在没有CAPICOM的EXE - C ++上验证Authenticode签名 [英] Validate Authenticode signature on EXE - C++ without CAPICOM
问题描述
我正在为安装程序DLL编写函数,以验证系统上已安装的EXE文件的Authenticode签名。
该函数需要:
A)验证签名是否有效。
B)验证签名者是我们的组织。
因为这是在一个安装程序,并且因为这需要运行在较旧的Win2k安装,我不对于CAPICOM.dll,因为它可能不在目标系统上。
WinVerifyTrust API非常适合解决(A)。
您应该找到一个方法来比较一个已知的证书(或其中的属性)请使用 CryptQueryObject 。
此KB文章演示如何使用:如何从Authenticode签名获取信息可执行文件。
有关如何在没有Windows-API的情况下如何操作的评论者,我不知道任何可以做到的库,格式在此处记录: Windows身份验证码便携式可执行签名格式
I'm writing a function for an installer DLL to verify the Authenticode signature of EXE files already installed on the system.
The function needs to:
A) verify that the signature is valid.
B) verify that the signer is our organization.
Because this is in an installer, and because this needs to run on older Win2k installations, I don't want to rely on CAPICOM.dll, as it may not be on the target system.
The WinVerifyTrust API works great to solve (A).
I need to find a way to compare a known certificate (or properties therein) to the one that signed the EXE in question.
You should use CryptQueryObject.
This KB-article demonstrates the use: How To Get Information from Authenticode Signed Executables.
To the commenter that asked about how to do it without the Windows-APIs, I am not aware of any library that can do it, but the format is documented here: Windows Authenticode Portable Executable Signature Format
这篇关于在没有CAPICOM的EXE - C ++上验证Authenticode签名的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!