Re: problem with CAPICOM

hmm I just ran this Authenticode verification utility on a the
WFP file and it passed signature verification without a problem . so
that means that any file hashes covered in THAT cap file are protected:

CAPICOM SignedCode.Verify invokes some of the WinVerify api.

- Mitch Gallant

"" <jacekmichalek@xxxxxxxxx> wrote in message
I read about sfc, even used it to enumerate protected files - but it's
all sfc can do (according to API documentation). What about idea i
mentioned - check signature of catalog file, which holds hash of
system file to verify? I tried it using winverifytrust, setting

dwUnionChoice = WTD_CHOICE_FILE in WINTRUST_DATA structure, and

pcwszFilePath =catinfo.wszCatalogFile in WINTRUST_FILE_INFO

but i got negative response - TRUST_E_NOSIGNATURE.

On the other hand, when I examine this catalog file with signtool, i
get positive answer?

correct me if it;s wrong.