WinVerifyTrust on legacy Win9x?
-
I'm interested in finding a method to verify the digital signature of a file so that I'll know if it's been altered since I signed it. I looked at WinVerifyTrust(), but it only exists in NT/XP - not Win9x (which I still need to support). Microsoft does however have a tool called ChkTrust.exe Does anyone know "how" chktrust.exe works under win9x? [ Jason De Arte | Toy Maker | 1001010.com ]
-
I'm interested in finding a method to verify the digital signature of a file so that I'll know if it's been altered since I signed it. I looked at WinVerifyTrust(), but it only exists in NT/XP - not Win9x (which I still need to support). Microsoft does however have a tool called ChkTrust.exe Does anyone know "how" chktrust.exe works under win9x? [ Jason De Arte | Toy Maker | 1001010.com ]
Well, after a few hours of digging and testing my theories - I've answered my own question. There's this thing called CAPICOM.DLL that provides a number of com interfaces for checking the authenticode signature on a file. And it even (as the rumor goes) have a redistributable for win98! With a little work, I'm sure somebody with more time on their hands than I, could write up a full featured article that also Signs and timestamps a file. :)
#ifndef __SIGNED_CODE_H__ #define __SIGNED_CODE_H__ // 2004.Oct.03.JED - A quick tool to check the signatures of an Authenticode signed file // coded under DevStudio6 for an ATL/WTL project // MSDN Docs // http://msdn.microsoft.com/library/default.asp?url=/library/en-us/seccrypto/security/signedcode.asp // Get the typelib header info #import "capicom.dll" named_guids no_implementation #pragma once class CSignedCode { protected: CComQIPtr<CAPICOM::ISignedCode> m_spSignedCode; public: CSignedCode(LPCTSTR pszFileName) { HRESULT hr = m_spSignedCode.CoCreateInstance(CAPICOM::CLSID_SignedCode); if( SUCCEEDED(hr) && pszFileName && *pszFileName ) SetFileName( pszFileName ); } // The act of setting the filename starts the Authenticode check HRESULT SetFileName( LPCTSTR pszFileName ) { if( !m_spSignedCode ) return E_POINTER; return m_spSignedCode->put_FileName( CComBSTR(pszFileName) ); } // XP SP2, calling with TRUE displays the warning dialog that is displayed // when you run an EXE you just downloaded. // THIS DOES NOT DO THE ACTUAL CHECK - SetFileName does HRESULT Verify(BOOL bAllowWindowsPromptUI) { if( !m_spSignedCode ) return E_POINTER; return m_spSignedCode->raw_Verify(bAllowWindowsPromptUI?VARIANT_TRUE:VARIANT_FALSE); } HRESULT GetDescription(CString& rstrDescription) { if( !m_spSignedCode ) return E_POINTER; CComBSTR bs; HRESULT hr = m_spSignedCode->get_Description(&bs); if( SUCCEEDED(hr) ) rstrDescription = bs; return hr; } HRESULT GetURL(CString& rstrDescriptionURL) { if( !m_spSignedCode ) return E_POINTER; CComBSTR bs; HRESULT hr = m_spSignedCode->get_DescriptionURL(&bs); if( SUCCEEDED(hr) ) rstrDescriptionURL = bs; return hr; } HRESULT GetFileName(CString& rstrFileName) { if( !m_spSignedCode ) return E_POINTER; CComBSTR bs; HRESULT hr = m_spSignedCode->get_FileName(&bs); if( SUCCEEDED(hr) ) rstrFileName = bs; return hr; } }; #endif //__SIGNED_CODE_H__