generated from MrSphay/codex-agent-repository-kit
Add MrTrust GUI and Gitea release build
Some checks failed
Build MrTrust / build-windows (push) Has been cancelled
Some checks failed
Build MrTrust / build-windows (push) Has been cancelled
This commit is contained in:
MrSphay
324
scripts/Start-MrTrustGui.ps1
Normal file
324
scripts/Start-MrTrustGui.ps1
Normal file
@@ -0,0 +1,324 @@
|
||||
[CmdletBinding()]
|
||||
param()
|
||||
|
||||
$ErrorActionPreference = "Stop"
|
||||
|
||||
Add-Type -AssemblyName System.Windows.Forms
|
||||
Add-Type -AssemblyName System.Drawing
|
||||
|
||||
$script:RootPath = Split-Path -Parent (Split-Path -Parent $MyInvocation.MyCommand.Path)
|
||||
$script:RootCertificatePath = Join-Path $script:RootPath "assets\certificates\MrSphay-LocalTrust-Root.cer"
|
||||
$script:PublisherCertificatePath = Join-Path $script:RootPath "assets\certificates\MrSphay-CodeSigning.cer"
|
||||
|
||||
function Test-IsAdministrator {
|
||||
$identity = [Security.Principal.WindowsIdentity]::GetCurrent()
|
||||
$principal = [Security.Principal.WindowsPrincipal]::new($identity)
|
||||
$principal.IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
|
||||
}
|
||||
|
||||
function Get-MrTrustCertificate {
|
||||
param([Parameter(Mandatory)][string]$Path)
|
||||
|
||||
if (-not (Test-Path -LiteralPath $Path)) {
|
||||
throw "Certificate file not found: $Path"
|
||||
}
|
||||
|
||||
[System.Security.Cryptography.X509Certificates.X509Certificate2]::new($Path)
|
||||
}
|
||||
|
||||
function Get-TrustScope {
|
||||
if ($script:AllUsersCheckBox.Checked) {
|
||||
"LocalMachine"
|
||||
}
|
||||
else {
|
||||
"CurrentUser"
|
||||
}
|
||||
}
|
||||
|
||||
function Get-StorePath {
|
||||
param(
|
||||
[Parameter(Mandatory)][string]$Scope,
|
||||
[Parameter(Mandatory)][string]$Store
|
||||
)
|
||||
|
||||
"Cert:\$Scope\$Store"
|
||||
}
|
||||
|
||||
function Test-CertificateInstalled {
|
||||
param(
|
||||
[Parameter(Mandatory)]$Certificate,
|
||||
[Parameter(Mandatory)][string]$Scope,
|
||||
[Parameter(Mandatory)][string]$Store
|
||||
)
|
||||
|
||||
$storePath = Get-StorePath -Scope $Scope -Store $Store
|
||||
@(Get-ChildItem -Path $storePath | Where-Object Thumbprint -eq $Certificate.Thumbprint).Count -gt 0
|
||||
}
|
||||
|
||||
function Set-StatusText {
|
||||
param([Parameter(Mandatory)][string]$Text)
|
||||
|
||||
$script:StatusLabel.Text = $Text
|
||||
}
|
||||
|
||||
function Refresh-MrTrustStatus {
|
||||
try {
|
||||
$rootCertificate = Get-MrTrustCertificate -Path $script:RootCertificatePath
|
||||
$publisherCertificate = Get-MrTrustCertificate -Path $script:PublisherCertificatePath
|
||||
$scope = Get-TrustScope
|
||||
|
||||
$rootInstalled = Test-CertificateInstalled -Certificate $rootCertificate -Scope $scope -Store "Root"
|
||||
$publisherInstalled = Test-CertificateInstalled -Certificate $publisherCertificate -Scope $scope -Store "TrustedPublisher"
|
||||
|
||||
$script:RootThumbprintLabel.Text = $rootCertificate.Thumbprint
|
||||
$script:PublisherThumbprintLabel.Text = $publisherCertificate.Thumbprint
|
||||
$script:ExpiryLabel.Text = $rootCertificate.NotAfter.ToString("yyyy-MM-dd")
|
||||
|
||||
if ($rootInstalled -and $publisherInstalled) {
|
||||
Set-StatusText "Trusted for $scope"
|
||||
$script:StatusPill.BackColor = [Drawing.Color]::FromArgb(28, 185, 111)
|
||||
}
|
||||
else {
|
||||
Set-StatusText "Not installed for $scope"
|
||||
$script:StatusPill.BackColor = [Drawing.Color]::FromArgb(242, 153, 74)
|
||||
}
|
||||
}
|
||||
catch {
|
||||
Set-StatusText $_.Exception.Message
|
||||
$script:StatusPill.BackColor = [Drawing.Color]::FromArgb(235, 87, 87)
|
||||
}
|
||||
}
|
||||
|
||||
function Install-MrTrustCertificates {
|
||||
$scope = Get-TrustScope
|
||||
if ($scope -eq "LocalMachine" -and -not (Test-IsAdministrator)) {
|
||||
[Windows.Forms.MessageBox]::Show(
|
||||
"All-users trust requires running PowerShell as Administrator.",
|
||||
"MrTrust",
|
||||
[Windows.Forms.MessageBoxButtons]::OK,
|
||||
[Windows.Forms.MessageBoxIcon]::Warning
|
||||
) | Out-Null
|
||||
return
|
||||
}
|
||||
|
||||
$rootCertificate = Get-MrTrustCertificate -Path $script:RootCertificatePath
|
||||
$publisherCertificate = Get-MrTrustCertificate -Path $script:PublisherCertificatePath
|
||||
|
||||
$message = "Install MrSphay trust for $scope?`r`n`r`nRoot:`r`n$($rootCertificate.Thumbprint)`r`n`r`nPublisher:`r`n$($publisherCertificate.Thumbprint)`r`n`r`nOnly continue if you trust software signed by MrSphay."
|
||||
$result = [Windows.Forms.MessageBox]::Show(
|
||||
$message,
|
||||
"Install MrTrust",
|
||||
[Windows.Forms.MessageBoxButtons]::YesNo,
|
||||
[Windows.Forms.MessageBoxIcon]::Warning
|
||||
)
|
||||
|
||||
if ($result -ne [Windows.Forms.DialogResult]::Yes) {
|
||||
return
|
||||
}
|
||||
|
||||
Import-Certificate -FilePath $script:RootCertificatePath -CertStoreLocation (Get-StorePath -Scope $scope -Store "Root") | Out-Null
|
||||
Import-Certificate -FilePath $script:PublisherCertificatePath -CertStoreLocation (Get-StorePath -Scope $scope -Store "TrustedPublisher") | Out-Null
|
||||
Refresh-MrTrustStatus
|
||||
}
|
||||
|
||||
function Remove-MrTrustCertificates {
|
||||
$scope = Get-TrustScope
|
||||
if ($scope -eq "LocalMachine" -and -not (Test-IsAdministrator)) {
|
||||
[Windows.Forms.MessageBox]::Show(
|
||||
"All-users removal requires running PowerShell as Administrator.",
|
||||
"MrTrust",
|
||||
[Windows.Forms.MessageBoxButtons]::OK,
|
||||
[Windows.Forms.MessageBoxIcon]::Warning
|
||||
) | Out-Null
|
||||
return
|
||||
}
|
||||
|
||||
$rootCertificate = Get-MrTrustCertificate -Path $script:RootCertificatePath
|
||||
$publisherCertificate = Get-MrTrustCertificate -Path $script:PublisherCertificatePath
|
||||
$result = [Windows.Forms.MessageBox]::Show(
|
||||
"Remove MrSphay trust for $scope?",
|
||||
"Remove MrTrust",
|
||||
[Windows.Forms.MessageBoxButtons]::YesNo,
|
||||
[Windows.Forms.MessageBoxIcon]::Question
|
||||
)
|
||||
|
||||
if ($result -ne [Windows.Forms.DialogResult]::Yes) {
|
||||
return
|
||||
}
|
||||
|
||||
$targets = @(
|
||||
[pscustomobject]@{ Store = "Root"; Thumbprint = $rootCertificate.Thumbprint },
|
||||
[pscustomobject]@{ Store = "TrustedPublisher"; Thumbprint = $publisherCertificate.Thumbprint }
|
||||
)
|
||||
|
||||
foreach ($target in $targets) {
|
||||
$storePath = Get-StorePath -Scope $scope -Store $target.Store
|
||||
Get-ChildItem -Path $storePath |
|
||||
Where-Object Thumbprint -eq $target.Thumbprint |
|
||||
Remove-Item
|
||||
}
|
||||
|
||||
Refresh-MrTrustStatus
|
||||
}
|
||||
|
||||
[Windows.Forms.Application]::EnableVisualStyles()
|
||||
|
||||
$form = [Windows.Forms.Form]::new()
|
||||
$form.Text = "MrTrust"
|
||||
$form.StartPosition = "CenterScreen"
|
||||
$form.ClientSize = [Drawing.Size]::new(760, 520)
|
||||
$form.MinimumSize = [Drawing.Size]::new(720, 500)
|
||||
$form.BackColor = [Drawing.Color]::FromArgb(22, 26, 29)
|
||||
$form.Font = [Drawing.Font]::new("Segoe UI", 10)
|
||||
|
||||
$header = [Windows.Forms.Panel]::new()
|
||||
$header.Dock = "Top"
|
||||
$header.Height = 108
|
||||
$header.BackColor = [Drawing.Color]::FromArgb(27, 32, 35)
|
||||
$form.Controls.Add($header)
|
||||
|
||||
$accent = [Windows.Forms.Panel]::new()
|
||||
$accent.Dock = "Left"
|
||||
$accent.Width = 8
|
||||
$accent.BackColor = [Drawing.Color]::FromArgb(28, 185, 111)
|
||||
$header.Controls.Add($accent)
|
||||
|
||||
$title = [Windows.Forms.Label]::new()
|
||||
$title.Text = "MrTrust"
|
||||
$title.ForeColor = [Drawing.Color]::White
|
||||
$title.Font = [Drawing.Font]::new("Segoe UI", 24, [Drawing.FontStyle]::Bold)
|
||||
$title.AutoSize = $true
|
||||
$title.Location = [Drawing.Point]::new(30, 18)
|
||||
$header.Controls.Add($title)
|
||||
|
||||
$subtitle = [Windows.Forms.Label]::new()
|
||||
$subtitle.Text = "Trust setup for MrSphay signed Windows apps"
|
||||
$subtitle.ForeColor = [Drawing.Color]::FromArgb(177, 190, 183)
|
||||
$subtitle.AutoSize = $true
|
||||
$subtitle.Location = [Drawing.Point]::new(34, 66)
|
||||
$header.Controls.Add($subtitle)
|
||||
|
||||
$script:StatusPill = [Windows.Forms.Panel]::new()
|
||||
$script:StatusPill.Size = [Drawing.Size]::new(14, 14)
|
||||
$script:StatusPill.Location = [Drawing.Point]::new(610, 42)
|
||||
$script:StatusPill.BackColor = [Drawing.Color]::FromArgb(242, 153, 74)
|
||||
$header.Controls.Add($script:StatusPill)
|
||||
|
||||
$script:StatusLabel = [Windows.Forms.Label]::new()
|
||||
$script:StatusLabel.Text = "Checking..."
|
||||
$script:StatusLabel.ForeColor = [Drawing.Color]::FromArgb(225, 231, 227)
|
||||
$script:StatusLabel.AutoSize = $true
|
||||
$script:StatusLabel.Location = [Drawing.Point]::new(632, 38)
|
||||
$header.Controls.Add($script:StatusLabel)
|
||||
|
||||
$content = [Windows.Forms.Panel]::new()
|
||||
$content.Dock = "Fill"
|
||||
$content.Padding = [Windows.Forms.Padding]::new(30)
|
||||
$content.BackColor = [Drawing.Color]::FromArgb(22, 26, 29)
|
||||
$form.Controls.Add($content)
|
||||
|
||||
$infoPanel = [Windows.Forms.Panel]::new()
|
||||
$infoPanel.BackColor = [Drawing.Color]::FromArgb(31, 37, 40)
|
||||
$infoPanel.Size = [Drawing.Size]::new(700, 210)
|
||||
$infoPanel.Location = [Drawing.Point]::new(30, 34)
|
||||
$content.Controls.Add($infoPanel)
|
||||
|
||||
$scopeLabel = [Windows.Forms.Label]::new()
|
||||
$scopeLabel.Text = "Scope"
|
||||
$scopeLabel.ForeColor = [Drawing.Color]::FromArgb(177, 190, 183)
|
||||
$scopeLabel.Location = [Drawing.Point]::new(24, 24)
|
||||
$scopeLabel.AutoSize = $true
|
||||
$infoPanel.Controls.Add($scopeLabel)
|
||||
|
||||
$script:AllUsersCheckBox = [Windows.Forms.CheckBox]::new()
|
||||
$script:AllUsersCheckBox.Text = "Install for all users (requires Administrator)"
|
||||
$script:AllUsersCheckBox.ForeColor = [Drawing.Color]::FromArgb(225, 231, 227)
|
||||
$script:AllUsersCheckBox.Location = [Drawing.Point]::new(24, 50)
|
||||
$script:AllUsersCheckBox.AutoSize = $true
|
||||
$script:AllUsersCheckBox.FlatStyle = "Flat"
|
||||
$script:AllUsersCheckBox.Add_CheckedChanged({ Refresh-MrTrustStatus })
|
||||
$infoPanel.Controls.Add($script:AllUsersCheckBox)
|
||||
|
||||
$rootLabel = [Windows.Forms.Label]::new()
|
||||
$rootLabel.Text = "Root thumbprint"
|
||||
$rootLabel.ForeColor = [Drawing.Color]::FromArgb(177, 190, 183)
|
||||
$rootLabel.Location = [Drawing.Point]::new(24, 92)
|
||||
$rootLabel.AutoSize = $true
|
||||
$infoPanel.Controls.Add($rootLabel)
|
||||
|
||||
$script:RootThumbprintLabel = [Windows.Forms.Label]::new()
|
||||
$script:RootThumbprintLabel.Text = "-"
|
||||
$script:RootThumbprintLabel.ForeColor = [Drawing.Color]::FromArgb(225, 231, 227)
|
||||
$script:RootThumbprintLabel.Font = [Drawing.Font]::new("Consolas", 9)
|
||||
$script:RootThumbprintLabel.Location = [Drawing.Point]::new(180, 92)
|
||||
$script:RootThumbprintLabel.AutoSize = $true
|
||||
$infoPanel.Controls.Add($script:RootThumbprintLabel)
|
||||
|
||||
$publisherLabel = [Windows.Forms.Label]::new()
|
||||
$publisherLabel.Text = "Publisher thumbprint"
|
||||
$publisherLabel.ForeColor = [Drawing.Color]::FromArgb(177, 190, 183)
|
||||
$publisherLabel.Location = [Drawing.Point]::new(24, 128)
|
||||
$publisherLabel.AutoSize = $true
|
||||
$infoPanel.Controls.Add($publisherLabel)
|
||||
|
||||
$script:PublisherThumbprintLabel = [Windows.Forms.Label]::new()
|
||||
$script:PublisherThumbprintLabel.Text = "-"
|
||||
$script:PublisherThumbprintLabel.ForeColor = [Drawing.Color]::FromArgb(225, 231, 227)
|
||||
$script:PublisherThumbprintLabel.Font = [Drawing.Font]::new("Consolas", 9)
|
||||
$script:PublisherThumbprintLabel.Location = [Drawing.Point]::new(180, 128)
|
||||
$script:PublisherThumbprintLabel.AutoSize = $true
|
||||
$infoPanel.Controls.Add($script:PublisherThumbprintLabel)
|
||||
|
||||
$expiryLabelTitle = [Windows.Forms.Label]::new()
|
||||
$expiryLabelTitle.Text = "Expires"
|
||||
$expiryLabelTitle.ForeColor = [Drawing.Color]::FromArgb(177, 190, 183)
|
||||
$expiryLabelTitle.Location = [Drawing.Point]::new(24, 164)
|
||||
$expiryLabelTitle.AutoSize = $true
|
||||
$infoPanel.Controls.Add($expiryLabelTitle)
|
||||
|
||||
$script:ExpiryLabel = [Windows.Forms.Label]::new()
|
||||
$script:ExpiryLabel.Text = "-"
|
||||
$script:ExpiryLabel.ForeColor = [Drawing.Color]::FromArgb(225, 231, 227)
|
||||
$script:ExpiryLabel.Location = [Drawing.Point]::new(180, 164)
|
||||
$script:ExpiryLabel.AutoSize = $true
|
||||
$infoPanel.Controls.Add($script:ExpiryLabel)
|
||||
|
||||
$installButton = [Windows.Forms.Button]::new()
|
||||
$installButton.Text = "Install trust"
|
||||
$installButton.BackColor = [Drawing.Color]::FromArgb(28, 185, 111)
|
||||
$installButton.ForeColor = [Drawing.Color]::White
|
||||
$installButton.FlatStyle = "Flat"
|
||||
$installButton.Size = [Drawing.Size]::new(180, 46)
|
||||
$installButton.Location = [Drawing.Point]::new(30, 274)
|
||||
$installButton.Add_Click({ Install-MrTrustCertificates })
|
||||
$content.Controls.Add($installButton)
|
||||
|
||||
$removeButton = [Windows.Forms.Button]::new()
|
||||
$removeButton.Text = "Remove trust"
|
||||
$removeButton.BackColor = [Drawing.Color]::FromArgb(44, 52, 56)
|
||||
$removeButton.ForeColor = [Drawing.Color]::FromArgb(225, 231, 227)
|
||||
$removeButton.FlatStyle = "Flat"
|
||||
$removeButton.Size = [Drawing.Size]::new(180, 46)
|
||||
$removeButton.Location = [Drawing.Point]::new(230, 274)
|
||||
$removeButton.Add_Click({ Remove-MrTrustCertificates })
|
||||
$content.Controls.Add($removeButton)
|
||||
|
||||
$refreshButton = [Windows.Forms.Button]::new()
|
||||
$refreshButton.Text = "Refresh"
|
||||
$refreshButton.BackColor = [Drawing.Color]::FromArgb(44, 52, 56)
|
||||
$refreshButton.ForeColor = [Drawing.Color]::FromArgb(225, 231, 227)
|
||||
$refreshButton.FlatStyle = "Flat"
|
||||
$refreshButton.Size = [Drawing.Size]::new(140, 46)
|
||||
$refreshButton.Location = [Drawing.Point]::new(430, 274)
|
||||
$refreshButton.Add_Click({ Refresh-MrTrustStatus })
|
||||
$content.Controls.Add($refreshButton)
|
||||
|
||||
$note = [Windows.Forms.Label]::new()
|
||||
$note.Text = "MrTrust installs public certificates only. It does not disable Defender, SmartScreen, UAC, or enterprise policies."
|
||||
$note.ForeColor = [Drawing.Color]::FromArgb(177, 190, 183)
|
||||
$note.Location = [Drawing.Point]::new(30, 352)
|
||||
$note.Size = [Drawing.Size]::new(700, 48)
|
||||
$content.Controls.Add($note)
|
||||
|
||||
$form.Add_Shown({ Refresh-MrTrustStatus })
|
||||
[Windows.Forms.Application]::Run($form)
|
||||
Reference in New Issue
Block a user