Add new brhaviour of checking Plugin List's certificate
This commit is contained in:
parent
9aebe5baf1
commit
e75cf910bd
@ -46,7 +46,8 @@ bool VerifySignedLibrary(const wstring& filepath,
|
||||
const wstring& cert_subject,
|
||||
const wstring& cert_display_name,
|
||||
bool doCheckRevocation,
|
||||
bool doCheckChainOfTrust)
|
||||
bool doCheckChainOfTrust,
|
||||
bool displayErrorMessage)
|
||||
{
|
||||
wstring display_name;
|
||||
wstring key_id_hex;
|
||||
@ -228,15 +229,19 @@ bool VerifySignedLibrary(const wstring& filepath,
|
||||
display_name = display_name_buffer.get();
|
||||
|
||||
} catch (const wstring& s) {
|
||||
::MessageBox(NULL, s.c_str(), TEXT("DLL signature verification failed"), MB_ICONERROR);
|
||||
if (displayErrorMessage)
|
||||
::MessageBox(NULL, s.c_str(), TEXT("DLL signature verification failed"), MB_ICONERROR);
|
||||
OutputDebugString(TEXT("VerifyLibrary: error while getting certificate informations\n"));
|
||||
status = false;
|
||||
} catch (...) {
|
||||
// Unknown error
|
||||
OutputDebugString(TEXT("VerifyLibrary: error while getting certificate informations\n"));
|
||||
wstring errMsg(TEXT("Unknown exception occurred. "));
|
||||
errMsg += GetLastErrorAsString(GetLastError());
|
||||
::MessageBox(NULL, errMsg.c_str(), TEXT("DLL signature verification failed"), MB_ICONERROR);
|
||||
if (displayErrorMessage)
|
||||
{
|
||||
wstring errMsg(TEXT("Unknown exception occurred. "));
|
||||
errMsg += GetLastErrorAsString(GetLastError());
|
||||
::MessageBox(NULL, errMsg.c_str(), TEXT("DLL signature verification failed"), MB_ICONERROR);
|
||||
}
|
||||
status = false;
|
||||
}
|
||||
|
||||
|
@ -60,9 +60,14 @@
|
||||
|
||||
#include <string>
|
||||
|
||||
#define NPP_COMPONENT_SIGNER_DISPLAY_NAME TEXT("Notepad++")
|
||||
#define NPP_COMPONENT_SIGNER_SUBJECT TEXT("C=FR, S=Ile-de-France, L=Saint Cloud, O=\"Notepad++\", CN=\"Notepad++\"")
|
||||
#define NPP_COMPONENT_SIGNER_KEY_ID TEXT("42C4C5846BB675C74E2B2C90C69AB44366401093")
|
||||
|
||||
bool VerifySignedLibrary(const std::wstring& filepath,
|
||||
const std::wstring& key_id_hex,
|
||||
const std::wstring& cert_subject,
|
||||
const std::wstring& display_name,
|
||||
bool doCheckRevocation,
|
||||
bool doCheckChainOfTrust);
|
||||
bool doCheckChainOfTrust,
|
||||
bool displayErrorMessage = true);
|
||||
|
@ -500,7 +500,7 @@ void PluginsManager::addInMenuFromPMIndex(int i)
|
||||
|
||||
HMENU PluginsManager::setMenu(HMENU hMenu, const TCHAR *menuName, bool enablePluginAdmin)
|
||||
{
|
||||
if (hasPlugins())
|
||||
if (hasPlugins() || enablePluginAdmin)
|
||||
{
|
||||
const TCHAR *nom_menu = (menuName && menuName[0])?menuName:TEXT("&Plugins");
|
||||
size_t nbPlugin = _pluginInfos.size();
|
||||
|
@ -536,7 +536,7 @@ LRESULT Notepad_plus::init(HWND hwnd)
|
||||
}
|
||||
|
||||
//Plugin menu
|
||||
bool enablePluginAdmin = _pluginsAdminDlg.listExist();
|
||||
bool enablePluginAdmin = _pluginsAdminDlg.isListValide();
|
||||
_pluginsAdminDlg.setPluginsManager(&_pluginsManager);
|
||||
_pluginsManager.setMenu(_mainMenuHandle, NULL, enablePluginAdmin);
|
||||
|
||||
|
@ -173,10 +173,6 @@ LanguageName ScintillaEditView::langNames[L_EXTERNAL+1] = {
|
||||
//const int MASK_GREEN = 0x00FF00;
|
||||
//const int MASK_BLUE = 0x0000FF;
|
||||
|
||||
#define SCINTILLA_SIGNER_DISPLAY_NAME TEXT("Notepad++")
|
||||
#define SCINTILLA_SIGNER_SUBJECT TEXT("C=FR, S=Ile-de-France, L=Saint Cloud, O=\"Notepad++\", CN=\"Notepad++\"")
|
||||
#define SCINTILLA_SIGNER_KEY_ID TEXT("42C4C5846BB675C74E2B2C90C69AB44366401093")
|
||||
|
||||
|
||||
int getNbDigits(int aNum, int base)
|
||||
{
|
||||
@ -210,7 +206,7 @@ HMODULE loadSciLexerDll()
|
||||
// This is helpful for developers to skip signature checking
|
||||
// while analyzing issue or modifying the lexer dll
|
||||
#ifndef _DEBUG
|
||||
bool isOK = VerifySignedLibrary(sciLexerPath, SCINTILLA_SIGNER_KEY_ID, SCINTILLA_SIGNER_SUBJECT, SCINTILLA_SIGNER_DISPLAY_NAME, false, false);
|
||||
bool isOK = VerifySignedLibrary(sciLexerPath, NPP_COMPONENT_SIGNER_KEY_ID, NPP_COMPONENT_SIGNER_SUBJECT, NPP_COMPONENT_SIGNER_DISPLAY_NAME, false, false);
|
||||
|
||||
if (!isOK)
|
||||
{
|
||||
|
@ -40,6 +40,7 @@
|
||||
#include "Processus.h"
|
||||
#include "PluginsManager.h"
|
||||
#include "md5.h"
|
||||
#include "verifySignedFile.h"
|
||||
|
||||
using namespace std;
|
||||
using nlohmann::json;
|
||||
@ -582,55 +583,45 @@ PluginUpdateInfo::PluginUpdateInfo(const generic_string& fullFilePath, const gen
|
||||
|
||||
typedef const char * (__cdecl * PFUNCGETPLUGINLIST)();
|
||||
|
||||
bool PluginsAdminDlg::listExist()
|
||||
{
|
||||
#ifdef DEBUG // if not debug, then it's release
|
||||
|
||||
// load from nppPluginList.json instead of nppPluginList.dll
|
||||
generic_string nppPluginListPath = TEXT("C:\\tmp\\nppPluginList.json");
|
||||
bool PluginsAdminDlg::isListValide()
|
||||
{
|
||||
if (!::PathFileExists(NPP_PLUGIN_LIST_PATH))
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
||||
#ifdef DEBUG // if not debug, then it's release
|
||||
|
||||
return true;
|
||||
|
||||
#else //RELEASE
|
||||
|
||||
#ifdef _WIN64
|
||||
generic_string nppPluginListPath = TEXT("C:\\sources\\nppPluginList\\vcxproj\\x64\\Debug\\nppPluginList.dll");
|
||||
#else
|
||||
generic_string nppPluginListPath = TEXT("C:\\sources\\nppPluginList\\vcxproj\\Debug\\nppPluginList.dll");
|
||||
#endif
|
||||
// check the signature on default location : %APPDATA%\Notepad++\plugins\config\pl\nppPluginList.dll or NPP_INST_DIR\plugins\config\pl\nppPluginList.dll
|
||||
|
||||
bool isOK = VerifySignedLibrary(NPP_PLUGIN_LIST_PATH, NPP_COMPONENT_SIGNER_KEY_ID, NPP_COMPONENT_SIGNER_SUBJECT, NPP_COMPONENT_SIGNER_DISPLAY_NAME, false, false, false);
|
||||
|
||||
return isOK;
|
||||
#endif
|
||||
return ::PathFileExists(nppPluginListPath.c_str()) == TRUE;
|
||||
}
|
||||
|
||||
bool PluginsAdminDlg::updateListAndLoadFromJson()
|
||||
{
|
||||
try {
|
||||
if (!isListValide())
|
||||
return false;
|
||||
|
||||
json j;
|
||||
|
||||
#ifdef DEBUG // if not debug, then it's release
|
||||
|
||||
// load from nppPluginList.json instead of nppPluginList.dll
|
||||
generic_string nppPluginListJsonPath = TEXT("C:\\tmp\\nppPluginList.json");
|
||||
|
||||
if (!::PathFileExists(nppPluginListJsonPath.c_str()))
|
||||
{
|
||||
::MessageBox(NULL, TEXT("The file doesn't exist"), nppPluginListJsonPath.c_str(), MB_OK);
|
||||
return false;
|
||||
}
|
||||
|
||||
ifstream nppPluginListJson(nppPluginListJsonPath);
|
||||
ifstream nppPluginListJson(NPP_PLUGIN_LIST_PATH);
|
||||
nppPluginListJson >> j;
|
||||
|
||||
#else //RELEASE
|
||||
|
||||
#ifdef _WIN64
|
||||
generic_string nppPluginListDllPath = TEXT("C:\\sources\\nppPluginList\\vcxproj\\x64\\Debug\\nppPluginList.dll");
|
||||
#else
|
||||
generic_string nppPluginListDllPath = TEXT("C:\\sources\\nppPluginList\\vcxproj\\Debug\\nppPluginList.dll");
|
||||
#endif
|
||||
|
||||
// check the signature on default location : %APPDATA%\Notepad++\plugins\config\pl\nppPluginList.dll or NPP_INST_DIR\plugins\config\pl\nppPluginList.dll
|
||||
|
||||
HINSTANCE hLib = ::LoadLibrary(nppPluginListDllPath.c_str());
|
||||
HINSTANCE hLib = ::LoadLibrary(NPP_PLUGIN_LIST_PATH);
|
||||
if (!hLib)
|
||||
{
|
||||
// Error treatment
|
||||
|
@ -28,6 +28,21 @@
|
||||
|
||||
#pragma once
|
||||
|
||||
#ifdef DEBUG // if not debug, then it's release
|
||||
|
||||
// load from nppPluginList.json instead of nppPluginList.dll
|
||||
#define NPP_PLUGIN_LIST_PATH TEXT("C:\\tmp\\nppPluginList.json")
|
||||
|
||||
#else //RELEASE
|
||||
|
||||
#ifdef _WIN64
|
||||
#define NPP_PLUGIN_LIST_PATH TEXT("C:\\sources\\nppPluginList\\vcxproj\\x64\\Debug\\nppPluginList.dll")
|
||||
#else
|
||||
#define NPP_PLUGIN_LIST_PATH TEXT("C:\\sources\\nppPluginList\\vcxproj\\Debug\\nppPluginList.dll")
|
||||
#endif
|
||||
|
||||
#endif
|
||||
|
||||
#include "StaticDialog.h"
|
||||
#include "pluginsAdminRes.h"
|
||||
#include "TabBar.h"
|
||||
@ -148,7 +163,7 @@ public :
|
||||
display();
|
||||
};
|
||||
|
||||
bool listExist();
|
||||
bool isListValide();
|
||||
|
||||
void switchDialog(int indexToSwitch);
|
||||
void setPluginsManager(PluginsManager *pluginsManager) { _pPluginsManager = pluginsManager; };
|
||||
|
Loading…
Reference in New Issue
Block a user