Hi,
In our project, we need to retrieve all signing certificates from a PE file on windows 7 and above versions.
To achieve this, we are using following API
LONG WINAPI WinVerifyTrust(
In HWND hWnd,
In GUID *pgActionID,
In LPVOID pWVTData
);
If the trust verification is successful, then we fetch signer information from pWVTData->hWVTStateData, using WTHelperProvDataFromStateData API and WTHelperGetProvSignerFromChain API.
The problem is that for windows 7 and below, we can retrieved only one certificate chain, (even if PE file is signed with multiple certificates), because WINTRUST_DATA data structure has support for pSignatureSettings attribute only for Windows 8 and above.
So, my question is that, is there any way we can retrieve all signing certificates from a PE file on windows 7.
Thank you
Deepak
I believe there may be .Net functions that can parse the signature data.
Jan
On 10/19/16, 12:45 AM, “xxxxx@lists.osr.com on behalf of xxxxx@gmail.com” wrote:
Hi,
In our project, we need to retrieve all signing certificates from a PE file on windows 7 and above versions.
To achieve this, we are using following API
LONG WINAPI WinVerifyTrust(
In HWND hWnd,
In GUID *pgActionID,
In LPVOID pWVTData
);
If the trust verification is successful, then we fetch signer information from pWVTData->hWVTStateData, using WTHelperProvDataFromStateData API and WTHelperGetProvSignerFromChain API.
The problem is that for windows 7 and below, we can retrieved only one certificate chain, (even if PE file is signed with multiple certificates), because WINTRUST_DATA data structure has support for pSignatureSettings attribute only for Windows 8 and above.
So, my question is that, is there any way we can retrieve all signing certificates from a PE file on windows 7.
Thank you
Deepak
—
NTDEV is sponsored by OSR
Visit the list online at: http:
MONTHLY seminars on crash dump analysis, WDF, Windows internals and software drivers!
Details at http:
To unsubscribe, visit the List Server section of OSR Online at http:</http:></http:></http:>