Verify the digital signature of the PE File

360 this type of software can verify the digital signature in the downloaded executable file. If the digital signature is normal, the system prompts security. If there is no digital signature, or the root certificate is untrusted, the system will prompt that the file is unknown.

So how to implement it in the program?

// Code sharing is as follows. It passes debugging on Win2k SP4/WINXP SP2. Bool checkfiletrust (lpcwstr lpfilename) {bool Bret = false; wintrust_data WD = {0}; wintrust_file_info WFI = {0}; invalid WCI = {0}; catg_aloinfo CI = {0 }; hcatadmin = NULL; If (! Cryptcatadminacquirecontext (& hcatadmin, null, 0) {return false;} Handle hfile = createfilew (lpfilename, generic_read, file_share_read, null, open_existing, 0, null ); if (invalid_handle_value = hfile) {cryptcatadminreleasecontext (hcatadmin, 0); Return false;} DWORD dwcnt = 100; byte byhash [100]; values (hfile, & dwcnt, byhash, 0); closehandle (hfile); lpw STR pszmembertag = new wchar [dwcnt * 2 + 1]; for (dword dw = 0; DW <dwcnt; ++ DW) {wsprintfW (& pszmembertag [DW * 2], L "% 02x", byhash [DW]);} hcatinfo = cryptcatadminenumcatalogfromhash (hcatadmin, byhash, dwcnt, 0, null); If (null = hcatinfo) {WFI. cbstruct = sizeof (wintrust_file_info); WFI. pcwszfilepath = lpfilename; WFI. hfile = NULL; WFI. pgknownsubject = NULL; WD. cbstruct = Si Zeof (wintrust_data); WD. dwunionchoice = wtd_choice_file; WD. pfile = & WFI; WD. dwuichoice = wtd_ui_none; WD. fdwrevocationchecks = wtd_revoke_none; WD. dwstateaction = wtd_stateaction_ignore; WD. dwprovflags = wtd_safer_flag; WD. hwvtstatedata = NULL; WD. pwszurlreference = NULL;} else {cryptcataloginfofromcontext (hcatinfo, & CI, 0); WCI. cbstruct = sizeof (wintrust_catalog_info); WCI. pcwszcatalo Gfilepath = CI. wszcatalogfile; WCI. pcwszmemberfilepath = lpfilename; WCI. pcwszmembertag = pszmembertag; WD. cbstruct = sizeof (wintrust_data); WD. dwunionchoice = wtd_choice_catalog; WD. pcatalog = & WCI; WD. dwuichoice = wtd_ui_none; WD. fdwrevocationchecks = wtd_stateaction_verify; WD. dwprovflags = 0; WD. hwvtstatedata = NULL; WD. pwszurlreference = NULL;} guid action = wintrust_action_generic_verify _ V2; hresult hR = winverifytrust (null, & Action, & WD); Bret = succeeded (HR); If (null! = Hcatinfo) {cryptcatadminreleasecatalogcontext (hcatadmin, hcatinfo, 0);} cryptcatadminreleasecontext (hcatadmin, 0); // 2007.4.10 thank you for pointing out a memory leak Delete [] pszmembertag; return Bret ;}

This code was inadvertently searched on a foreigner's Forum and looks like a German (because his comments are not written in English, and German only guesses, the Delphi code written in Spain, Portugal, France, and Russia is also possible. It uses wintrust. DLL. Friends who use vs2005 can include wintrust. h. softpub. H and mscat. h, and add wintrust. LIB; if you are using vc6, you can refer to the function and struct Declaration on msdn and call it using the function pointer.

 

Using Windows API to verify the digital signature, you can determine whether the file has a digital signature and whether it has passed the verification. It seems that the signature information cannot be read:
Example C program: verifying the signature of a PE File
Http://msdn.microsoft.com/en-us/library/aa382384.aspx

C #: determining if a file has a valid digital signature
Http://geekswithblogs.net/robp/archive/2007/05/04/112250.aspx

 

Note:

This article Reprinted from: http://topic.csdn.net/u/20110303/22/0400553c-c025-489e-a4d4-564b8b5f052c.html

Http://www.cnblogs.com/flying_bat/archive/2007/09/20/900008.html