Hello!
I'm trying to verify the signature of a specific application during startup by the help of ci.dll / CiValidateFileObject.
It seems to be working on test signed environments, however signing the driver results in INVALID_IMAGE_HASH.
Some similar problem here: Inconsistencies in working with Authenticode signed executables · Issue #5 · Ido-Moshe-Github/CiDllDemo · GitHub
Is this API only for microsoft signed binaries now? Blog posts from 2020 or so seems to be telling otherwise.
Any knowledge on the topic would be appreciated, or any alternative way to verify a PE's signature. (My usermode is signed by EV cert)