how to verify a file has not been tampered with

From: Robert Oeffner (
Date: 10/14/05

  • Next message: -: "Access Control to LDAP on AD?"
    Date: Fri, 14 Oct 2005 17:22:50 GMT

    Would anyone know the steps of how to verify a digitally signed executable
    has not been hacked? I was thinking that by comparing the hashvalue of the
    executable with the hash value in the signature you'd be able to do this.

    I cannot use CAPICOM API as the target systems are likely not to have
    CAPICOM installed. I cannot use WinVerifyTrust as this function takes
    several seconds to return, generates unwanted network activity and
    temporarily hogs the CPU and memory of the target system.

    If anyone is able to outline the function calls needed for my task I'd be
    very grateful. I was thinking that functions such as
    CryptVerifyCertificateSignature or CryptVerifySignature would be useful for
    this. However, there are no good examples on the MSDN on how to do this.




  • Next message: -: "Access Control to LDAP on AD?"