mirrors/rufus
1
0
Fork 0
mirror of https://github.com/pbatard/rufus.git synced 2025-05-25 20:24:26 -04:00
Code Issues Projects Releases Packages Wiki Activity

[pki] timestamp validation improvements

Browse source 
* Add timestamp processing for nested signature and check for anomalous differences
* Also prevent attack scenarios that may attempt to leverage multiple nested signatures or countersigners
* Simplify code by using CryptDecodeObjectEx/WinVerifyTrustEx and improve timestamp reporting
This commit is contained in:
Pete Batard 2017-09-03 13:54:07 +01:00
parent c74d7bce1f
commit a73e695ba4
5 changed files with 136 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

3
src/rufus.c
View file

@ -2285,7 +2285,8 @@ static INT_PTR CALLBACK MainCallback(HWND hDlg, UINT message, WPARAM wParam, LPA
case WM_COMMAND:
#ifdef RUFUS_TEST
if (LOWORD(wParam) == IDC_TEST) {
ExtractEfiImgFiles("C:\\rufus");
uprintf("ts = %lld", GetSignatureTimeStamp("C:\\rufus\\rufus-2.17_BETA.exe"));
// ExtractEfiImgFiles("C:\\rufus");
// ExtractEFI("C:\\rufus\\efi.img", "C:\\rufus\\efi");
// uprintf("Proceed = %s", CheckDriveAccess(2000)?"True":"False");
// char* choices[] = { "Choice 1", "Choice 2", "Choice 3" };