Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-12-31 19:42:51 +00:00
Code Issues Projects Releases Packages Wiki Activity

Implement SHA1 checksum in new RAPPS. Patch by Mark Jansen.

Browse source 
CORE-10908 #resolve

svn path=/trunk/; revision=71020
This commit is contained in:
Ziliang Guo 2016-03-18 06:40:39 +00:00
parent 32d02efe94
commit acf15ae965
28 changed files with 174 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
reactos/base/applications/rapps_new/CMakeLists.txt
View file

@ -3,6 +3,7 @@ project(RAPPS_NEW)
set_cpp(WITH_RUNTIME)
include_directories(${REACTOS_SOURCE_DIR}/lib/atl)
include_directories(${REACTOS_SOURCE_DIR}/lib/cryptlib)
list(APPEND SOURCE
aboutdlg.cpp
@ -10,6 +11,7 @@ list(APPEND SOURCE
gui.cpp
installdlg.cpp
installed.cpp
integrity.cpp
loaddlg.cpp
misc.cpp
settingsdlg.cpp

1
reactos/base/applications/rapps_new/available.cpp
View file

@ -260,6 +260,7 @@ skip_if_cached:
GET_STRING2(L"Size", Info->szSize);
GET_STRING2(L"URLSite", Info->szUrlSite);
GET_STRING2(L"CDPath", Info->szCDPath);
GET_STRING2(L"SHA1", Info->szSHA1);
}
if (!lpEnumProc(Info))

61
reactos/base/applications/rapps_new/integrity.cpp Normal file
View file

@ -0,0 +1,61 @@
/*
* PROJECT: ReactOS Applications Manager
* LICENSE: GPL - See COPYING in the top level directory
* FILE: base/applications/rapps_new/integrity.cpp
* PURPOSE: Various integrity check mechanisms
* PROGRAMMERS: Ismael Ferreras Morezuelas (swyterzone+ros@gmail.com)
* Mark Jansen
*/
#include "rapps.h"
#include <sha1.h>
BOOL VerifyInteg(LPCWSTR lpSHA1Hash, LPCWSTR lpFileName)
{
BOOL ret = FALSE;
/* first off, does it exist at all? */
HANDLE file = CreateFileW(lpFileName, GENERIC_READ, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_READONLY, NULL);
if (file == INVALID_HANDLE_VALUE)
return FALSE;
/* let's grab the actual file size to organize the mmap'ing rounds */
LARGE_INTEGER size;
GetFileSizeEx(file, &size);
/* retrieve a handle to map the file contents to memory */
HANDLE map = CreateFileMappingW(file, NULL, PAGE_READONLY, 0, 0, NULL);
if (map)
{
/* map that thing in address space */
const unsigned char *file_map = static_cast<const unsigned char *>(MapViewOfFile(map, FILE_MAP_READ, 0, 0, 0));
if (file_map)
{
SHA_CTX ctx;
/* initialize the SHA-1 context */
A_SHAInit(&ctx);
/* feed the data to the cookie monster */
A_SHAUpdate(&ctx, file_map, size.LowPart);
/* cool, we don't need this anymore */
UnmapViewOfFile(file_map);
/* we're done, compute the final hash */
ULONG sha[5];
A_SHAFinal(&ctx, sha);
WCHAR buf[(sizeof(sha) * 2) + 1];
for (UINT i = 0; i < sizeof(sha); i++)
swprintf(buf + 2 * i, L"%02x", ((unsigned char *)sha)[i]);
/* does the resulting SHA1 match with the provided one? */
if (!_wcsicmp(buf, lpSHA1Hash))
ret = TRUE;
}
CloseHandle(map);
}
CloseHandle(file);
return ret;
}

3
reactos/base/applications/rapps_new/lang/bg-BG.rc
View file

@ -201,4 +201,7 @@ BEGIN
IDS_INFORMATION "Сведения"
IDS_UNABLE_TO_DOWNLOAD "Unable to download the package! Address not found!"
IDS_UNABLE_TO_REMOVE "Премахването на данните за приложението от регистъра е невъзможно!"
IDS_CERT_DOES_NOT_MATCH "SSL certificate verification failed."
IDS_INTEG_CHECK_TITLE "Verifying package integrity..."
IDS_INTEG_CHECK_FAIL "The package did not pass the integrity check, it may have been corrupted or tampered with during downloading. Running the software is not recommended."
END

3
reactos/base/applications/rapps_new/lang/cs-CZ.rc
View file

@ -202,4 +202,7 @@ BEGIN
IDS_INFORMATION "Informace"
IDS_UNABLE_TO_DOWNLOAD "Soubor se nepodařilo stáhnout! Adresa nenalezena!"
IDS_UNABLE_TO_REMOVE "Nepodařilo se odstranit data programu z registru!"
IDS_CERT_DOES_NOT_MATCH "SSL certificate verification failed."
IDS_INTEG_CHECK_TITLE "Verifying package integrity..."
IDS_INTEG_CHECK_FAIL "The package did not pass the integrity check, it may have been corrupted or tampered with during downloading. Running the software is not recommended."
END

3
reactos/base/applications/rapps_new/lang/de-DE.rc
View file

@ -197,4 +197,7 @@ BEGIN
IDS_INFORMATION "Informationen"
IDS_UNABLE_TO_DOWNLOAD "Unable to download the package! Address not found!"
IDS_UNABLE_TO_REMOVE "Konnte die Daten nicht aus der Registry löschen!"
IDS_CERT_DOES_NOT_MATCH "Überprüfung des SSL-Zertifikats fehlgeschlagen."
IDS_INTEG_CHECK_TITLE "Verifying package integrity..."
IDS_INTEG_CHECK_FAIL "The package did not pass the integrity check, it may have been corrupted or tampered with during downloading. Running the software is not recommended."
END

3
reactos/base/applications/rapps_new/lang/en-US.rc
View file

@ -197,4 +197,7 @@ BEGIN
IDS_INFORMATION "Information"
IDS_UNABLE_TO_DOWNLOAD "Unable to download the package! Address not found!"
IDS_UNABLE_TO_REMOVE "Unable to remove data on the program from the registry!"
IDS_CERT_DOES_NOT_MATCH "SSL certificate verification failed."
IDS_INTEG_CHECK_TITLE "Verifying package integrity..."
IDS_INTEG_CHECK_FAIL "The package did not pass the integrity check, it may have been corrupted or tampered with during downloading. Running the software is not recommended."
END

3
reactos/base/applications/rapps_new/lang/es-ES.rc
View file

@ -200,4 +200,7 @@ BEGIN
IDS_INFORMATION "Información"
IDS_UNABLE_TO_DOWNLOAD "No se pudo descargar el paquete. No se ha encontrado la dirección de Internet."
IDS_UNABLE_TO_REMOVE "No se pudieron borrar del Registro los datos de instalación del programa."
IDS_CERT_DOES_NOT_MATCH "Ha fallado la comprobación del certificado SSL."
IDS_INTEG_CHECK_TITLE "Verificando integridad del paquete..."
IDS_INTEG_CHECK_FAIL "El paquete no ha pasado la comprobación de integridad, puede haber sido alterado o estar corrupto. No se recomienda ejecutarlo."
END

3
reactos/base/applications/rapps_new/lang/fr-FR.rc
View file

@ -197,4 +197,7 @@ BEGIN
IDS_INFORMATION "Information"
IDS_UNABLE_TO_DOWNLOAD "Impossible de télécharger le paquet : adresse introuvable !"
IDS_UNABLE_TO_REMOVE "Impossible de supprimer du registre les données du programme !"
IDS_CERT_DOES_NOT_MATCH "La vérification du certificat SSL a échoué."
IDS_INTEG_CHECK_TITLE "Vérification de l'intégrité du paquet..."
IDS_INTEG_CHECK_FAIL "Le contrôle d'intégrité du paquet a échoué, il se peut qu'il ait été corrompu ou altéré au cours du téléchargement. L'exécution du programme n'est pas recommandée."
END

3
reactos/base/applications/rapps_new/lang/he-IL.rc
View file

@ -199,4 +199,7 @@ BEGIN
IDS_INFORMATION "מידע"
IDS_UNABLE_TO_DOWNLOAD "Unable to download the package! Address not found!"
IDS_UNABLE_TO_REMOVE "Unable to remove data on the program from the registry!"
IDS_CERT_DOES_NOT_MATCH "SSL certificate verification failed."
IDS_INTEG_CHECK_TITLE "Verifying package integrity..."
IDS_INTEG_CHECK_FAIL "The package did not pass the integrity check, it may have been corrupted or tampered with during downloading. Running the software is not recommended."
END

3
reactos/base/applications/rapps_new/lang/it-IT.rc
View file

@ -197,4 +197,7 @@ BEGIN
IDS_INFORMATION "Informazioni"
IDS_UNABLE_TO_DOWNLOAD "Impossibile scaricare il pacchetto! Indirizzo non trovato!"
IDS_UNABLE_TO_REMOVE "Impossibile cancellare i dati dal registro!"
IDS_CERT_DOES_NOT_MATCH "SSL certificate verification failed."
IDS_INTEG_CHECK_TITLE "Verifying package integrity..."
IDS_INTEG_CHECK_FAIL "The package did not pass the integrity check, it may have been corrupted or tampered with during downloading. Running the software is not recommended."
END

3
reactos/base/applications/rapps_new/lang/ja-JP.rc
View file

@ -197,4 +197,7 @@ BEGIN
IDS_INFORMATION "情報"
IDS_UNABLE_TO_DOWNLOAD "Unable to download the package! Address not found!"
IDS_UNABLE_TO_REMOVE "レジストリからこのプログラムに関するデータを削除できません!"
IDS_CERT_DOES_NOT_MATCH "SSL certificate verification failed."
IDS_INTEG_CHECK_TITLE "Verifying package integrity..."
IDS_INTEG_CHECK_FAIL "The package did not pass the integrity check, it may have been corrupted or tampered with during downloading. Running the software is not recommended."
END

3
reactos/base/applications/rapps_new/lang/no-NO.rc
View file

@ -197,4 +197,7 @@ BEGIN
IDS_INFORMATION "Information"
IDS_UNABLE_TO_DOWNLOAD "Unable to download the package! Address not found!"
IDS_UNABLE_TO_REMOVE "Unable to remove data on the program from the registry!"
IDS_CERT_DOES_NOT_MATCH "SSL certificate verification failed."
IDS_INTEG_CHECK_TITLE "Verifying package integrity..."
IDS_INTEG_CHECK_FAIL "The package did not pass the integrity check, it may have been corrupted or tampered with during downloading. Running the software is not recommended."
END

3
reactos/base/applications/rapps_new/lang/pl-PL.rc
View file

@ -205,4 +205,7 @@ BEGIN
IDS_INFORMATION "Informacja"
IDS_UNABLE_TO_DOWNLOAD "Nie można pobrać pakietu! Nie znaleziono adresu!"
IDS_UNABLE_TO_REMOVE "Nie można było usunąć wpisu z rejestru!"
IDS_CERT_DOES_NOT_MATCH "SSL certificate verification failed."
IDS_INTEG_CHECK_TITLE "Verifying package integrity..."
IDS_INTEG_CHECK_FAIL "The package did not pass the integrity check, it may have been corrupted or tampered with during downloading. Running the software is not recommended."
END

3
reactos/base/applications/rapps_new/lang/pt-BR.rc
View file

@ -199,4 +199,7 @@ BEGIN
IDS_INFORMATION "Informações"
IDS_UNABLE_TO_DOWNLOAD "Unable to download the package! Address not found!"
IDS_UNABLE_TO_REMOVE "Não foi possível remover as informações do programa do registro!"
IDS_CERT_DOES_NOT_MATCH "SSL certificate verification failed."
IDS_INTEG_CHECK_TITLE "Verifying package integrity..."
IDS_INTEG_CHECK_FAIL "The package did not pass the integrity check, it may have been corrupted or tampered with during downloading. Running the software is not recommended."
END

3
reactos/base/applications/rapps_new/lang/ro-RO.rc
View file

@ -203,4 +203,7 @@ BEGIN
IDS_INFORMATION "Informație"
IDS_UNABLE_TO_DOWNLOAD "Pachetul nu poate fi descărcat! Adresa nu este găsită!"
IDS_UNABLE_TO_REMOVE "Nu se pot elimina datele din registru pentru acest program!"
IDS_CERT_DOES_NOT_MATCH "Verificarea certificatului SSL a eșuat."
IDS_INTEG_CHECK_TITLE "Se verifică integritatea pachetului…"
IDS_INTEG_CHECK_FAIL "Pachetul nu a trecut de verificarea de integritate. Utilizarea programului nu este recomandată."
END

3
reactos/base/applications/rapps_new/lang/ru-RU.rc
View file

@ -197,4 +197,7 @@ BEGIN
IDS_INFORMATION "Информация"
IDS_UNABLE_TO_DOWNLOAD "Unable to download the package! Address not found!"
IDS_UNABLE_TO_REMOVE "Не удалось удалить данные о программе из реестра!"
IDS_CERT_DOES_NOT_MATCH "Ошибка проверки SSL сертификата."
IDS_INTEG_CHECK_TITLE "Проверка целостности приложения..."
IDS_INTEG_CHECK_FAIL "Приложение не прошло проверку целостности, возможно оно было повреждено или подменено. Запуск приложения не рекомендуется."
END

3
reactos/base/applications/rapps_new/lang/sk-SK.rc
View file

@ -202,4 +202,7 @@ BEGIN
IDS_INFORMATION "Informácie"
IDS_UNABLE_TO_DOWNLOAD "Unable to download the package! Address not found!"
IDS_UNABLE_TO_REMOVE "Nie je možné odstrániť z registrov údaje o programe!"
IDS_CERT_DOES_NOT_MATCH "SSL certificate verification failed."
IDS_INTEG_CHECK_TITLE "Verifying package integrity..."
IDS_INTEG_CHECK_FAIL "The package did not pass the integrity check, it may have been corrupted or tampered with during downloading. Running the software is not recommended."
END

3
reactos/base/applications/rapps_new/lang/sq-AL.rc
View file

@ -201,4 +201,7 @@ BEGIN
IDS_INFORMATION "Informacione"
IDS_UNABLE_TO_DOWNLOAD "Unable to download the package! Address not found!"
IDS_UNABLE_TO_REMOVE "E pamundur te fshihen informacionet e programit nga regjistri!"
IDS_CERT_DOES_NOT_MATCH "SSL certificate verification failed."
IDS_INTEG_CHECK_TITLE "Verifying package integrity..."
IDS_INTEG_CHECK_FAIL "The package did not pass the integrity check, it may have been corrupted or tampered with during downloading. Running the software is not recommended."
END

3
reactos/base/applications/rapps_new/lang/sv-SE.rc
View file

@ -204,4 +204,7 @@ BEGIN
IDS_INFORMATION "Information"
IDS_UNABLE_TO_DOWNLOAD "Unable to download the package! Address not found!"
IDS_UNABLE_TO_REMOVE "Det gick ej att ta bort programmets data från registret!"
IDS_CERT_DOES_NOT_MATCH "SSL certificate verification failed."
IDS_INTEG_CHECK_TITLE "Verifying package integrity..."
IDS_INTEG_CHECK_FAIL "The package did not pass the integrity check, it may have been corrupted or tampered with during downloading. Running the software is not recommended."
END

3
reactos/base/applications/rapps_new/lang/tr-TR.rc
View file

@ -199,4 +199,7 @@ BEGIN
IDS_INFORMATION "Bilgi"
IDS_UNABLE_TO_DOWNLOAD "Paket indirilemez! Adres bulunamadı!"
IDS_UNABLE_TO_REMOVE "İzlencenin girişi değer defterinden silinemiyor."
IDS_CERT_DOES_NOT_MATCH "SSL onay belgesi doğrulaması başarısız."
IDS_INTEG_CHECK_TITLE "Paket bütünlüğü doğrulanıyor..."
IDS_INTEG_CHECK_FAIL "Paket bütünlük denetimini geçmedi, bozulmuş veyâ indirme esnâsında oynanmış olabilir. Yazılımı çalıştırmak önerilmez."
END

3
reactos/base/applications/rapps_new/lang/uk-UA.rc
View file

@ -205,4 +205,7 @@ BEGIN
IDS_INFORMATION "Інформація"
IDS_UNABLE_TO_DOWNLOAD "Unable to download the package! Address not found!"
IDS_UNABLE_TO_REMOVE "Не вдалося видалити дані про програму з реєстру!"
IDS_CERT_DOES_NOT_MATCH "SSL certificate verification failed."
IDS_INTEG_CHECK_TITLE "Verifying package integrity..."
IDS_INTEG_CHECK_FAIL "The package did not pass the integrity check, it may have been corrupted or tampered with during downloading. Running the software is not recommended."
END

3
reactos/base/applications/rapps_new/lang/zh-CN.rc
View file

@ -199,4 +199,7 @@ BEGIN
IDS_INFORMATION "信息"
IDS_UNABLE_TO_DOWNLOAD "无法下载该软件包 !找不到网络的地址 "
IDS_UNABLE_TO_REMOVE "无法从注册表删除该程序的数据!"
IDS_CERT_DOES_NOT_MATCH "SSL certificate verification failed."
IDS_INTEG_CHECK_TITLE "Verifying package integrity..."
IDS_INTEG_CHECK_FAIL "The package did not pass the integrity check, it may have been corrupted or tampered with during downloading. Running the software is not recommended."
END

3
reactos/base/applications/rapps_new/lang/zh-TW.rc
View file

@ -199,4 +199,7 @@ BEGIN
IDS_INFORMATION "資訊"
IDS_UNABLE_TO_DOWNLOAD "Unable to download the package! Address not found!"
IDS_UNABLE_TO_REMOVE "無法從登錄檔刪除該程式的資料!"
IDS_CERT_DOES_NOT_MATCH "SSL 憑證驗證失敗。"
IDS_INTEG_CHECK_TITLE "驗證套裝軟體的完整性..."
IDS_INTEG_CHECK_FAIL "包沒有通過完整性檢查,它可能已損壞,或者在下載過程中篡改。建議您不要運行該軟體。"
END

31
reactos/base/applications/rapps_new/loaddlg.cpp
View file

@ -207,6 +207,13 @@ ThreadFunc(LPVOID Context)
if (FAILED(StringCbCatW(path, sizeof(path), p + 1)))
goto end;
if (!bCab && AppInfo->szSHA1[0] != 0 && GetFileAttributesW(path) != INVALID_FILE_ATTRIBUTES)
{
/* only open it in case of total correctness */
if (VerifyInteg(AppInfo->szSHA1, path))
goto run;
}
/* download it */
bTempfile = TRUE;
CDownloadDialog_Constructor(Dlg, &bCancelled, IID_PPV_ARG(IBindStatusCallback, &dl));
@ -293,8 +300,32 @@ ThreadFunc(LPVOID Context)
if (bCancelled)
goto end;
/* if this thing isn't a RAPPS update and it has a SHA-1 checksum
verify its integrity by using the native advapi32.A_SHA1 functions */
if (!bCab && AppInfo->szSHA1[0] != 0)
{
WCHAR szMsgText[MAX_STR_LEN];
/* change a few strings in the download dialog to reflect the verification process */
LoadStringW(hInst, IDS_INTEG_CHECK_TITLE, szMsgText, _countof(szMsgText));
SetWindowText(Dlg, szMsgText);
SendMessageW(GetDlgItem(Dlg, IDC_DOWNLOAD_STATUS), WM_SETTEXT, 0, (LPARAM)path);
/* this may take a while, depending on the file size */
if (!VerifyInteg(AppInfo->szSHA1, path))
{
if (!LoadStringW(hInst, IDS_INTEG_CHECK_FAIL, szMsgText, _countof(szMsgText)))
goto end;
MessageBoxW(Dlg, szMsgText, NULL, MB_OK | MB_ICONERROR);
goto end;
}
}
ShowWindow(Dlg, SW_HIDE);
run:
/* run it */
if (!bCab)
ShellExecuteW( NULL, L"open", path, NULL, NULL, SW_SHOWNORMAL );

7
reactos/base/applications/rapps_new/rapps.h
View file

@ -89,8 +89,8 @@ typedef struct
FILETIME ftCacheStamp;
LIST_ENTRY List;
/* optional integrity checks */
BYTE MD5Checksum[16];
/* optional integrity checks (SHA-1 digests are 160 bit = 40 characters in hex string form) */
WCHAR szSHA1[40 + 1];
} APPLICATION_INFO, *PAPPLICATION_INFO;
@ -185,6 +185,9 @@ VOID InsertRichEditText(PCWSTR szText, DWORD flags);
extern HWND hListView;
extern WCHAR szSearchPattern[MAX_STR_LEN];
/* integrity.cpp */
BOOL VerifyInteg(LPCWSTR lpSHA1Hash, LPCWSTR lpFileName);
//extern HWND hTreeView;
//BOOL CreateTreeView(HWND hwnd);
//HTREEITEM TreeViewAddItem(HTREEITEM hParent, LPWSTR lpText, INT Image, INT SelectedImage, LPARAM lParam);

3
reactos/base/applications/rapps_new/resource.h
View file

@ -96,6 +96,9 @@
#define IDS_INFORMATION 117
#define IDS_UNABLE_TO_REMOVE 118
#define IDS_UNABLE_TO_DOWNLOAD 119
#define IDS_CERT_DOES_NOT_MATCH 120
#define IDS_INTEG_CHECK_TITLE 121
#define IDS_INTEG_CHECK_FAIL 122
/* Tooltips */
#define IDS_TOOLTIP_INSTALL 200

8
reactos/lib/cryptlib/sha1.h
View file

@ -1,6 +1,11 @@
#pragma once
#ifdef __cplusplus
extern "C" {
#endif
#include <ntdef.h>
/* SHA Context Structure Declaration */
@ -21,4 +26,7 @@ A_SHAUpdate(PSHA_CTX Context, const unsigned char *Buffer, ULONG BufferSize);
VOID NTAPI
A_SHAFinal(PSHA_CTX Context, PULONG Result);
#ifdef __cplusplus
}
#endif