1
0

Implemented code integrity check

This commit is contained in:
Benjamin Höglinger-Stelzer 2018-10-24 10:03:07 +02:00
parent 3044c35876
commit 77cdf3028d
5 changed files with 93 additions and 23 deletions

View File

@ -61,6 +61,12 @@
<Reference Include="Markdig.Wpf, Version=0.2.5.0, Culture=neutral, processorArchitecture=MSIL"> <Reference Include="Markdig.Wpf, Version=0.2.5.0, Culture=neutral, processorArchitecture=MSIL">
<HintPath>..\packages\Markdig.Wpf.0.2.5\lib\net452\Markdig.Wpf.dll</HintPath> <HintPath>..\packages\Markdig.Wpf.0.2.5\lib\net452\Markdig.Wpf.dll</HintPath>
</Reference> </Reference>
<Reference Include="PInvoke.Kernel32, Version=0.5.0.0, Culture=neutral, PublicKeyToken=9e300f9f87f04a7a, processorArchitecture=MSIL">
<HintPath>..\packages\PInvoke.Kernel32.0.5.155\lib\net45\PInvoke.Kernel32.dll</HintPath>
</Reference>
<Reference Include="PInvoke.Windows.Core, Version=0.5.0.0, Culture=neutral, PublicKeyToken=9e300f9f87f04a7a, processorArchitecture=MSIL">
<HintPath>..\packages\PInvoke.Windows.Core.0.5.155\lib\net35\PInvoke.Windows.Core.dll</HintPath>
</Reference>
<Reference Include="System" /> <Reference Include="System" />
<Reference Include="System.Data" /> <Reference Include="System.Data" />
<Reference Include="System.Windows.Interactivity, Version=4.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL"> <Reference Include="System.Windows.Interactivity, Version=4.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">

View File

@ -6,7 +6,7 @@
xmlns:local="clr-namespace:DerpingDrivers" xmlns:local="clr-namespace:DerpingDrivers"
xmlns:controls="clr-namespace:MahApps.Metro.Controls;assembly=MahApps.Metro" xmlns:controls="clr-namespace:MahApps.Metro.Controls;assembly=MahApps.Metro"
mc:Ignorable="d" mc:Ignorable="d"
Title="Derping Drivers - Windows driver settings detection tool" Title="Derping Drivers - Windows driver compatibility detection tool"
Height="400" Width="700" Height="400" Width="700"
ShowMaxRestoreButton="False" ShowMaxRestoreButton="False"
ResizeMode="NoResize" ResizeMode="NoResize"
@ -37,25 +37,32 @@
</Grid.ColumnDefinitions> </Grid.ColumnDefinitions>
<Label Grid.Row="0" Grid.Column="0">Windows version name:</Label> <Label Grid.Row="0" Grid.Column="0">Windows version name:</Label>
<Label Grid.Row="0" Grid.Column="2" Content="{Binding Path=OsVersionName}" /> <Label Grid.Row="0" Grid.Column="2" Content="{Binding Path=OsVersionName}"
ToolTip="Product name of the operating system."/>
<Label Grid.Row="1" Grid.Column="0">Windows version number:</Label> <Label Grid.Row="1" Grid.Column="0">Windows version number:</Label>
<Label Grid.Row="1" Grid.Column="2" Content="{Binding Path=OsVersion}" /> <Label Grid.Row="1" Grid.Column="2" Content="{Binding Path=OsVersion}"
ToolTip="Detailed build number of the operating system." />
<Label Grid.Row="2" Grid.Column="0">Windows architecture:</Label> <Label Grid.Row="2" Grid.Column="0">Windows architecture:</Label>
<Label Grid.Row="2" Grid.Column="2" Content="{Binding Path=OsArchitecture}" /> <Label Grid.Row="2" Grid.Column="2" Content="{Binding Path=OsArchitecture}"
ToolTip="The architecture of the operating system. A 32-bit driver can't get loaded on a 64-bit system and vice versa." />
<Label Grid.Row="3" Grid.Column="0">Current boot mode:</Label> <Label Grid.Row="3" Grid.Column="0">Current boot mode:</Label>
<Label Grid.Row="3" Grid.Column="2" Content="{Binding Path=BootMode}" /> <Label Grid.Row="3" Grid.Column="2" Content="{Binding Path=BootMode}"
ToolTip="The current boot mode. Either UEFI (modern) or Legacy BIOS (old)." />
<Label Grid.Row="4" Grid.Column="0">Secure Boot state:</Label> <Label Grid.Row="4" Grid.Column="0">Secure Boot state:</Label>
<Label Grid.Row="4" Grid.Column="2" Content="{Binding Path=SecureBootEnabled}" /> <Label Grid.Row="4" Grid.Column="2" Content="{Binding Path=SecureBootEnabled}"
ToolTip="Enforces stricter cryptographic driver signatures." />
<Label Grid.Row="5" Grid.Column="0">OS upgrade status:</Label> <Label Grid.Row="5" Grid.Column="0">OS upgrade status:</Label>
<Label Grid.Row="5" Grid.Column="2" Content="{Binding Path=OsUpgradeStatus}" /> <Label Grid.Row="5" Grid.Column="2" Content="{Binding Path=OsUpgradeStatus}"
ToolTip="Determines if the system has been in-place upgraded from an older version of Windows." />
<Label Grid.Row="6" Grid.Column="0">Code Integrity status:</Label> <Label Grid.Row="6" Grid.Column="0">Code Integrity state:</Label>
<Label Grid.Row="6" Grid.Column="2" Content="{Binding Path=CodeIntegrityStatus}" /> <Label Grid.Row="6" Grid.Column="2" Content="{Binding Path=CodeIntegrityStatus}"
ToolTip="Allows loading of test/self-signed drivers if disabled." />
</Grid> </Grid>
</TabItem> </TabItem>

View File

@ -7,6 +7,8 @@ using DerpingDrivers.Util;
using MahApps.Metro.Controls; using MahApps.Metro.Controls;
using Markdig; using Markdig;
using Markdig.Wpf; using Markdig.Wpf;
using Markdown = Markdig.Wpf.Markdown;
using XamlReader = System.Windows.Markup.XamlReader;
namespace DerpingDrivers namespace DerpingDrivers
{ {
@ -54,7 +56,7 @@ namespace DerpingDrivers
public string OsUpgradeStatus => public string OsUpgradeStatus =>
OsUpgradeDetection.IsGrandfathered ? "In-place upgraded" : "Clean installation"; OsUpgradeDetection.IsGrandfathered ? "In-place upgraded" : "Clean installation";
public string CodeIntegrityStatus => ""; public string CodeIntegrityStatus => CodeIntegrityHelper.IsSystemCodeIntegrityEnabled ? "Enabled" : "Disabled";
public string SummaryText => public string SummaryText =>
"Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet."; "Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet.";
@ -66,17 +68,14 @@ namespace DerpingDrivers
var markdown = "*None available*"; var markdown = "*None available*";
// Convert Markdown to XAML // Convert Markdown to XAML
var xaml = Markdig.Wpf.Markdown.ToXaml(markdown, BuildPipeline()); var xaml = Markdown.ToXaml(markdown, BuildPipeline());
// Render XAML for FlowDocument Control // Render XAML for FlowDocument Control
using (var stream = new MemoryStream(Encoding.UTF8.GetBytes(xaml))) using (var stream = new MemoryStream(Encoding.UTF8.GetBytes(xaml)))
{ {
var reader = new XamlXmlReader(stream, new MyXamlSchemaContext()); var reader = new XamlXmlReader(stream, new MyXamlSchemaContext());
if (System.Windows.Markup.XamlReader.Load(reader) is FlowDocument document) if (XamlReader.Load(reader) is FlowDocument document) return document;
{
return document;
}
} }
return null; return null;
@ -97,9 +96,11 @@ namespace DerpingDrivers
{ {
if (xamlNamespace.Equals("clr-namespace:Markdig.Wpf")) if (xamlNamespace.Equals("clr-namespace:Markdig.Wpf"))
{ {
compatibleNamespace = $"clr-namespace:Markdig.Wpf;assembly={Assembly.GetAssembly(typeof(Markdig.Wpf.Styles)).FullName}"; compatibleNamespace =
$"clr-namespace:Markdig.Wpf;assembly={Assembly.GetAssembly(typeof(Styles)).FullName}";
return true; return true;
} }
return base.TryGetCompatibleXamlNamespace(xamlNamespace, out compatibleNamespace); return base.TryGetCompatibleXamlNamespace(xamlNamespace, out compatibleNamespace);
} }
} }

View File

@ -1,8 +1,62 @@
namespace DerpingDrivers.Util using PInvoke;
{ using System;
using System.Runtime.InteropServices;
namespace DerpingDrivers.Util
{
public static class CodeIntegrityHelper public static class CodeIntegrityHelper
{ {
[UnmanagedFunctionPointer(CallingConvention.StdCall)]
private delegate Int32 NtQuerySystemInformation(
UInt32 SystemInformationClass,
IntPtr SystemInformation,
UInt32 SystemInformationLength,
out UInt32 ReturnLength);
[StructLayout(LayoutKind.Sequential)]
private struct SYSTEM_CODEINTEGRITY_INFORMATION
{
public UInt32 Length;
public UInt32 CodeIntegrityOptions;
};
public static bool IsSystemCodeIntegrityEnabled
{
get
{
var pIntegrity = Marshal.AllocHGlobal(Marshal.SizeOf<SYSTEM_CODEINTEGRITY_INFORMATION>());
try
{
var fptr = Kernel32.GetProcAddress(Kernel32.GetModuleHandle("ntdll.dll"),
"NtQuerySystemInformation");
var ntQuerySystemInformation =
Marshal.GetDelegateForFunctionPointer<NtQuerySystemInformation>(fptr);
SYSTEM_CODEINTEGRITY_INFORMATION integrity;
integrity.Length = (uint)Marshal.SizeOf<SYSTEM_CODEINTEGRITY_INFORMATION>();
integrity.CodeIntegrityOptions = 0;
Marshal.StructureToPtr(integrity, pIntegrity, false);
var status = ntQuerySystemInformation(
103,
pIntegrity,
integrity.Length,
out _
);
integrity = Marshal.PtrToStructure<SYSTEM_CODEINTEGRITY_INFORMATION>(pIntegrity);
return (status == 0) && ((integrity.CodeIntegrityOptions & 1) == 1);
}
finally
{
Marshal.FreeHGlobal(pIntegrity);
}
}
}
} }
} }

View File

@ -6,4 +6,6 @@
<package id="MahApps.Metro" version="1.6.5" targetFramework="net461" /> <package id="MahApps.Metro" version="1.6.5" targetFramework="net461" />
<package id="Markdig" version="0.15.4" targetFramework="net461" /> <package id="Markdig" version="0.15.4" targetFramework="net461" />
<package id="Markdig.Wpf" version="0.2.5" targetFramework="net461" /> <package id="Markdig.Wpf" version="0.2.5" targetFramework="net461" />
<package id="PInvoke.Kernel32" version="0.5.155" targetFramework="net461" />
<package id="PInvoke.Windows.Core" version="0.5.155" targetFramework="net461" />
</packages> </packages>