tyler.durden
/
notepad-plus-plus
mirror of https://github.com/notepad-plus-plus/notepad-plus-plus.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add new brhaviour of checking Plugin List's certificate

This commit is contained in:
Don HO 2018-07-31 09:12:57 +02:00
parent 9aebe5baf1
commit e75cf910bd
7 changed files with 55 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
PowerEditor/src/MISC/Common/verifySignedfile.cpp
View File

@ -46,7 +46,8 @@ bool VerifySignedLibrary(const wstring& filepath,
const wstring& cert_subject, const wstring& cert_subject,
const wstring& cert_display_name, const wstring& cert_display_name,
bool doCheckRevocation, bool doCheckRevocation,
bool doCheckChainOfTrust) bool doCheckChainOfTrust,
bool displayErrorMessage)
{ {
wstring display_name; wstring display_name;
wstring key_id_hex; wstring key_id_hex;
@ -228,15 +229,19 @@ bool VerifySignedLibrary(const wstring& filepath,
display_name = display_name_buffer.get(); display_name = display_name_buffer.get();
} catch (const wstring& s) { } catch (const wstring& s) {
::MessageBox(NULL, s.c_str(), TEXT("DLL signature verification failed"), MB_ICONERROR); if (displayErrorMessage)
::MessageBox(NULL, s.c_str(), TEXT("DLL signature verification failed"), MB_ICONERROR);
OutputDebugString(TEXT("VerifyLibrary: error while getting certificate informations\n")); OutputDebugString(TEXT("VerifyLibrary: error while getting certificate informations\n"));
status = false; status = false;
} catch (...) { } catch (...) {
// Unknown error // Unknown error
OutputDebugString(TEXT("VerifyLibrary: error while getting certificate informations\n")); OutputDebugString(TEXT("VerifyLibrary: error while getting certificate informations\n"));
wstring errMsg(TEXT("Unknown exception occurred. ")); if (displayErrorMessage)
errMsg += GetLastErrorAsString(GetLastError()); {
::MessageBox(NULL, errMsg.c_str(), TEXT("DLL signature verification failed"), MB_ICONERROR); wstring errMsg(TEXT("Unknown exception occurred. "));
errMsg += GetLastErrorAsString(GetLastError());
::MessageBox(NULL, errMsg.c_str(), TEXT("DLL signature verification failed"), MB_ICONERROR);
}
status = false; status = false;
} }

7
PowerEditor/src/MISC/Common/verifySignedfile.h
View File

@ -60,9 +60,14 @@
#include <string> #include <string>
#define NPP_COMPONENT_SIGNER_DISPLAY_NAME TEXT("Notepad++")
#define NPP_COMPONENT_SIGNER_SUBJECT TEXT("C=FR, S=Ile-de-France, L=Saint Cloud, O=\"Notepad++\", CN=\"Notepad++\"")
#define NPP_COMPONENT_SIGNER_KEY_ID TEXT("42C4C5846BB675C74E2B2C90C69AB44366401093")
bool VerifySignedLibrary(const std::wstring& filepath, bool VerifySignedLibrary(const std::wstring& filepath,
const std::wstring& key_id_hex, const std::wstring& key_id_hex,
const std::wstring& cert_subject, const std::wstring& cert_subject,
const std::wstring& display_name, const std::wstring& display_name,
bool doCheckRevocation, bool doCheckRevocation,
bool doCheckChainOfTrust); bool doCheckChainOfTrust,
bool displayErrorMessage = true);

2
PowerEditor/src/MISC/PluginsManager/PluginsManager.cpp
View File

@ -500,7 +500,7 @@ void PluginsManager::addInMenuFromPMIndex(int i)
HMENU PluginsManager::setMenu(HMENU hMenu, const TCHAR *menuName, bool enablePluginAdmin) HMENU PluginsManager::setMenu(HMENU hMenu, const TCHAR *menuName, bool enablePluginAdmin)
{ {
if (hasPlugins()) if (hasPlugins() || enablePluginAdmin)
{ {
const TCHAR *nom_menu = (menuName && menuName[0])?menuName:TEXT("&Plugins"); const TCHAR *nom_menu = (menuName && menuName[0])?menuName:TEXT("&Plugins");
size_t nbPlugin = _pluginInfos.size(); size_t nbPlugin = _pluginInfos.size();

2
PowerEditor/src/Notepad_plus.cpp
View File

@ -536,7 +536,7 @@ LRESULT Notepad_plus::init(HWND hwnd)
} }
//Plugin menu //Plugin menu
bool enablePluginAdmin = _pluginsAdminDlg.listExist(); bool enablePluginAdmin = _pluginsAdminDlg.isListValide();
_pluginsAdminDlg.setPluginsManager(&_pluginsManager); _pluginsAdminDlg.setPluginsManager(&_pluginsManager);
_pluginsManager.setMenu(_mainMenuHandle, NULL, enablePluginAdmin); _pluginsManager.setMenu(_mainMenuHandle, NULL, enablePluginAdmin);

6
PowerEditor/src/ScitillaComponent/ScintillaEditView.cpp
View File

@ -173,10 +173,6 @@ LanguageName ScintillaEditView::langNames[L_EXTERNAL+1] = {
//const int MASK_GREEN = 0x00FF00; //const int MASK_GREEN = 0x00FF00;
//const int MASK_BLUE = 0x0000FF; //const int MASK_BLUE = 0x0000FF;
#define SCINTILLA_SIGNER_DISPLAY_NAME TEXT("Notepad++")
#define SCINTILLA_SIGNER_SUBJECT TEXT("C=FR, S=Ile-de-France, L=Saint Cloud, O=\"Notepad++\", CN=\"Notepad++\"")
#define SCINTILLA_SIGNER_KEY_ID TEXT("42C4C5846BB675C74E2B2C90C69AB44366401093")
int getNbDigits(int aNum, int base) int getNbDigits(int aNum, int base)
{ {
@ -210,7 +206,7 @@ HMODULE loadSciLexerDll()
// This is helpful for developers to skip signature checking // This is helpful for developers to skip signature checking
// while analyzing issue or modifying the lexer dll // while analyzing issue or modifying the lexer dll
#ifndef _DEBUG #ifndef _DEBUG
bool isOK = VerifySignedLibrary(sciLexerPath, SCINTILLA_SIGNER_KEY_ID, SCINTILLA_SIGNER_SUBJECT, SCINTILLA_SIGNER_DISPLAY_NAME, false, false); bool isOK = VerifySignedLibrary(sciLexerPath, NPP_COMPONENT_SIGNER_KEY_ID, NPP_COMPONENT_SIGNER_SUBJECT, NPP_COMPONENT_SIGNER_DISPLAY_NAME, false, false);
if (!isOK) if (!isOK)
{ {

49
PowerEditor/src/WinControls/PluginsAdmin/pluginsAdmin.cpp
View File

@ -40,6 +40,7 @@
#include "Processus.h" #include "Processus.h"
#include "PluginsManager.h" #include "PluginsManager.h"
#include "md5.h" #include "md5.h"
#include "verifySignedFile.h"
using namespace std; using namespace std;
using nlohmann::json; using nlohmann::json;
@ -582,55 +583,45 @@ PluginUpdateInfo::PluginUpdateInfo(const generic_string& fullFilePath, const gen
typedef const char * (__cdecl * PFUNCGETPLUGINLIST)(); typedef const char * (__cdecl * PFUNCGETPLUGINLIST)();
bool PluginsAdminDlg::listExist()
{
#ifdef DEBUG // if not debug, then it's release
// load from nppPluginList.json instead of nppPluginList.dll bool PluginsAdminDlg::isListValide()
generic_string nppPluginListPath = TEXT("C:\\tmp\\nppPluginList.json"); {
if (!::PathFileExists(NPP_PLUGIN_LIST_PATH))
{
return false;
}
#ifdef DEBUG // if not debug, then it's release
return true;
#else //RELEASE #else //RELEASE
#ifdef _WIN64 // check the signature on default location : %APPDATA%\Notepad++\plugins\config\pl\nppPluginList.dll or NPP_INST_DIR\plugins\config\pl\nppPluginList.dll
generic_string nppPluginListPath = TEXT("C:\\sources\\nppPluginList\\vcxproj\\x64\\Debug\\nppPluginList.dll");
#else bool isOK = VerifySignedLibrary(NPP_PLUGIN_LIST_PATH, NPP_COMPONENT_SIGNER_KEY_ID, NPP_COMPONENT_SIGNER_SUBJECT, NPP_COMPONENT_SIGNER_DISPLAY_NAME, false, false, false);
generic_string nppPluginListPath = TEXT("C:\\sources\\nppPluginList\\vcxproj\\Debug\\nppPluginList.dll");
#endif
return isOK;
#endif #endif
return ::PathFileExists(nppPluginListPath.c_str()) == TRUE;
} }
bool PluginsAdminDlg::updateListAndLoadFromJson() bool PluginsAdminDlg::updateListAndLoadFromJson()
{ {
try { try {
if (!isListValide())
return false;
json j; json j;
#ifdef DEBUG // if not debug, then it's release #ifdef DEBUG // if not debug, then it's release
// load from nppPluginList.json instead of nppPluginList.dll // load from nppPluginList.json instead of nppPluginList.dll
generic_string nppPluginListJsonPath = TEXT("C:\\tmp\\nppPluginList.json"); ifstream nppPluginListJson(NPP_PLUGIN_LIST_PATH);
if (!::PathFileExists(nppPluginListJsonPath.c_str()))
{
::MessageBox(NULL, TEXT("The file doesn't exist"), nppPluginListJsonPath.c_str(), MB_OK);
return false;
}
ifstream nppPluginListJson(nppPluginListJsonPath);
nppPluginListJson >> j; nppPluginListJson >> j;
#else //RELEASE #else //RELEASE
#ifdef _WIN64 HINSTANCE hLib = ::LoadLibrary(NPP_PLUGIN_LIST_PATH);
generic_string nppPluginListDllPath = TEXT("C:\\sources\\nppPluginList\\vcxproj\\x64\\Debug\\nppPluginList.dll");
#else
generic_string nppPluginListDllPath = TEXT("C:\\sources\\nppPluginList\\vcxproj\\Debug\\nppPluginList.dll");
#endif
// check the signature on default location : %APPDATA%\Notepad++\plugins\config\pl\nppPluginList.dll or NPP_INST_DIR\plugins\config\pl\nppPluginList.dll
HINSTANCE hLib = ::LoadLibrary(nppPluginListDllPath.c_str());
if (!hLib) if (!hLib)
{ {
// Error treatment // Error treatment

17
PowerEditor/src/WinControls/PluginsAdmin/pluginsAdmin.h
View File

@ -28,6 +28,21 @@
#pragma once #pragma once
#ifdef DEBUG // if not debug, then it's release
// load from nppPluginList.json instead of nppPluginList.dll
#define NPP_PLUGIN_LIST_PATH TEXT("C:\\tmp\\nppPluginList.json")
#else //RELEASE
#ifdef _WIN64
#define NPP_PLUGIN_LIST_PATH TEXT("C:\\sources\\nppPluginList\\vcxproj\\x64\\Debug\\nppPluginList.dll")
#else
#define NPP_PLUGIN_LIST_PATH TEXT("C:\\sources\\nppPluginList\\vcxproj\\Debug\\nppPluginList.dll")
#endif
#endif
#include "StaticDialog.h" #include "StaticDialog.h"
#include "pluginsAdminRes.h" #include "pluginsAdminRes.h"
#include "TabBar.h" #include "TabBar.h"
@ -148,7 +163,7 @@ public :
display(); display();
}; };
bool listExist(); bool isListValide();
void switchDialog(int indexToSwitch); void switchDialog(int indexToSwitch);
void setPluginsManager(PluginsManager *pluginsManager) { _pPluginsManager = pluginsManager; }; void setPluginsManager(PluginsManager *pluginsManager) { _pPluginsManager = pluginsManager; };