Re: Verification of signed binaries using CryptoApi

From: Ziv Maor (maorziv_at_012.net.il)
Date: 10/13/04

• Next message: Ing-Long Eric Kuo: "Re: Logon Without Password - GINA"
• Previous message: Yan-Hong Huang[MSFT]: "Re: CryptAcquireContext fails with error 6 (The handle is invalid)"
• In reply to: Daniel Sie [MSFT]: "Re: Verification of signed binaries using CryptoApi"
• Next in thread: Daniel Sie [MSFT]: "Re: Verification of signed binaries using CryptoApi"
• Reply: Daniel Sie [MSFT]: "Re: Verification of signed binaries using CryptoApi"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Wed, 13 Oct 2004 09:32:47 +0200

Hi Daniel

Under all documentation of the MSDN (taken from:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/seccrypto/security/winverifytrust.asp)
it states clearly that:
Requirements
Client: Requires Windows XP, Windows 2000 Professional, or Windows NT
Workstation 4.0.
Server: Requires Windows Server 2003, Windows 2000 Server, or Windows NT
Server 4.0.

And does not mention the Win9x platforms

Ziv

"Daniel Sie [MSFT]" <dsie@online.microsoft.com> wrote in message
news:eYQkc6AsEHA.1164@TK2MSFTNGP10.phx.gbl...
> WinVerifyTrust is the official API to do just that. What do you mean it is
> not compatible with OS under Win2k?
>
> It should work on all platforms. If not, please provide us with detail of
> how does not it work.
>
> --
> Thanks,
>
> Daniel Sie [MSFT]
>
> This posting is provided "AS IS" with no warranties, and confers no
rights.
> "Ziv Maor" <maorziv@012.net.il> wrote in message
> news:415fd5e7$1@news.012.net.il...
> > Hi! I'm trying to develop a small utility that verifies signed binaries
> > (the
> > binaries had been sign by signtool.exe), It seems that I have a problem
> > decoupling the signed binary into a bare message (the original message)
> > from
> > the signature block
> > Does anyone have any idea of how to do that?
> >
> > Thanks
> >
> > PS I don't want to use WinVerifyTrust since it's not compatible with OS
> > under Win2k
> >
> >
>
>

---

• Next message: Ing-Long Eric Kuo: "Re: Logon Without Password - GINA"
• Previous message: Yan-Hong Huang[MSFT]: "Re: CryptAcquireContext fails with error 6 (The handle is invalid)"
• In reply to: Daniel Sie [MSFT]: "Re: Verification of signed binaries using CryptoApi"
• Next in thread: Daniel Sie [MSFT]: "Re: Verification of signed binaries using CryptoApi"
• Reply: Daniel Sie [MSFT]: "Re: Verification of signed binaries using CryptoApi"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages SecurityFocus Microsoft Newsletter #154 ... MICROSOFT VULNERABILITY SUMMARY ... ISS RealSecure Server Sensor SSL Denial Of Service Vulnerabi... ... Roger Wilco Remote Server Side Buffer Overrun Vulnerability ... available for Microsoft Windows operating systems. ... (Focus-Microsoft) SecurityFocus Microsoft Newsletter #49 ... Subject: SecurityFocus Microsoft Newsletter #49 ... Microsoft Windows NNTP Denial of Service Vulnerability ... Microsoft IIS SSI Buffer Overrun Privelege Elevation Vulnerability ... Microsoft ISA Server H.323 Memory Leak Denial of Service... ... (Focus-Microsoft) Questions Relating to Administering Windows 2000 Server ... installed the network client on the target computer. ... Sarah has been attempting to install Windows 2000 ... Server for two days. ... Sarah has checked the cables and hard drives. ... (microsoft.public.cert.exam.mcse) pqv¼Ò¹ÚÇÑ ²Þ@mBGRx ... O-009¹Ù¢Ã MS Windows 2000 Datacenter Server -2¸¸¿ø ... Main Application (Borland C++ Builder 6 Enterprise Edition) ... Y-166¢Ã Sex Starved Sluts 1 (Divx) ... (FreeBSD-Security) Questions Relating to Administering Windows 2000 Server ... installed the network client on the target computer. ... Sarah has been attempting to install Windows 2000 ... Server for two days. ... Sarah has checked the cables and hard drives. ... (microsoft.public.cert.exam.mcse)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(16)