diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2021-01-24 14:39:46 +0100 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2021-01-25 21:47:29 +0100 |
commit | 02a15049b923581a2de2271bcf162991d9f885c1 (patch) | |
tree | 033a0eca7a18e5b83db484bd1bc60f59b57b6bb2 | |
parent | mod: bump (diff) | |
download | wireguard-windows-02a15049b923581a2de2271bcf162991d9f885c1.tar.xz wireguard-windows-02a15049b923581a2de2271bcf162991d9f885c1.zip |
updater,version: simplify code locations
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
-rw-r--r-- | conf/dpapi/dpapi_windows.go | 12 | ||||
-rw-r--r-- | updater/authenticode.go | 31 | ||||
-rw-r--r-- | updater/downloader.go | 2 | ||||
-rw-r--r-- | updater/msirunner.go (renamed from updater/msirunner_windows.go) | 0 | ||||
-rw-r--r-- | updater/msirunner_linux.go | 23 | ||||
-rw-r--r-- | updater/updater_test.go | 2 | ||||
-rwxr-xr-x | updater/winhttp/httptest.exe | bin | 3318784 -> 0 bytes | |||
-rw-r--r-- | version/debugging_linux.go | 35 | ||||
-rw-r--r-- | version/official.go (renamed from version/certificate_windows.go) | 64 | ||||
-rw-r--r-- | version/official_windows.go | 77 | ||||
-rw-r--r-- | version/os.go (renamed from version/os_windows.go) | 0 |
11 files changed, 92 insertions, 154 deletions
diff --git a/conf/dpapi/dpapi_windows.go b/conf/dpapi/dpapi_windows.go index 45ad950e..f3a238d5 100644 --- a/conf/dpapi/dpapi_windows.go +++ b/conf/dpapi/dpapi_windows.go @@ -7,19 +7,19 @@ package dpapi import ( "errors" + "fmt" "runtime" "unsafe" - "fmt" "golang.org/x/sys/windows" ) func bytesToBlob(bytes []byte) *windows.DataBlob { - blob := &windows.DataBlob{Size: uint32(len(bytes))} - if len(bytes) > 0 { - blob.Data = &bytes[0] - } - return blob + blob := &windows.DataBlob{Size: uint32(len(bytes))} + if len(bytes) > 0 { + blob.Data = &bytes[0] + } + return blob } func Encrypt(data []byte, name string) ([]byte, error) { diff --git a/updater/authenticode.go b/updater/authenticode.go new file mode 100644 index 00000000..13ce6917 --- /dev/null +++ b/updater/authenticode.go @@ -0,0 +1,31 @@ +/* SPDX-License-Identifier: MIT + * + * Copyright (C) 2019-2020 WireGuard LLC. All Rights Reserved. + */ + +package updater + +import ( + "unsafe" + + "golang.org/x/sys/windows" +) + +func verifyAuthenticode(path string) bool { + path16, err := windows.UTF16PtrFromString(path) + if err != nil { + return false + } + data := &windows.WinTrustData{ + Size: uint32(unsafe.Sizeof(windows.WinTrustData{})), + UIChoice: windows.WTD_UI_NONE, + RevocationChecks: windows.WTD_REVOKE_WHOLECHAIN, // Full revocation checking, as this is called with network connectivity. + UnionChoice: windows.WTD_CHOICE_FILE, + StateAction: windows.WTD_STATEACTION_VERIFY, + FileOrCatalogOrBlobOrSgnrOrCert: unsafe.Pointer(&windows.WinTrustFileInfo{ + Size: uint32(unsafe.Sizeof(windows.WinTrustFileInfo{})), + FilePath: path16, + }), + } + return windows.WinVerifyTrustEx(windows.InvalidHWND, &windows.WINTRUST_ACTION_GENERIC_VERIFY_V2, data) == nil +} diff --git a/updater/downloader.go b/updater/downloader.go index 98159553..a61acbd4 100644 --- a/updater/downloader.go +++ b/updater/downloader.go @@ -168,7 +168,7 @@ func DownloadVerifyAndExecute(userToken uintptr) (progress chan DownloadProgress } progress <- DownloadProgress{Activity: "Verifying authenticode signature"} - if !version.VerifyAuthenticode(file.ExclusivePath()) { + if !verifyAuthenticode(file.ExclusivePath()) { progress <- DownloadProgress{Error: errors.New("The downloaded update does not have an authentic authenticode signature")} return } diff --git a/updater/msirunner_windows.go b/updater/msirunner.go index d7631706..d7631706 100644 --- a/updater/msirunner_windows.go +++ b/updater/msirunner.go diff --git a/updater/msirunner_linux.go b/updater/msirunner_linux.go deleted file mode 100644 index f6cca441..00000000 --- a/updater/msirunner_linux.go +++ /dev/null @@ -1,23 +0,0 @@ -/* SPDX-License-Identifier: MIT - * - * Copyright (C) 2019-2020 WireGuard LLC. All Rights Reserved. - */ - -package updater - -import ( - "fmt" - "io/ioutil" - "os" - "os/exec" -) - -// This isn't a Linux program, yes, but having the updater package work across platforms is quite helpful for testing. - -func runMsi(msiPath string, userToken uintptr, env []string) error { - return exec.Command("qarma", "--info", "--text", fmt.Sprintf("It seems to be working! Were we on Windows, ā%sā would be executed.", msiPath)).Run() -} - -func msiTempFile() (*os.File, error) { - return ioutil.TempFile(os.TempDir(), "") -} diff --git a/updater/updater_test.go b/updater/updater_test.go index a29d71f6..02e980eb 100644 --- a/updater/updater_test.go +++ b/updater/updater_test.go @@ -20,7 +20,7 @@ func TestUpdate(t *testing.T) { return } t.Log("Found update") - progress := DownloadVerifyAndExecute(0, nil) + progress := DownloadVerifyAndExecute(0) for { dp := <-progress if dp.Error != nil { diff --git a/updater/winhttp/httptest.exe b/updater/winhttp/httptest.exe Binary files differdeleted file mode 100755 index 9f7ecda4..00000000 --- a/updater/winhttp/httptest.exe +++ /dev/null diff --git a/version/debugging_linux.go b/version/debugging_linux.go deleted file mode 100644 index da90e271..00000000 --- a/version/debugging_linux.go +++ /dev/null @@ -1,35 +0,0 @@ -/* SPDX-License-Identifier: MIT - * - * Copyright (C) 2019-2020 WireGuard LLC. All Rights Reserved. - */ - -package version - -import ( - "bytes" - "fmt" - - "golang.org/x/sys/unix" -) - -// For testing the updater package from linux. Debug stuff only. - -func utsToStr(u [65]byte) string { - i := bytes.IndexByte(u[:], 0) - if i < 0 { - return string(u[:]) - } - return string(u[:i]) -} - -func OsName() string { - var utsname unix.Utsname - if unix.Uname(&utsname) != nil { - return "Unix Unknown" - } - return fmt.Sprintf("%s %s %s", utsToStr(utsname.Sysname), utsToStr(utsname.Release), utsToStr(utsname.Version)) -} - -func VerifyAuthenticode(path string) bool { - return true -} diff --git a/version/certificate_windows.go b/version/official.go index b5ae3764..2345a0b7 100644 --- a/version/certificate_windows.go +++ b/version/official.go @@ -6,12 +6,58 @@ package version import ( - "syscall" + "errors" + "os" "unsafe" "golang.org/x/sys/windows" ) +const ( + officialCommonName = "WireGuard LLC" + evPolicyOid = "2.23.140.1.3" + policyExtensionOid = "2.5.29.32" +) + +// These are easily by-passable checks, which do not serve serve security purposes. +// DO NOT PLACE SECURITY-SENSITIVE FUNCTIONS IN THIS FILE + +func IsRunningOfficialVersion() bool { + path, err := os.Executable() + if err != nil { + return false + } + + names, err := extractCertificateNames(path) + if err != nil { + return false + } + for _, name := range names { + if name == officialCommonName { + return true + } + } + return false +} + +func IsRunningEVSigned() bool { + path, err := os.Executable() + if err != nil { + return false + } + + policies, err := extractCertificatePolicies(path, policyExtensionOid) + if err != nil { + return false + } + for _, policy := range policies { + if policy == evPolicyOid { + return true + } + } + return false +} + func extractCertificateNames(path string) ([]string, error) { path16, err := windows.UTF16PtrFromString(path) if err != nil { @@ -28,10 +74,8 @@ func extractCertificateNames(path string) ([]string, error) { for { cert, err = windows.CertEnumCertificatesInStore(certStore, cert) if err != nil { - if errno, ok := err.(syscall.Errno); ok { - if errno == syscall.Errno(windows.CRYPT_E_NOT_FOUND) { - break - } + if errors.Is(err, windows.Errno(windows.CRYPT_E_NOT_FOUND)) { + break } return nil, err } @@ -52,7 +96,7 @@ func extractCertificateNames(path string) ([]string, error) { names = append(names, windows.UTF16ToString(name16)) } if names == nil { - return nil, syscall.Errno(windows.CRYPT_E_NOT_FOUND) + return nil, windows.Errno(windows.CRYPT_E_NOT_FOUND) } return names, nil } @@ -77,10 +121,8 @@ func extractCertificatePolicies(path string, oid string) ([]string, error) { for { cert, err = windows.CertEnumCertificatesInStore(certStore, cert) if err != nil { - if errno, ok := err.(syscall.Errno); ok { - if errno == syscall.Errno(windows.CRYPT_E_NOT_FOUND) { - break - } + if errors.Is(err, windows.Errno(windows.CRYPT_E_NOT_FOUND)) { + break } return nil, err } @@ -109,7 +151,7 @@ func extractCertificatePolicies(path string, oid string) ([]string, error) { } } if policies == nil { - return nil, syscall.Errno(windows.CRYPT_E_NOT_FOUND) + return nil, windows.Errno(windows.CRYPT_E_NOT_FOUND) } return policies, nil } diff --git a/version/official_windows.go b/version/official_windows.go deleted file mode 100644 index 1bfcf90b..00000000 --- a/version/official_windows.go +++ /dev/null @@ -1,77 +0,0 @@ -/* SPDX-License-Identifier: MIT - * - * Copyright (C) 2019-2020 WireGuard LLC. All Rights Reserved. - */ - -package version - -import ( - "os" - "unsafe" - - "golang.org/x/sys/windows" -) - -const ( - officialCommonName = "WireGuard LLC" - evPolicyOid = "2.23.140.1.3" - policyExtensionOid = "2.5.29.32" -) - -func VerifyAuthenticode(path string) bool { - path16, err := windows.UTF16PtrFromString(path) - if err != nil { - return false - } - data := &windows.WinTrustData{ - Size: uint32(unsafe.Sizeof(windows.WinTrustData{})), - UIChoice: windows.WTD_UI_NONE, - RevocationChecks: windows.WTD_REVOKE_WHOLECHAIN, // Full revocation checking, as this is called with network connectivity. - UnionChoice: windows.WTD_CHOICE_FILE, - StateAction: windows.WTD_STATEACTION_VERIFY, - FileOrCatalogOrBlobOrSgnrOrCert: unsafe.Pointer(&windows.WinTrustFileInfo{ - Size: uint32(unsafe.Sizeof(windows.WinTrustFileInfo{})), - FilePath: path16, - }), - } - return windows.WinVerifyTrustEx(windows.InvalidHWND, &windows.WINTRUST_ACTION_GENERIC_VERIFY_V2, data) == nil -} - -// These are easily by-passable checks, which do not serve serve security purposes. Do not place security-sensitive -// functions below this line. - -func IsRunningOfficialVersion() bool { - path, err := os.Executable() - if err != nil { - return false - } - - names, err := extractCertificateNames(path) - if err != nil { - return false - } - for _, name := range names { - if name == officialCommonName { - return true - } - } - return false -} - -func IsRunningEVSigned() bool { - path, err := os.Executable() - if err != nil { - return false - } - - policies, err := extractCertificatePolicies(path, policyExtensionOid) - if err != nil { - return false - } - for _, policy := range policies { - if policy == evPolicyOid { - return true - } - } - return false -} diff --git a/version/os_windows.go b/version/os.go index 315a4901..315a4901 100644 --- a/version/os_windows.go +++ b/version/os.go |