在没有CAPICOM的EXE - C ++上验证Authenticode签名 [英] Validate Authenticode signature on EXE - C++ without CAPICOM

问题描述

我正在为安装程序DLL编写函数，以验证系统上已安装的EXE文件的Authenticode签名。

该函数需要：

A）验证签名是否有效。

B）验证签名者是我们的组织。

因为这是在一个安装程序，并且因为这需要运行在较旧的Win2k安装，我不对于CAPICOM.dll，因为它可能不在目标系统上。

WinVerifyTrust API非常适合解决（A）。

解决方案

您应该找到一个方法来比较一个已知的证书（或其中的属性）请使用 CryptQueryObject 。

此KB文章演示如何使用：如何从Authenticode签名获取信息可执行文件。

有关如何在没有Windows-API的情况下如何操作的评论者，我不知道任何可以做到的库，格式在此处记录： Windows身份验证码便携式可执行签名格式

I'm writing a function for an installer DLL to verify the Authenticode signature of EXE files already installed on the system.

The function needs to:

A) verify that the signature is valid.
B) verify that the signer is our organization.

Because this is in an installer, and because this needs to run on older Win2k installations, I don't want to rely on CAPICOM.dll, as it may not be on the target system.

The WinVerifyTrust API works great to solve (A).

I need to find a way to compare a known certificate (or properties therein) to the one that signed the EXE in question.

解决方案

You should use CryptQueryObject.

This KB-article demonstrates the use: How To Get Information from Authenticode Signed Executables.

To the commenter that asked about how to do it without the Windows-APIs, I am not aware of any library that can do it, but the format is documented here: Windows Authenticode Portable Executable Signature Format

这篇关于在没有CAPICOM的EXE - C ++上验证Authenticode签名的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！