Re: Digital signature check on binaries
- From: "Mitch Gallant" <jensigner@xxxxxxxxxxxxxxxx>
- Date: Fri, 14 Jul 2006 13:07:15 -0400
See if this info contains any useful info or pointers to what you need:
http://www.jensign.com/hash
- Mitch
<satv73@xxxxxxxxx> wrote in message
news:1152895080.419354.173770@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Mitch,
You are right. But do you know how to scan those protected files
for dig info?
Thanks
Sathish
Mitch Gallant wrote:
Many system files are protected thru WFP (Windows File Protection) in
which
case the hash of those files are contained in a cat file which is signed.
You can use the WFP api to determine if any file is protected via WFP:
SfcIsFileProtected(..)
- Mitch
<satv73@xxxxxxxxx> wrote in message
news:1152891897.659128.183790@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hi,
I have a problem. I am developing an application that checks for
digital signature [signer] on set of dll or exe files. I use
WinVerifyTrust api. This works fine for the certain files. This can
be tested with looking at file properties\signature tab through NT
explorer. But this WinVerifyTrust cannot retrieve the sig. information
on certain files [eg. c:\windows\system32\wlnotify.dll], NT explorer
file properties too fails here. [there is no signature tab for these
files.]
Can anybody help me in briefing me whats missing and what should be
done?
I am pasting peice of code that I am using here. Please let me know
what needs to be done here.
=========================================================
static GUID guidPublishedSoftware = WINTRUST_ACTION_TRUSTPROVIDER_TEST
/*| WINTRUST_ACTION_GENERIC_VERIFY_V2*/;
static WINTRUST_DATA wintrustdata;
static WINTRUST_FILE_INFO fileinfo;
if(!hinstWinTrustDll)
{
hinstWinTrustDll = LoadLibraryA("wintrust.dll");
if (NULL == hinstWinTrustDll)
{
DebugMessage("Digsig lib not working..");
goto LError;
}
pfnWinVerifyTrust =
(PFnWinVerifyTrust)GetProcAddress(hinstWinTrustDll,
"WinVerifyTrustEx");
if (NULL == pfnWinVerifyTrust)
{
goto LError;
}
}
memset(&wintrustdata, 0x00, sizeof wintrustdata);
wintrustdata.cbStruct = sizeof wintrustdata;
wintrustdata.fdwRevocationChecks = WTD_REVOKE_NONE;
wintrustdata.dwStateAction = WTD_STATEACTION_IGNORE;
wintrustdata.hWVTStateData = NULL;
wintrustdata.pwszURLReference = NULL;
wintrustdata.dwUIChoice = WTD_UI_NONE;
wintrustdata.dwProvFlags = 0;
wintrustdata.dwUnionChoice = WTD_CHOICE_FILE;
wintrustdata.pFile = &fileinfo;
memset(&fileinfo, 0x00, sizeof fileinfo);
fileinfo.cbStruct = sizeof fileinfo;
fileinfo.pcwszFilePath = pwszFilePath;
fileinfo.pgKnownSubject = NULL;
fileinfo.hFile = NULL;
hr = pfnWinVerifyTrust(0, &guidPublishedSoftware, &wintrustdata);
=========================================================
Thanks
Sathish
.
- Follow-Ups:
- Re: Digital signature check on binaries
- From: satv73
- Re: Digital signature check on binaries
- References:
- Digital signature check on binaries
- From: satv73
- Re: Digital signature check on binaries
- From: Mitch Gallant
- Re: Digital signature check on binaries
- From: satv73
- Digital signature check on binaries
- Prev by Date: Re: Digital signature check on binaries
- Next by Date: Re: Digital signature check on binaries
- Previous by thread: Re: Digital signature check on binaries
- Next by thread: Re: Digital signature check on binaries
- Index(es):
Relevant Pages
|
