mirror of
https://github.com/tailscale/tailscale.git
synced 2025-11-17 00:21:27 +01:00
71a7b8581d
Updates #6995 Co-authored-by: Aaron Klotz <aaron@tailscale.com> Change-Id: I16622f43156a70b6fbc8205239fd489d7378d57b Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
39 lines
1.1 KiB
Go
39 lines
1.1 KiB
Go
/* SPDX-License-Identifier: MIT
|
|
*
|
|
* Copyright (C) 2019-2022 WireGuard LLC. All Rights Reserved.
|
|
*/
|
|
|
|
package cli
|
|
|
|
import (
|
|
"unsafe"
|
|
|
|
"golang.org/x/sys/windows"
|
|
)
|
|
|
|
func init() {
|
|
verifyAuthenticode = verifyAuthenticodeWindows
|
|
}
|
|
|
|
func verifyAuthenticodeWindows(path string) error {
|
|
path16, err := windows.UTF16PtrFromString(path)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
data := &windows.WinTrustData{
|
|
Size: uint32(unsafe.Sizeof(windows.WinTrustData{})),
|
|
UIChoice: windows.WTD_UI_NONE,
|
|
RevocationChecks: windows.WTD_REVOKE_WHOLECHAIN, // Full revocation checking, as this is called with network connectivity.
|
|
UnionChoice: windows.WTD_CHOICE_FILE,
|
|
StateAction: windows.WTD_STATEACTION_VERIFY,
|
|
FileOrCatalogOrBlobOrSgnrOrCert: unsafe.Pointer(&windows.WinTrustFileInfo{
|
|
Size: uint32(unsafe.Sizeof(windows.WinTrustFileInfo{})),
|
|
FilePath: path16,
|
|
}),
|
|
}
|
|
err = windows.WinVerifyTrustEx(windows.InvalidHWND, &windows.WINTRUST_ACTION_GENERIC_VERIFY_V2, data)
|
|
data.StateAction = windows.WTD_STATEACTION_CLOSE
|
|
windows.WinVerifyTrustEx(windows.InvalidHWND, &windows.WINTRUST_ACTION_GENERIC_VERIFY_V2, data)
|
|
return err
|
|
}
|