add IsPEFileSigned() and IsSumatraSigned()

sumatrapdfreader · Aug 10, 2024 · 329bc8e · 329bc8e
1 parent b058205
commit 329bc8e
Show file tree

Hide file tree

Showing 19 changed files with 229 additions and 184 deletions.
diff --git a/premake5.lua b/premake5.lua
@@ -670,7 +670,7 @@ workspace "SumatraPDF"
     includedirs { "src", "mupdf/include"}
     files { "src/tools/signfile.cpp", "src/CrashHandlerNoOp.cpp" }
     links { "utils", "mupdf" }
-    links { "crypt32", "shlwapi", "version", "Comctl32", "wininet" }
+    links { "crypt32", "shlwapi", "version", "Comctl32", "wininet", "wintrust" }
 
 
   project "plugin-test"
@@ -682,7 +682,7 @@ workspace "SumatraPDF"
     includedirs { "src" }
     plugin_test_files()
     links { "utils", "mupdf" }
-    links { "shlwapi", "version", "comctl32", "wininet" }
+    links { "shlwapi", "version", "comctl32", "wininet", "wintrust" }
 
   project "test_util"
     kind "ConsoleApp"
@@ -692,7 +692,7 @@ workspace "SumatraPDF"
     disablewarnings { "4838" }
     includedirs { "src" }
     test_util_files()
-    links { "gdiplus", "comctl32", "shlwapi", "Version", "wininet" }
+    links { "gdiplus", "comctl32", "shlwapi", "Version", "wininet", "shcore", "wintrust", "crypt32" }
 
   project "sizer"
     kind "ConsoleApp"
@@ -726,7 +726,7 @@ workspace "SumatraPDF"
     includedirs { "src", "src/wingui", "mupdf/include" }
     search_filter_files()
     links { "utils", "unrar", "libmupdf" }
-    links { "comctl32", "gdiplus", "shlwapi", "version", "wininet" }
+    links { "comctl32", "gdiplus", "shlwapi", "version", "wininet", "wintrust" }
 
   project "PdfPreview"
     kind "SharedLib"
@@ -750,7 +750,7 @@ workspace "SumatraPDF"
     -- TODO: "chm" should only be for Debug config but doing links { "chm" }
     -- in the filter breaks linking by setting LinkLibraryDependencies to false
     links { "utils", "unrar", "libmupdf", "chm" }
-    links { "comctl32", "gdiplus", "msimg32", "shlwapi", "version", "wininet" }
+    links { "comctl32", "gdiplus", "msimg32", "shlwapi", "version", "wininet", "wintrust" }
 
     project "PdfPreviewTest"
       kind "ConsoleApp"
@@ -760,7 +760,7 @@ workspace "SumatraPDF"
       disablewarnings { "4838" }
       includedirs { "src" }
       preview_test_files()
-      links { "gdiplus", "comctl32", "shlwapi", "Version" }
+      links { "gdiplus", "comctl32", "shlwapi", "Version", "Ole32" }
       dependson { "PdfPreview" }
 
   -- a single static executable
@@ -808,7 +808,7 @@ workspace "SumatraPDF"
     }
     links {
       "comctl32", "delayimp", "gdiplus", "msimg32", "shlwapi", "urlmon",
-      "version", "windowscodecs", "wininet", "uiautomationcore.lib"
+      "version", "windowscodecs", "wininet", "uiautomationcore.lib", "uxtheme", "wintrust"
     }
     -- this is to prevent dll hijacking
     linkoptions { "/DELAYLOAD:gdiplus.dll /DELAYLOAD:msimg32.dll /DELAYLOAD:shlwapi.dll" }
@@ -869,7 +869,7 @@ workspace "SumatraPDF"
     }
     links {
       "comctl32", "delayimp", "gdiplus", "msimg32", "shlwapi", "urlmon",
-      "version", "wininet", "d2d1.lib", "uiautomationcore.lib"
+      "version", "wininet", "d2d1.lib", "uiautomationcore.lib", "uxtheme", "wintrust", "crypt32"
     }
     -- this is to prevent dll hijacking
     linkoptions { "/DELAYLOAD:libmupdf.dll" }

diff --git a/src/AppTools.cpp b/src/AppTools.cpp
@@ -742,3 +742,19 @@ void DrawCloseButton(HDC hdc, Rect& r, bool isHover) {
     args.isHover = isHover;
     DrawCloseButton(args);
 }
+
+// -1 : didn't check
+// 0  : checked and not signed
+// 1  : checked and signed
+static int gIsSigned = -1;
+
+bool IsSumatraSigned() {
+    if (gIsSigned < 0) {
+        gIsSigned = 0;
+        TempStr filePath = GetExePathTemp();
+        if (IsPEFileSigned(filePath)) {
+            gIsSigned = 1;
+        }
+    }
+    return gIsSigned ? true : false;
+}
diff --git a/src/AppTools.h b/src/AppTools.h
@@ -50,3 +50,5 @@ bool AdjustVariableDriveLetter(char* path);
 
 bool IsUntrustedFile(const char* filePath, const char* fileUrl = nullptr);
 void DrawCloseButton(HDC hdc, Rect& r, bool isHover);
+
+bool IsSumatraSigned();
diff --git a/src/Canvas.cpp b/src/Canvas.cpp
@@ -517,8 +517,8 @@ static void OnMouseLeftButtonUp(MainWindow* win, int x, int y, WPARAM key) {
         win->mouseAction = MouseAction::None;
         // TODO: I'm seeing this in crash reports. Can we get button up without button down?
         // maybe when down happens on a different hwnd? How can I add more logging.
-        //logfa("OnMouseLeftButtonUp: unexpected MouseAction::Scrolling (%d)\n", ma);
-        //ReportIf(true);
+        // logfa("OnMouseLeftButtonUp: unexpected MouseAction::Scrolling (%d)\n", ma);
+        // ReportIf(true);
         return;
     }
 

diff --git a/src/Toolbar.cpp b/src/Toolbar.cpp
@@ -380,7 +380,7 @@ void UpdateFindbox(MainWindow* win) {
 }
 
 LRESULT CALLBACK ReBarWndProc(HWND hWnd, UINT uMsg, WPARAM wParam, LPARAM lParam, UINT_PTR uIdSubclass,
-                                DWORD_PTR dwRefData) {
+                              DWORD_PTR dwRefData) {
     if (WM_ERASEBKGND == uMsg && ThemeColorizeControls()) {
         HDC hdc = (HDC)wParam;
         RECT rect;
@@ -395,40 +395,37 @@ LRESULT CALLBACK ReBarWndProc(HWND hWnd, UINT uMsg, WPARAM wParam, LPARAM lParam
     }
     if (WM_NOTIFY == uMsg) {
         auto win = FindMainWindowByHwnd(hWnd);
-            NMHDR* hdr = (NMHDR*)lParam;
-            HWND chwnd = hdr->hwndFrom;
-            if (hdr->code == NM_CUSTOMDRAW)
-            {
-                if (win && win->hwndToolbar == chwnd) {
-                    NMTBCUSTOMDRAW* custDraw = (NMTBCUSTOMDRAW*)hdr;
-                    switch (custDraw->nmcd.dwDrawStage)
-                    {
-                        case CDDS_PREPAINT:
-                            return CDRF_NOTIFYITEMDRAW;
-
-                        case CDDS_ITEMPREPAINT:
-                        {
-                            auto col = ThemeWindowTextColor();
-                            //col = RGB(255, 0, 0);
-                            //SetTextColor(custDraw->nmcd.hdc, col);
-                            UINT itemState = custDraw->nmcd.uItemState;
-                            if (itemState & CDIS_DISABLED) {
-                                // TODO: this doesn't work
-                                col = ThemeWindowTextDisabledColor();
-                                //col = RGB(255, 0, 0);
-                                custDraw->clrText = col;
-                            } else if (false && itemState & CDIS_SELECTED) {
-                                custDraw->clrText = RGB(0, 255, 0);
-                            } else if (false && itemState & CDIS_GRAYED) {
-                                custDraw->clrText = RGB(0, 0, 255);
-                            } else {
-                                custDraw->clrText = col;
-                            }
-                            return CDRF_DODEFAULT;
-                            //return CDRF_NEWFONT;
+        NMHDR* hdr = (NMHDR*)lParam;
+        HWND chwnd = hdr->hwndFrom;
+        if (hdr->code == NM_CUSTOMDRAW) {
+            if (win && win->hwndToolbar == chwnd) {
+                NMTBCUSTOMDRAW* custDraw = (NMTBCUSTOMDRAW*)hdr;
+                switch (custDraw->nmcd.dwDrawStage) {
+                    case CDDS_PREPAINT:
+                        return CDRF_NOTIFYITEMDRAW;
+
+                    case CDDS_ITEMPREPAINT: {
+                        auto col = ThemeWindowTextColor();
+                        // col = RGB(255, 0, 0);
+                        // SetTextColor(custDraw->nmcd.hdc, col);
+                        UINT itemState = custDraw->nmcd.uItemState;
+                        if (itemState & CDIS_DISABLED) {
+                            // TODO: this doesn't work
+                            col = ThemeWindowTextDisabledColor();
+                            // col = RGB(255, 0, 0);
+                            custDraw->clrText = col;
+                        } else if (false && itemState & CDIS_SELECTED) {
+                            custDraw->clrText = RGB(0, 255, 0);
+                        } else if (false && itemState & CDIS_GRAYED) {
+                            custDraw->clrText = RGB(0, 0, 255);
+                        } else {
+                            custDraw->clrText = col;
                         }
+                        return CDRF_DODEFAULT;
+                        // return CDRF_NEWFONT;
                     }
                 }
+            }
         }
     }
     if (WM_NCDESTROY == uMsg) {
@@ -999,8 +996,6 @@ void UpdateToolbarAfterThemeChange(MainWindow* win) {
     HwndScheduleRepaint(win->hwndToolbar);
 }
 
-#pragma comment(lib, "UxTheme.lib")
-
 // https://docs.microsoft.com/en-us/windows/win32/controls/toolbar-control-reference
 void CreateToolbar(MainWindow* win) {
     kButtonSpacingX = 0;

diff --git a/src/tools/preview_test.cpp b/src/tools/preview_test.cpp
@@ -12,9 +12,6 @@
 
 #include "utils/BaseUtil.h"
 
-#pragma comment(lib, "Shlwapi.lib")
-#pragma comment(lib, "Ole32.lib")
-
 #define kPdfPreviewClsid L"{3D3B1846-CC43-42AE-BFF9-D914083C2BA3}"
 #define kXpsPreviewClsid L"{D427A82C-6545-4FBE-8E87-030EDB3BE46D}"
 #define kDjVuPreviewClsid L"{6689D0D4-1E9C-400A-8BCA-FA6C56B2C3B5}"

diff --git a/src/utils/Dpi.cpp b/src/utils/Dpi.cpp
@@ -21,7 +21,6 @@ Per-Monitor DPI Aware:
 */
 
 #include <shellscalingapi.h>
-#pragma comment(lib, "Shcore")
 
 // get uncached dpi
 int DpiGetForHwnd(HWND hwnd) {

diff --git a/src/utils/WinUtil.cpp b/src/utils/WinUtil.cpp
@@ -9,6 +9,8 @@
 #include "utils/ScopedWin.h"
 #include "utils/WinUtil.h"
 
+#include <wintrust.h>
+#include <softpub.h>
 #include <bitset>
 #include <intrin.h>
 #include <mlang.h>
@@ -3147,3 +3149,36 @@ double TimeDiffMs(const LARGE_INTEGER& start, const LARGE_INTEGER& end) {
     double res = (double)(diff) / (double)(freq.QuadPart);
     return res * 1000;
 }
+
+bool IsPEFileSigned(const char* filePath) {
+    TempWStr ws = ToWStrTemp(filePath);
+    WINTRUST_FILE_INFO fileInfo = {0};
+    fileInfo.cbStruct = sizeof(WINTRUST_FILE_INFO);
+    fileInfo.pcwszFilePath = ws;
+    fileInfo.hFile = NULL;
+    fileInfo.pgKnownSubject = NULL;
+
+    GUID actionGUID = WINTRUST_ACTION_GENERIC_VERIFY_V2;
+    WINTRUST_DATA trustData = {0};
+
+    trustData.cbStruct = sizeof(WINTRUST_DATA);
+    trustData.pPolicyCallbackData = NULL;
+    trustData.pSIPClientData = NULL;
+    trustData.dwUIChoice = WTD_UI_NONE;
+    trustData.fdwRevocationChecks = WTD_REVOKE_NONE;
+    trustData.dwUnionChoice = WTD_CHOICE_FILE;
+    trustData.dwStateAction = WTD_STATEACTION_IGNORE;
+    trustData.hWVTStateData = NULL;
+    trustData.pwszURLReference = NULL;
+    trustData.dwProvFlags = WTD_SAFER_FLAG;
+    trustData.dwUIContext = 0;
+    trustData.pFile = &fileInfo;
+
+    LONG status = WinVerifyTrust(NULL, &actionGUID, &trustData);
+
+    if (status == ERROR_SUCCESS) {
+        return true; // File is signed and signature is valid
+    } else {
+        return false; // File is not signed or signature is not valid
+    }
+}
diff --git a/src/utils/WinUtil.h b/src/utils/WinUtil.h
@@ -371,3 +371,4 @@ u32 CpuID();
 LARGE_INTEGER TimeNow();
 double TimeDiffSecs(const LARGE_INTEGER& start, const LARGE_INTEGER& end);
 double TimeDiffMs(const LARGE_INTEGER& start, const LARGE_INTEGER& end);
+bool IsPEFileSigned(const char* filePath);
Original file line number	Diff line number	Diff line change
Expand Up		@@ -50,3 +50,5 @@ bool AdjustVariableDriveLetter(char* path);

		bool IsUntrustedFile(const char* filePath, const char* fileUrl = nullptr);
		void DrawCloseButton(HDC hdc, Rect& r, bool isHover);

		bool IsSumatraSigned();