MrSphay/MrTrust
1
0
Fork 0
generated from MrSphay/codex-agent-repository-kit
Code Issues Pull Requests Actions Packages Projects Releases 5 Wiki Activity
Files
b58b6358f4fcd1592809fb818968f29f1d46b397
MrTrust/scripts/Start-MrTrustGui.ps1
MrSphay b58b6358f4
Some checks failed
Build MrTrust / build-windows (push) Has been cancelled
Details
Add MrTrust GUI and Gitea release build
2026-05-15 23:47:10 +02:00

325 lines
12 KiB
PowerShell
Raw Blame History

[CmdletBinding()]
param()
$ErrorActionPreference = "Stop"
Add-Type -AssemblyName System.Windows.Forms
Add-Type -AssemblyName System.Drawing
$script:RootPath = Split-Path -Parent (Split-Path -Parent $MyInvocation.MyCommand.Path)
$script:RootCertificatePath = Join-Path $script:RootPath "assets\certificates\MrSphay-LocalTrust-Root.cer"
$script:PublisherCertificatePath = Join-Path $script:RootPath "assets\certificates\MrSphay-CodeSigning.cer"
function Test-IsAdministrator {
$identity = [Security.Principal.WindowsIdentity]::GetCurrent()
$principal = [Security.Principal.WindowsPrincipal]::new($identity)
$principal.IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
}
function Get-MrTrustCertificate {
param([Parameter(Mandatory)][string]$Path)
if (-not (Test-Path -LiteralPath $Path)) {
throw "Certificate file not found: $Path"
}
[System.Security.Cryptography.X509Certificates.X509Certificate2]::new($Path)
}
function Get-TrustScope {
if ($script:AllUsersCheckBox.Checked) {
"LocalMachine"
}
else {
"CurrentUser"
}
}
function Get-StorePath {
param(
[Parameter(Mandatory)][string]$Scope,
[Parameter(Mandatory)][string]$Store
)
"Cert:\$Scope\$Store"
}
function Test-CertificateInstalled {
param(
[Parameter(Mandatory)]$Certificate,
[Parameter(Mandatory)][string]$Scope,
[Parameter(Mandatory)][string]$Store
)
$storePath = Get-StorePath -Scope $Scope -Store $Store
@(Get-ChildItem -Path $storePath | Where-Object Thumbprint -eq $Certificate.Thumbprint).Count -gt 0
}
function Set-StatusText {
param([Parameter(Mandatory)][string]$Text)
$script:StatusLabel.Text = $Text
}
function Refresh-MrTrustStatus {
try {
$rootCertificate = Get-MrTrustCertificate -Path $script:RootCertificatePath
$publisherCertificate = Get-MrTrustCertificate -Path $script:PublisherCertificatePath
$scope = Get-TrustScope
$rootInstalled = Test-CertificateInstalled -Certificate $rootCertificate -Scope $scope -Store "Root"
$publisherInstalled = Test-CertificateInstalled -Certificate $publisherCertificate -Scope $scope -Store "TrustedPublisher"
$script:RootThumbprintLabel.Text = $rootCertificate.Thumbprint
$script:PublisherThumbprintLabel.Text = $publisherCertificate.Thumbprint
$script:ExpiryLabel.Text = $rootCertificate.NotAfter.ToString("yyyy-MM-dd")
if ($rootInstalled -and $publisherInstalled) {
Set-StatusText "Trusted for $scope"
$script:StatusPill.BackColor = [Drawing.Color]::FromArgb(28, 185, 111)
}
else {
Set-StatusText "Not installed for $scope"
$script:StatusPill.BackColor = [Drawing.Color]::FromArgb(242, 153, 74)
}
}
catch {
Set-StatusText $_.Exception.Message
$script:StatusPill.BackColor = [Drawing.Color]::FromArgb(235, 87, 87)
}
}
function Install-MrTrustCertificates {
$scope = Get-TrustScope
if ($scope -eq "LocalMachine" -and -not (Test-IsAdministrator)) {
[Windows.Forms.MessageBox]::Show(
"All-users trust requires running PowerShell as Administrator.",
"MrTrust",
[Windows.Forms.MessageBoxButtons]::OK,
[Windows.Forms.MessageBoxIcon]::Warning
) | Out-Null
return
}
$rootCertificate = Get-MrTrustCertificate -Path $script:RootCertificatePath
$publisherCertificate = Get-MrTrustCertificate -Path $script:PublisherCertificatePath
$message = "Install MrSphay trust for $scope?`r`n`r`nRoot:`r`n$($rootCertificate.Thumbprint)`r`n`r`nPublisher:`r`n$($publisherCertificate.Thumbprint)`r`n`r`nOnly continue if you trust software signed by MrSphay."
$result = [Windows.Forms.MessageBox]::Show(
$message,
"Install MrTrust",
[Windows.Forms.MessageBoxButtons]::YesNo,
[Windows.Forms.MessageBoxIcon]::Warning
)
if ($result -ne [Windows.Forms.DialogResult]::Yes) {
return
}
Import-Certificate -FilePath $script:RootCertificatePath -CertStoreLocation (Get-StorePath -Scope $scope -Store "Root") | Out-Null
Import-Certificate -FilePath $script:PublisherCertificatePath -CertStoreLocation (Get-StorePath -Scope $scope -Store "TrustedPublisher") | Out-Null
Refresh-MrTrustStatus
}
function Remove-MrTrustCertificates {
$scope = Get-TrustScope
if ($scope -eq "LocalMachine" -and -not (Test-IsAdministrator)) {
[Windows.Forms.MessageBox]::Show(
"All-users removal requires running PowerShell as Administrator.",
"MrTrust",
[Windows.Forms.MessageBoxButtons]::OK,
[Windows.Forms.MessageBoxIcon]::Warning
) | Out-Null
return
}
$rootCertificate = Get-MrTrustCertificate -Path $script:RootCertificatePath
$publisherCertificate = Get-MrTrustCertificate -Path $script:PublisherCertificatePath
$result = [Windows.Forms.MessageBox]::Show(
"Remove MrSphay trust for $scope?",
"Remove MrTrust",
[Windows.Forms.MessageBoxButtons]::YesNo,
[Windows.Forms.MessageBoxIcon]::Question
)
if ($result -ne [Windows.Forms.DialogResult]::Yes) {
return
}
$targets = @(
[pscustomobject]@{ Store = "Root"; Thumbprint = $rootCertificate.Thumbprint },
[pscustomobject]@{ Store = "TrustedPublisher"; Thumbprint = $publisherCertificate.Thumbprint }
)
foreach ($target in $targets) {
$storePath = Get-StorePath -Scope $scope -Store $target.Store
Get-ChildItem -Path $storePath |
Where-Object Thumbprint -eq $target.Thumbprint |
Remove-Item
}
Refresh-MrTrustStatus
}
[Windows.Forms.Application]::EnableVisualStyles()
$form = [Windows.Forms.Form]::new()
$form.Text = "MrTrust"
$form.StartPosition = "CenterScreen"
$form.ClientSize = [Drawing.Size]::new(760, 520)
$form.MinimumSize = [Drawing.Size]::new(720, 500)
$form.BackColor = [Drawing.Color]::FromArgb(22, 26, 29)
$form.Font = [Drawing.Font]::new("Segoe UI", 10)
$header = [Windows.Forms.Panel]::new()
$header.Dock = "Top"
$header.Height = 108
$header.BackColor = [Drawing.Color]::FromArgb(27, 32, 35)
$form.Controls.Add($header)
$accent = [Windows.Forms.Panel]::new()
$accent.Dock = "Left"
$accent.Width = 8
$accent.BackColor = [Drawing.Color]::FromArgb(28, 185, 111)
$header.Controls.Add($accent)
$title = [Windows.Forms.Label]::new()
$title.Text = "MrTrust"
$title.ForeColor = [Drawing.Color]::White
$title.Font = [Drawing.Font]::new("Segoe UI", 24, [Drawing.FontStyle]::Bold)
$title.AutoSize = $true
$title.Location = [Drawing.Point]::new(30, 18)
$header.Controls.Add($title)
$subtitle = [Windows.Forms.Label]::new()
$subtitle.Text = "Trust setup for MrSphay signed Windows apps"
$subtitle.ForeColor = [Drawing.Color]::FromArgb(177, 190, 183)
$subtitle.AutoSize = $true
$subtitle.Location = [Drawing.Point]::new(34, 66)
$header.Controls.Add($subtitle)
$script:StatusPill = [Windows.Forms.Panel]::new()
$script:StatusPill.Size = [Drawing.Size]::new(14, 14)
$script:StatusPill.Location = [Drawing.Point]::new(610, 42)
$script:StatusPill.BackColor = [Drawing.Color]::FromArgb(242, 153, 74)
$header.Controls.Add($script:StatusPill)
$script:StatusLabel = [Windows.Forms.Label]::new()
$script:StatusLabel.Text = "Checking..."
$script:StatusLabel.ForeColor = [Drawing.Color]::FromArgb(225, 231, 227)
$script:StatusLabel.AutoSize = $true
$script:StatusLabel.Location = [Drawing.Point]::new(632, 38)
$header.Controls.Add($script:StatusLabel)
$content = [Windows.Forms.Panel]::new()
$content.Dock = "Fill"
$content.Padding = [Windows.Forms.Padding]::new(30)
$content.BackColor = [Drawing.Color]::FromArgb(22, 26, 29)
$form.Controls.Add($content)
$infoPanel = [Windows.Forms.Panel]::new()
$infoPanel.BackColor = [Drawing.Color]::FromArgb(31, 37, 40)
$infoPanel.Size = [Drawing.Size]::new(700, 210)
$infoPanel.Location = [Drawing.Point]::new(30, 34)
$content.Controls.Add($infoPanel)
$scopeLabel = [Windows.Forms.Label]::new()
$scopeLabel.Text = "Scope"
$scopeLabel.ForeColor = [Drawing.Color]::FromArgb(177, 190, 183)
$scopeLabel.Location = [Drawing.Point]::new(24, 24)
$scopeLabel.AutoSize = $true
$infoPanel.Controls.Add($scopeLabel)
$script:AllUsersCheckBox = [Windows.Forms.CheckBox]::new()
$script:AllUsersCheckBox.Text = "Install for all users (requires Administrator)"
$script:AllUsersCheckBox.ForeColor = [Drawing.Color]::FromArgb(225, 231, 227)
$script:AllUsersCheckBox.Location = [Drawing.Point]::new(24, 50)
$script:AllUsersCheckBox.AutoSize = $true
$script:AllUsersCheckBox.FlatStyle = "Flat"
$script:AllUsersCheckBox.Add_CheckedChanged({ Refresh-MrTrustStatus })
$infoPanel.Controls.Add($script:AllUsersCheckBox)
$rootLabel = [Windows.Forms.Label]::new()
$rootLabel.Text = "Root thumbprint"
$rootLabel.ForeColor = [Drawing.Color]::FromArgb(177, 190, 183)
$rootLabel.Location = [Drawing.Point]::new(24, 92)
$rootLabel.AutoSize = $true
$infoPanel.Controls.Add($rootLabel)
$script:RootThumbprintLabel = [Windows.Forms.Label]::new()
$script:RootThumbprintLabel.Text = "-"
$script:RootThumbprintLabel.ForeColor = [Drawing.Color]::FromArgb(225, 231, 227)
$script:RootThumbprintLabel.Font = [Drawing.Font]::new("Consolas", 9)
$script:RootThumbprintLabel.Location = [Drawing.Point]::new(180, 92)
$script:RootThumbprintLabel.AutoSize = $true
$infoPanel.Controls.Add($script:RootThumbprintLabel)
$publisherLabel = [Windows.Forms.Label]::new()
$publisherLabel.Text = "Publisher thumbprint"
$publisherLabel.ForeColor = [Drawing.Color]::FromArgb(177, 190, 183)
$publisherLabel.Location = [Drawing.Point]::new(24, 128)
$publisherLabel.AutoSize = $true
$infoPanel.Controls.Add($publisherLabel)
$script:PublisherThumbprintLabel = [Windows.Forms.Label]::new()
$script:PublisherThumbprintLabel.Text = "-"
$script:PublisherThumbprintLabel.ForeColor = [Drawing.Color]::FromArgb(225, 231, 227)
$script:PublisherThumbprintLabel.Font = [Drawing.Font]::new("Consolas", 9)
$script:PublisherThumbprintLabel.Location = [Drawing.Point]::new(180, 128)
$script:PublisherThumbprintLabel.AutoSize = $true
$infoPanel.Controls.Add($script:PublisherThumbprintLabel)
$expiryLabelTitle = [Windows.Forms.Label]::new()
$expiryLabelTitle.Text = "Expires"
$expiryLabelTitle.ForeColor = [Drawing.Color]::FromArgb(177, 190, 183)
$expiryLabelTitle.Location = [Drawing.Point]::new(24, 164)
$expiryLabelTitle.AutoSize = $true
$infoPanel.Controls.Add($expiryLabelTitle)
$script:ExpiryLabel = [Windows.Forms.Label]::new()
$script:ExpiryLabel.Text = "-"
$script:ExpiryLabel.ForeColor = [Drawing.Color]::FromArgb(225, 231, 227)
$script:ExpiryLabel.Location = [Drawing.Point]::new(180, 164)
$script:ExpiryLabel.AutoSize = $true
$infoPanel.Controls.Add($script:ExpiryLabel)
$installButton = [Windows.Forms.Button]::new()
$installButton.Text = "Install trust"
$installButton.BackColor = [Drawing.Color]::FromArgb(28, 185, 111)
$installButton.ForeColor = [Drawing.Color]::White
$installButton.FlatStyle = "Flat"
$installButton.Size = [Drawing.Size]::new(180, 46)
$installButton.Location = [Drawing.Point]::new(30, 274)
$installButton.Add_Click({ Install-MrTrustCertificates })
$content.Controls.Add($installButton)
$removeButton = [Windows.Forms.Button]::new()
$removeButton.Text = "Remove trust"
$removeButton.BackColor = [Drawing.Color]::FromArgb(44, 52, 56)
$removeButton.ForeColor = [Drawing.Color]::FromArgb(225, 231, 227)
$removeButton.FlatStyle = "Flat"
$removeButton.Size = [Drawing.Size]::new(180, 46)
$removeButton.Location = [Drawing.Point]::new(230, 274)
$removeButton.Add_Click({ Remove-MrTrustCertificates })
$content.Controls.Add($removeButton)
$refreshButton = [Windows.Forms.Button]::new()
$refreshButton.Text = "Refresh"
$refreshButton.BackColor = [Drawing.Color]::FromArgb(44, 52, 56)
$refreshButton.ForeColor = [Drawing.Color]::FromArgb(225, 231, 227)
$refreshButton.FlatStyle = "Flat"
$refreshButton.Size = [Drawing.Size]::new(140, 46)
$refreshButton.Location = [Drawing.Point]::new(430, 274)
$refreshButton.Add_Click({ Refresh-MrTrustStatus })
$content.Controls.Add($refreshButton)
$note = [Windows.Forms.Label]::new()
$note.Text = "MrTrust installs public certificates only. It does not disable Defender, SmartScreen, UAC, or enterprise policies."
$note.ForeColor = [Drawing.Color]::FromArgb(177, 190, 183)
$note.Location = [Drawing.Point]::new(30, 352)
$note.Size = [Drawing.Size]::new(700, 48)
$content.Controls.Add($note)
$form.Add_Shown({ Refresh-MrTrustStatus })
[Windows.Forms.Application]::Run($form)
Reference in New Issue View Git Blame Copy Permalink