C-验证代码签名-Windows API
|
我需要验证二进制代码的签名。我认为是Microsoft Authenticode。是否有使用Windows API的明智方法?
没有找到相关结果
已邀请:
2 个回复
公藕
了吗?由于尚不清楚如何使用它来验证二进制文件的签名,因此您可能希望查看专门用于该示例代码。坊岔埠绵
BOOL VerifyEmbeddedSignature(LPCWSTR pwszSourceFile) { LONG lStatus; GUID WintrustVerifyGuid = WINTRUST_ACTION_GENERIC_VERIFY_V2; GUID DriverActionGuid = DRIVER_ACTION_VERIFY; HANDLE hFile; DWORD dwHash; BYTE bHash[100]; HCATINFO hCatInfo; HCATADMIN hCatAdmin; WINTRUST_DATA wd = { 0 }; WINTRUST_FILE_INFO wfi = { 0 }; WINTRUST_CATALOG_INFO wci = { 0 }; ////set up structs to verify files with cert signatures memset(&wfi, 0, sizeof(wfi)); wfi.cbStruct = sizeof( WINTRUST_FILE_INFO ); wfi.pcwszFilePath = pwszSourceFile; wfi.hFile = NULL; wfi.pgKnownSubject = NULL; memset(&wd, 0, sizeof(wd)); wd.cbStruct = sizeof( WINTRUST_DATA ); wd.dwUnionChoice = WTD_CHOICE_FILE; wd.pFile = &wfi; wd.dwUIChoice = WTD_UI_NONE; wd.fdwRevocationChecks = WTD_REVOKE_NONE; wd.dwStateAction = 0; wd.dwProvFlags = WTD_SAFER_FLAG; wd.hWVTStateData = NULL; wd.pwszURLReference = NULL; wd.pPolicyCallbackData = NULL; wd.pSIPClientData = NULL; wd.dwUIContext = 0; lStatus = WinVerifyTrust( NULL, &WintrustVerifyGuid, &wd ); ////if failed, try to verify using catalog files if (lStatus != ERROR_SUCCESS) { //open the file hFile = CreateFileW(pwszSourceFile, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); if (hFile == INVALID_HANDLE_VALUE) return FALSE; dwHash = sizeof(bHash); if (!CryptCATAdminCalcHashFromFileHandle(hFile, &dwHash, bHash, 0)) { CloseHandle(hFile); return FALSE; } //Create a string form of the hash (used later in pszMemberTag) LPWSTR pszMemberTag = new WCHAR[dwHash * 2 + 1]; for ( DWORD dw = 0; dw < dwHash; ++dw ) { wsprintfW( &pszMemberTag[dw * 2], L\"%02X\", bHash[dw] ); } if (!CryptCATAdminAcquireContext(&hCatAdmin, &DriverActionGuid, 0)) { CloseHandle(hFile); return FALSE; } //find the catalog which contains the hash hCatInfo = CryptCATAdminEnumCatalogFromHash(hCatAdmin, bHash, dwHash, 0, NULL); if ( hCatInfo ) { CATALOG_INFO ci = { 0 }; CryptCATCatalogInfoFromContext( hCatInfo, &ci, 0 ); memset(&wci, 0, sizeof(wci)); wci.cbStruct = sizeof( WINTRUST_CATALOG_INFO ); wci.pcwszCatalogFilePath = ci.wszCatalogFile; wci.pcwszMemberFilePath = pwszSourceFile; wci.pcwszMemberTag = pszMemberTag; memset(&wd, 0, sizeof(wd)); wd.cbStruct = sizeof( WINTRUST_DATA ); wd.dwUnionChoice = WTD_CHOICE_CATALOG; wd.pCatalog = &wci; wd.dwUIChoice = WTD_UI_NONE; wd.fdwRevocationChecks = WTD_STATEACTION_VERIFY; wd.dwProvFlags = 0; wd.hWVTStateData = NULL; wd.pwszURLReference = NULL; wd.pPolicyCallbackData = NULL; wd.pSIPClientData = NULL; wd.dwUIContext = 0; lStatus = WinVerifyTrust( NULL, &WintrustVerifyGuid, &wd ); CryptCATAdminReleaseCatalogContext( hCatAdmin, hCatInfo, 0 ); } CryptCATAdminReleaseContext( hCatAdmin, 0 ); delete[] pszMemberTag; CloseHandle(hFile); } if (lStatus != ERROR_SUCCESS) return false; else return true; }