT_INFO is set, the entire
727 * section is reported. Otherwise, the debug info section is
728 * decoded and reported piecemeal. See tests. However, I haven't been
729 * able to figure out how the native implementation decides which values
730 * to report. Either it's buggy or my understanding is flawed.
731 */
732 if( DigestLevel & CERT_PE_IMAGE_DIGEST_ALL_IMPORT_INFO )
733 ret = IMAGEHLP_ReportSectionFromOffset( offset, size, map, fileSize,
734 DigestFunction, DigestHandle );
735 else
736 {
737 FIXME("not supported except for CERT_PE_IMAGE_DIGEST_ALL_IMPORT_INFO\n");
738 SetLastError(ERROR_INVALID_PARAMETER);
739 ret = FALSE;
740 }
741
742 return ret;
743 }
744
745 /***********************************************************************
746 * ImageGetDigestStream (IMAGEHLP.@)
747 *
748 * Gets a stream of bytes from a PE file over which a hash might be computed to
749 * verify that the image has not changed. Useful for creating a certificate to
750 * be added to the file with ImageAddCertificate.
751 *
752 * PARAMS
753 * FileHandle [In] File for which to return a stream.
754 * DigestLevel [In] Flags to control which portions of the file to return.
755 * 0 is allowed, as is any combination of:
756 * CERT_PE_IMAGE_DIGEST_ALL_IMPORT_INFO: reports the entire
757 * import section rather than selected portions of it.
758 * CERT_PE_IMAGE_DIGEST_DEBUG_INFO: reports the debug section.
759 * CERT_PE_IMAGE_DIGEST_RESOURCES: reports the resources
760 section.
761 * DigestFunction [In] Callback function.
762 * DigestHandle [In] Handle passed as first parameter to DigestFunction.
763 *
764 * RETURNS
765 * TRUE if successful.
766 * FALSE if unsuccessful. GetLastError returns more about the error.
767 *
768 * NOTES
769 * Only supports 32-bit PE files, not tested with any other format.
770 * Reports data in the following order:
771 * 1. The file headers are reported first
772 * 2. Any code sections are reported next.
773 * 3. The data (".data" and ".rdata") sections are reported next.
774 * 4. The import section is reported next.
775 * 5. If CERT_PE_IMAGE_DIGEST_DEBUG_INFO is set in DigestLevel, the debug section is
776 * reported next.
777 * 6. If CERT_PE_IMAGE_DIGEST_RESOURCES is set in DigestLevel, the resources section
778 * is reported next.
779 *
780 * BUGS
781 * CERT_PE_IMAGE_DIGEST_ALL_IMPORT_INFO must be specified, returns an error if not.
782 */
783 BOOL WINAPI ImageGetDigestStream(
784 HANDLE FileHandle, DWORD DigestLevel,
785 DIGEST_FUNCTION DigestFunction, DIGEST_HANDLE DigestHandle)
786 {
787 DWORD error = 0;
788 BOOL ret = FALSE;
789 DWORD offset, size, num_sections, fileSize;
790 HANDLE hMap = INVALID_HANDLE_VALUE;
791 BYTE *map = NULL;
792 IMAGE_DOS_HEADER *dos_hdr;
793 IMAGE_NT_HEADERS *nt_hdr;
794 IMAGE_SECTION_HEADER *section_headers;
795
796 TRACE("(%p, %ld, %p, %p)\n", FileHandle, DigestLevel, DigestFunction,
797 DigestHandle);
798
799 /* Get the file size */
800 if( !FileHandle )
801 goto invalid_parameter;
802 fileSize = GetFileSize( FileHandle, NULL );
803 if(fileSize == INVALID_FILE_SIZE )
804 goto invalid_parameter;
805
806 /* map file */
807 hMap = CreateFileMappingW( FileHandle, NULL, PAGE_READONLY, 0, 0, NULL );
808 if( hMap == INVALID_HANDLE_VALUE )
809 goto invalid_parameter;
810 map = MapViewOfFile( hMap, FILE_MAP_COPY, 0, 0, 0 );
811 if( !map )
812 goto invalid_parameter;
813
814 /* Read the file header */
815 if( fileSize < sizeof(IMAGE_DOS_HEADER) )
816 goto invalid_parameter;
817 dos_hdr = (IMAGE_DOS_HEADER *)map;
818
819 if( dos_hdr->e_magic != IMAGE_DOS_SIGNATURE )
820 goto invalid_parameter;
821 offset = dos_hdr->e_lfanew;
822 if( !offset || offset > fileSize )
823 goto invalid_parameter;
824 ret = DigestFunction( DigestHandle, map, offset );
825 if( !ret )
826 goto end;
827
828 /* Read the NT header */
829 if( offset + sizeof(IMAGE_NT_HEADERS) > fileSize )
830 goto invalid_parameter;
831 nt_hdr = (IMAGE_NT_HEADERS *)(map + offset);
832 if( nt_hdr->Signature != IMAGE_NT_SIGNATURE )
833 goto invalid_parameter;
834 /* It's clear why the checksum is cleared, but why only these size headers?
835 */
836 nt_hdr->OptionalHeader.SizeOfInitializedData = 0;
837 nt_hdr->OptionalHeader.SizeOfImage = 0;
838 nt_hdr->OptionalHeader.CheckSum = 0;
839 size = sizeof(nt_hdr->Signature) + sizeof(nt_hdr->FileHeader) +
840 nt_hdr->FileHeader.SizeOfOptionalHeader;
841 ret = DigestFunction( DigestHandle, map + offset, size );
842 if( !ret )
843 goto end;
844
845 /* Read the section headers */
846 offset += size;
847 num_sections = nt_hdr->FileHeader.NumberOfSections;
848 size = num_sections * sizeof(IMAGE_SECTION_HEADER);
849 if( offset + size > fileSize )
850 goto invalid_parameter;
851 ret = DigestFunction( DigestHandle, map + offset, size );
852 if( !ret )
853 goto end;
854
855 section_headers = (IMAGE_SECTION_HEADER *)(map + offset);
856 IMAGEHLP_ReportCodeSections( section_headers, num_sections,
857 map, fileSize, DigestFunction, DigestHandle );
858 IMAGEHLP_ReportSection( section_headers, num_sections, ".data",
859 map, fileSize, DigestFunction, DigestHandle );
860 IMAGEHLP_ReportSection( section_headers, num_sections, ".rdata",
861 map, fileSize, DigestFunction, DigestHandle );
862 IMAGEHLP_ReportImportSection( section_headers, num_sections,
863 map, fileSize, DigestLevel, DigestFunction, DigestHandle );
864 if( DigestLevel & CERT_PE_IMAGE_DIGEST_DEBUG_INFO )
865 IMAGEHLP_ReportSection( section_headers, num_sections, ".debug",
866 map, fileSize, DigestFunction, DigestHandle );
867 if( DigestLevel & CERT_PE_IMAGE_DIGEST_RESOURCES )
868 IMAGEHLP_ReportSection( section_headers, num_sections, ".rsrc",
869 map, fileSize, DigestFunction, DigestHandle );
870
871 end:
872 if( map )
873 UnmapViewOfFile( map );
874 if( hMap != INVALID_HANDLE_VALUE )
875 CloseHandle( hMap );
876 if( error )
877 SetLastError(error);
878 return ret;
879
880 invalid_parameter:
881 error = ERROR_INVALID_PARAMETER;
882 goto end;
883 }
884
885 /***********************************************************************
886 * ImageRemoveCertificate (IMAGEHLP.@)
887 */
888 BOOL WINAPI ImageRemoveCertificate(HANDLE FileHandle, DWORD Index)
889 {
890 DWORD size = 0, count = 0, sd_VirtualAddr = 0, offset = 0;
891 DWORD data_size = 0, cert_size = 0, cert_size_padded = 0, ret = 0;
892 LPVOID cert_data;
893 BOOL r;
894
895 TRACE("(%p, %ld)\n", FileHandle, Index);
896
897 r = ImageEnumerateCertificates(FileHandle, CERT_SECTION_TYPE_ANY, &count, NULL, 0);
898
899 if ((!r) || (count == 0))
900 return FALSE;
901
902 if ((!IMAGEHLP_GetSecurityDirOffset(FileHandle, &sd_VirtualAddr, &size)) ||
903 (!IMAGEHLP_GetCertificateOffset(FileHandle, Index, &offset, &cert_size)))
904 return FALSE;
905
906 /* Ignore any padding we have, too */
907 if (cert_size % 8)
908 cert_size_padded = cert_size + (8 - (cert_size % 8));
909 else
910 cert_size_padded = cert_size;
911
912 data_size = size - (offset - sd_VirtualAddr) - cert_size_padded;
913
914 if (data_size == 0)
915 {
916 ret = SetFilePointer(FileHandle, sd_VirtualAddr, NULL, FILE_BEGIN);
917
918 if (ret == INVALID_SET_FILE_POINTER)
919 return FALSE;
920 }
921 else
922 {
923 cert_data = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, data_size);
924
925 if (!cert_data)
926 return FALSE;
927
928 ret = SetFilePointer(FileHandle, offset + cert_size_padded, NULL, FILE_BEGIN);
929
930 if (ret == INVALID_SET_FILE_POINTER)
931 goto error;
932
933 /* Read any subsequent certificates */
934 r = ReadFile(FileHandle, cert_data, data_size, &count, NULL);
935
936 if ((!r) || (count != data_size))
937 goto error;
938
939 SetFilePointer(FileHandle, offset, NULL, FILE_BEGIN);
940
941 /* Write them one index back */
942 r = WriteFile(FileHandle, cert_data, data_size, &count, NULL);
943
944 if ((!r) || (count != data_size))
945 goto error;
946
947 HeapFree(GetProcessHeap(), 0, cert_data);
948 }
949
950 /* If security directory is at end of file, trim the file */
951 if (GetFileSize(FileHandle, NULL) == sd_VirtualAddr + size)
952 SetEndOfFile(FileHandle);
953
954 if (count == 1)
955 r = IMAGEHLP_SetSecurityDirOffset(FileHandle, 0, 0);
956 else
957 r = IMAGEHLP_SetSecurityDirOffset(FileHandle, sd_VirtualAddr, size - cert_size_padded);
958
959 if (!r)
960 return FALSE;
961
962 if (!IMAGEHLP_RecalculateChecksum(FileHandle))
963 return FALSE;
964
965 return TRUE;
966
967 error:
968 HeapFree(GetProcessHeap(), 0, cert_data);
969 return FALSE;
970 }
Windows API implementation