本代码是整理的一个集合性的代码。主要用于读取文件的属性信息。包含有常规信息、详细信息、以及数字签名信息。
其中文件的类型信息在本文中没有提到。以及文件的占用空间也没有提到。常规信息中的属性在本文中。也只限于目录以及只读的操作。
下面话不多说。上代码。(如果有哪个大神把文件的类型信息读出来了。或者是文件占用空间读出来了,可以私我,相互学习交流一下。)
下面给出来的代码是可以直接运行的,如果不可以运行,应该是少了相应的库,或者是环境问题。可以相应的查找一下错误,调试一下,然后运行。
#include <windows.h> #include <wincrypt.h> #include <wintrust.h> #include <stdio.h> #include <tchar.h> #pragma comment(lib, "crypt32.lib") #pragma warning(disable:4996) #define ENCODING (X509_ASN_ENCODING | PKCS_7_ASN_ENCODING) typedef struct { LPWSTR lpszProgramName; LPWSTR lpszPublisherLink; LPWSTR lpszMoreInfoLink; } SPROG_PUBLISHERINFO, * PSPROG_PUBLISHERINFO; BOOL GetProgAndPublisherInfo(PCMSG_SIGNER_INFO pSignerInfo, PSPROG_PUBLISHERINFO Info); BOOL GetDateOfTimeStamp(PCMSG_SIGNER_INFO pSignerInfo, SYSTEMTIME* st); BOOL PrintCertificateInfo(PCCERT_CONTEXT pCertContext); BOOL GetTimeStampSignerInfo(PCMSG_SIGNER_INFO pSignerInfo, PCMSG_SIGNER_INFO* pCounterSignerInfo); DWORD ShowFileTime(PFILETIME lptime) { FILETIME ftLocal; //File time structure SYSTEMTIME st; //System time structure FileTimeToLocalFileTime(lptime, &ftLocal); //Adjust to the time zone of the system FileTimeToSystemTime(&ftLocal, &st); //converts the file tiem to systemtime format for easy display printf("%4d/%#02d/%#02d %#02d:%#02d:%#02d ", st.wYear, st.wMonth, st.wDay, st.wHour, st.wMinute, st.wSecond); //Display time string return 0; } DWORD ShowFileSize(DWORD dwFileSizeHigh, DWORD dwFileSizeLow) { ULONGLONG liFileSize; liFileSize = dwFileSizeHigh; liFileSize <<= sizeof(DWORD) * 8;//move to 32 bits liFileSize += dwFileSizeLow; printf("File size: %I64u bytes ", liFileSize); return 0; } char* getFile_Attributes(int i) { switch (i) { case 1:printf("只读"); break; case 2:printf("隐藏"); break; case 4:printf("系统"); break; case 16:printf("目录"); break; case 32:printf("存档"); break; case 64:printf("保留"); break; case 128:printf("正常"); break; case 256:printf("临时"); break; case 512:printf("稀疏文件"); break; case 1024:printf("超链接或快捷方式"); break; case 2048:printf("压缩"); break; case 4096:printf("脱机"); break; case 8192:printf("索引"); break; case 16384:printf("加密"); break; case 65536:printf("虚拟"); break; default:printf("Cant find Attribute"); break; } return NULL; } DWORD ShowFileAttributes(LPSTR szPath) { WIN32_FIND_DATA fileAttr; //to store the structure returned by the findfirstfile function HANDLE handle; //the handle is used to recorded the locaation of the program object in memory handle = FindFirstFileA(szPath, &fileAttr); WIN32_FILE_ATTRIBUTE_DATA wfad; if (!GetFileAttributesEx(szPath, GetFileExInfoStandard, &wfad))//Determine if the file exists.succeeds,return value is a nonzero value,if fails return is zero. { printf("Error getting file properties:%d ", GetLastError()); return 1; } if (handle != INVALID_HANDLE_VALUE) { //Show file name printf("Filename: "); printf("%s ", fileAttr.cFileName); } printf("Creation time: "); //Display correlation time ShowFileTime(&(wfad.ftCreationTime)); printf("Access time: "); ShowFileTime(&(wfad.ftLastAccessTime)); printf("Modified time: "); ShowFileTime(&(wfad.ftLastWriteTime)); ShowFileSize(wfad.nFileSizeHigh, wfad.nFileSizeLow);//Display file size printf("File properties: "); //Display file properties getFile_Attributes((int)GetFileAttributesA(szPath)); DWORD VolueSize; HANDLE handle2; handle2 = GetCompressedFileSize(szPath, NULL); //printf(VolueSize); printf(" "); return ; } wchar_t* char2wchar(const char* cchar) { wchar_t* m_wchar; int len = MultiByteToWideChar(CP_ACP, 0, cchar, strlen(cchar), NULL, 0); //m_wchar = new wchar_t[len + 1]; m_wchar = (wchar_t*)malloc(sizeof(wchar_t) * (len + 1)); MultiByteToWideChar(CP_ACP, 0, cchar, strlen(cchar), m_wchar, len); m_wchar[len] = ' '; return m_wchar; } BOOL PrintCertificateInfo(PCCERT_CONTEXT pCertContext) { BOOL fReturn = FALSE; LPTSTR szName = NULL; DWORD dwData; __try { // Print Serial Number. _tprintf(_T("Serial Number: ")); dwData = pCertContext->pCertInfo->SerialNumber.cbData; for (DWORD n = 0; n < dwData; n++) { _tprintf(_T("%02x "), pCertContext->pCertInfo->SerialNumber.pbData[dwData - (n + 1)]); } _tprintf(_T(" ")); // Get Issuer name size. if (!(dwData = CertGetNameString(pCertContext, CERT_NAME_SIMPLE_DISPLAY_TYPE, CERT_NAME_ISSUER_FLAG, NULL, NULL, 0))) { _tprintf(_T("CertGetNameString failed. ")); __leave; } // Allocate memory for Issuer name. szName = (LPTSTR)LocalAlloc(LPTR, dwData * sizeof(TCHAR)); if (!szName) { _tprintf(_T("Unable to allocate memory for issuer name. ")); __leave; } // Get Issuer name. if (!(CertGetNameString(pCertContext, CERT_NAME_SIMPLE_DISPLAY_TYPE, CERT_NAME_ISSUER_FLAG, NULL, szName, dwData))) { _tprintf(_T("CertGetNameString failed. ")); __leave; } // print Issuer name. _tprintf(_T("Issuer Name: %s "), szName); LocalFree(szName); szName = NULL; // Get Subject name size. if (!(dwData = CertGetNameString(pCertContext, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, NULL, NULL, 0))) { _tprintf(_T("CertGetNameString failed. ")); __leave; } // Allocate memory for subject name. szName = (LPTSTR)LocalAlloc(LPTR, dwData * sizeof(TCHAR)); if (!szName) { _tprintf(_T("Unable to allocate memory for subject name. ")); __leave; } // Get subject name. if (!(CertGetNameString(pCertContext, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, NULL, szName, dwData))) { _tprintf(_T("CertGetNameString failed. ")); __leave; } // Print Subject Name. _tprintf(_T("Subject Name: %s "), szName); fReturn = TRUE; } __finally { if (szName != NULL) LocalFree(szName); } return fReturn; } LPWSTR AllocateAndCopyWideString(LPCWSTR inputString) { LPWSTR outputString = NULL; outputString = (LPWSTR)LocalAlloc(LPTR, (wcslen(inputString) + 1) * sizeof(WCHAR)); if (outputString != NULL) { lstrcpyW(outputString, inputString); } return outputString; } BOOL GetProgAndPublisherInfo(PCMSG_SIGNER_INFO pSignerInfo, PSPROG_PUBLISHERINFO Info) { BOOL fReturn = FALSE; PSPC_SP_OPUS_INFO OpusInfo = NULL; DWORD dwData; BOOL fResult; __try { // Loop through authenticated attributes and find // SPC_SP_OPUS_INFO_OBJID OID. for (DWORD n = 0; n < pSignerInfo->AuthAttrs.cAttr; n++) { if (lstrcmpA(SPC_SP_OPUS_INFO_OBJID, pSignerInfo->AuthAttrs.rgAttr[n].pszObjId) == 0) { // Get Size of SPC_SP_OPUS_INFO structure. fResult = CryptDecodeObject(ENCODING, SPC_SP_OPUS_INFO_OBJID, pSignerInfo->AuthAttrs.rgAttr[n].rgValue[0].pbData, pSignerInfo->AuthAttrs.rgAttr[n].rgValue[0].cbData, 0, NULL, &dwData); if (!fResult) { _tprintf(_T("CryptDecodeObject failed with %x "), GetLastError()); __leave; } // Allocate memory for SPC_SP_OPUS_INFO structure. OpusInfo = (PSPC_SP_OPUS_INFO)LocalAlloc(LPTR, dwData); if (!OpusInfo) { _tprintf(_T("Unable to allocate memory for Publisher Info. ")); __leave; } // Decode and get SPC_SP_OPUS_INFO structure. fResult = CryptDecodeObject(ENCODING, SPC_SP_OPUS_INFO_OBJID, pSignerInfo->AuthAttrs.rgAttr[n].rgValue[0].pbData, pSignerInfo->AuthAttrs.rgAttr[n].rgValue[0].cbData, 0, OpusInfo, &dwData); if (!fResult) { _tprintf(_T("CryptDecodeObject failed with %x "), GetLastError()); __leave; } // Fill in Program Name if present. if (OpusInfo->pwszProgramName) { Info->lpszProgramName = AllocateAndCopyWideString(OpusInfo->pwszProgramName); } else Info->lpszProgramName = NULL; // Fill in Publisher Information if present. if (OpusInfo->pPublisherInfo) { switch (OpusInfo->pPublisherInfo->dwLinkChoice) { case SPC_URL_LINK_CHOICE: Info->lpszPublisherLink = AllocateAndCopyWideString(OpusInfo->pPublisherInfo->pwszUrl); break; case SPC_FILE_LINK_CHOICE: Info->lpszPublisherLink = AllocateAndCopyWideString(OpusInfo->pPublisherInfo->pwszFile); break; default: Info->lpszPublisherLink = NULL; break; } } else { Info->lpszPublisherLink = NULL; } // Fill in More Info if present. if (OpusInfo->pMoreInfo) { switch (OpusInfo->pMoreInfo->dwLinkChoice) { case SPC_URL_LINK_CHOICE: Info->lpszMoreInfoLink = AllocateAndCopyWideString(OpusInfo->pMoreInfo->pwszUrl); break; case SPC_FILE_LINK_CHOICE: Info->lpszMoreInfoLink = AllocateAndCopyWideString(OpusInfo->pMoreInfo->pwszFile); break; default: Info->lpszMoreInfoLink = NULL; break; } } else { Info->lpszMoreInfoLink = NULL; } fReturn = TRUE; break; // Break from for loop. } // lstrcmp SPC_SP_OPUS_INFO_OBJID } // for } __finally { if (OpusInfo != NULL) LocalFree(OpusInfo); } return fReturn; } BOOL GetDateOfTimeStamp(PCMSG_SIGNER_INFO pSignerInfo, SYSTEMTIME* st) { BOOL fResult; FILETIME lft, ft; DWORD dwData; BOOL fReturn = FALSE; // Loop through authenticated attributes and find // szOID_RSA_signingTime OID. for (DWORD n = 0; n < pSignerInfo->AuthAttrs.cAttr; n++) { if (lstrcmpA(szOID_RSA_signingTime, pSignerInfo->AuthAttrs.rgAttr[n].pszObjId) == 0) { // Decode and get FILETIME structure. dwData = sizeof(ft); fResult = CryptDecodeObject(ENCODING, szOID_RSA_signingTime, pSignerInfo->AuthAttrs.rgAttr[n].rgValue[0].pbData, pSignerInfo->AuthAttrs.rgAttr[n].rgValue[0].cbData, 0, (PVOID)&ft, &dwData); if (!fResult) { _tprintf(_T("CryptDecodeObject failed with %x "), GetLastError()); break; } // Convert to local time. FileTimeToLocalFileTime(&ft, &lft); FileTimeToSystemTime(&lft, st); fReturn = TRUE; break; // Break from for loop. } //lstrcmp szOID_RSA_signingTime } // for return fReturn; } BOOL GetTimeStampSignerInfo(PCMSG_SIGNER_INFO pSignerInfo, PCMSG_SIGNER_INFO* pCounterSignerInfo) { PCCERT_CONTEXT pCertContext = NULL; BOOL fReturn = FALSE; BOOL fResult; DWORD dwSize; __try { *pCounterSignerInfo = NULL; // Loop through unathenticated attributes for // szOID_RSA_counterSign OID. for (DWORD n = 0; n < pSignerInfo->UnauthAttrs.cAttr; n++) { if (lstrcmpA(pSignerInfo->UnauthAttrs.rgAttr[n].pszObjId, szOID_RSA_counterSign) == 0) { // Get size of CMSG_SIGNER_INFO structure. fResult = CryptDecodeObject(ENCODING, PKCS7_SIGNER_INFO, pSignerInfo->UnauthAttrs.rgAttr[n].rgValue[0].pbData, pSignerInfo->UnauthAttrs.rgAttr[n].rgValue[0].cbData, 0, NULL, &dwSize); if (!fResult) { _tprintf(_T("CryptDecodeObject failed with %x "), GetLastError()); __leave; } // Allocate memory for CMSG_SIGNER_INFO. *pCounterSignerInfo = (PCMSG_SIGNER_INFO)LocalAlloc(LPTR, dwSize); if (!*pCounterSignerInfo) { _tprintf(_T("Unable to allocate memory for timestamp info. ")); __leave; } // Decode and get CMSG_SIGNER_INFO structure // for timestamp certificate. fResult = CryptDecodeObject(ENCODING, PKCS7_SIGNER_INFO, pSignerInfo->UnauthAttrs.rgAttr[n].rgValue[0].pbData, pSignerInfo->UnauthAttrs.rgAttr[n].rgValue[0].cbData, 0, (PVOID)*pCounterSignerInfo, &dwSize); if (!fResult) { _tprintf(_T("CryptDecodeObject failed with %x "), GetLastError()); __leave; } fReturn = TRUE; break; // Break from for loop. } } } __finally { // Clean up. if (pCertContext != NULL) CertFreeCertificateContext(pCertContext); } return fReturn; } typedef struct LANGANDCODEPAGE { WORD wLanguage; WORD wCodePage; }ldp; void show_exact_info(char * str) { DWORD fHandle = 0; DWORD ds = GetFileVersionInfoSizeA(str, fHandle); char* pBlock= malloc(ds); memset(pBlock, 0, ds); GetFileVersionInfoA(str, fHandle, ds, pBlock); HRESULT hr; ldp* lpTranslate = NULL; // Read the list of languages and code pages. UINT cbTranslate = 0; VerQueryValueA(pBlock,"\VarFileInfo\Translation",(LPVOID*)&lpTranslate,&cbTranslate); // Read the file description for each language and code page. int i = 0; char outdata[2048] = { 0 }; char buffer[2048] = { 0 }; char* pbf = NULL; DWORD db = 0; for (i = 0; i < (cbTranslate / sizeof(struct LANGANDCODEPAGE)); i++) { hr = sprintf(outdata, "\StringFileInfo\%04x%04x\LegalCopyright", lpTranslate[i].wLanguage, lpTranslate[i].wCodePage); ldp* ll = NULL; UINT cl = 0; VerQueryValueA(pBlock, outdata, &pbf, &cl); printf("LegalCopyright:%s ", pbf); //printf(); printf(" "); } printf(" "); for (i = 0; i < (cbTranslate / sizeof(struct LANGANDCODEPAGE)); i++) { hr = sprintf(outdata, "\StringFileInfo\%04x%04x\FileVersion", lpTranslate[i].wLanguage, lpTranslate[i].wCodePage); ldp* ll = NULL; UINT cl = 0; VerQueryValueA(pBlock, outdata, &pbf, &cl); printf("File__Version : "); printf(pbf); printf(" "); } } void show_sign_digital_info( char *str) { WCHAR szFileName[MAX_PATH]; HCERTSTORE hStore = NULL; HCRYPTMSG hMsg = NULL; PCCERT_CONTEXT pCertContext = NULL; BOOL fResult; DWORD dwEncoding, dwContentType, dwFormatType; PCMSG_SIGNER_INFO pSignerInfo = NULL; PCMSG_SIGNER_INFO pCounterSignerInfo = NULL; DWORD dwSignerInfo; CERT_INFO CertInfo; SPROG_PUBLISHERINFO ProgPubInfo; SYSTEMTIME st; ZeroMemory(&ProgPubInfo, sizeof(ProgPubInfo)); __try { #ifdef UNICODE lstrcpynW(szFileName, argv[1], MAX_PATH); #else #endif // Get message handle and store handle from the signed file. fResult = CryptQueryObject(CERT_QUERY_OBJECT_FILE, char2wchar(str), CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED, CERT_QUERY_FORMAT_FLAG_BINARY, 0, &dwEncoding, &dwContentType, &dwFormatType, &hStore, &hMsg, NULL); if (!fResult) { _tprintf(_T("CryptQueryObject failed with %x "), GetLastError()); __leave; } // Get signer information size. fResult = CryptMsgGetParam(hMsg, CMSG_SIGNER_INFO_PARAM, 0, NULL, &dwSignerInfo); if (!fResult) { _tprintf(_T("CryptMsgGetParam failed with %x "), GetLastError()); __leave; } // Allocate memory for signer information. pSignerInfo = (PCMSG_SIGNER_INFO)LocalAlloc(LPTR, dwSignerInfo); if (!pSignerInfo) { _tprintf(_T("Unable to allocate memory for Signer Info. ")); __leave; } // Get Signer Information. fResult = CryptMsgGetParam(hMsg, CMSG_SIGNER_INFO_PARAM, 0, (PVOID)pSignerInfo, &dwSignerInfo); if (!fResult) { _tprintf(_T("CryptMsgGetParam failed with %x "), GetLastError()); __leave; } // Get program name and publisher information from // signer info structure. if (GetProgAndPublisherInfo(pSignerInfo, &ProgPubInfo)) { if (ProgPubInfo.lpszProgramName != NULL) { wprintf(L"Program Name : %s ", ProgPubInfo.lpszProgramName); } if (ProgPubInfo.lpszPublisherLink != NULL) { wprintf(L"Publisher Link : %s ", ProgPubInfo.lpszPublisherLink); } if (ProgPubInfo.lpszMoreInfoLink != NULL) { wprintf(L"MoreInfo Link : %s ", ProgPubInfo.lpszMoreInfoLink); } } _tprintf(_T(" ")); // Search for the signer certificate in the temporary // certificate store. CertInfo.Issuer = pSignerInfo->Issuer; CertInfo.SerialNumber = pSignerInfo->SerialNumber; pCertContext = CertFindCertificateInStore(hStore, ENCODING, 0, CERT_FIND_SUBJECT_CERT, (PVOID)&CertInfo, NULL); if (!pCertContext) { _tprintf(_T("CertFindCertificateInStore failed with %x "), GetLastError()); __leave; } // Print Signer certificate information. _tprintf(_T("Signer Certificate: ")); PrintCertificateInfo(pCertContext); _tprintf(_T(" ")); // Get the timestamp certificate signerinfo structure. if (GetTimeStampSignerInfo(pSignerInfo, &pCounterSignerInfo)) { // Search for Timestamp certificate in the temporary // certificate store. CertInfo.Issuer = pCounterSignerInfo->Issuer; CertInfo.SerialNumber = pCounterSignerInfo->SerialNumber; pCertContext = CertFindCertificateInStore(hStore, ENCODING, 0, CERT_FIND_SUBJECT_CERT, (PVOID)&CertInfo, NULL); if (!pCertContext) { _tprintf(_T("CertFindCertificateInStore failed with %x "), GetLastError()); __leave; } // Print timestamp certificate information. _tprintf(_T("TimeStamp Certificate: ")); PrintCertificateInfo(pCertContext); _tprintf(_T(" ")); // Find Date of timestamp. if (GetDateOfTimeStamp(pCounterSignerInfo, &st)) { _tprintf(_T("Date of TimeStamp : %02d/%02d/%04d %02d:%02d "), st.wMonth, st.wDay, st.wYear, st.wHour, st.wMinute); } _tprintf(_T(" ")); } } __finally { // Clean up. if (ProgPubInfo.lpszProgramName != NULL) LocalFree(ProgPubInfo.lpszProgramName); if (ProgPubInfo.lpszPublisherLink != NULL) LocalFree(ProgPubInfo.lpszPublisherLink); if (ProgPubInfo.lpszMoreInfoLink != NULL) LocalFree(ProgPubInfo.lpszMoreInfoLink); if (pSignerInfo != NULL) LocalFree(pSignerInfo); if (pCounterSignerInfo != NULL) LocalFree(pCounterSignerInfo); if (pCertContext != NULL) CertFreeCertificateContext(pCertContext); if (hStore != NULL) CertCloseStore(hStore, 0); if (hMsg != NULL) CryptMsgClose(hMsg); } } int main() { while (1) { //char s[100] = "E:\usingsoftware\everything\Everything.exe"; //char s[100] = "E:\usingsoftware\everything\"; char* s[100]; printf("please input the path of the text: "); scanf("%s", s); char* str = s; printf("The conventional information: "); ShowFileAttributes(str); show_exact_info(str); show_sign_digital_info(str); system("pause"); system("cls"); } return 0; }