Code Signing Verification
-
I understand that I can use WinVerifyTrust()[^] to validate a PE file's signature. But it looks as if this will only tell me if the signature is A) valid and B) from a trusted publisher. How do I verify that the signature is from a specific publisher? For instance, I'm worried someone could strip a signature, modify the file, then sign it with their own certificate. The signature in this case would check out, but it wouldn't be from the original publisher. Is there a way to verify the specific publisher, or is there something about code signing I don't understand?
The difficult we do right away... ...the impossible takes slightly longer.
-
I understand that I can use WinVerifyTrust()[^] to validate a PE file's signature. But it looks as if this will only tell me if the signature is A) valid and B) from a trusted publisher. How do I verify that the signature is from a specific publisher? For instance, I'm worried someone could strip a signature, modify the file, then sign it with their own certificate. The signature in this case would check out, but it wouldn't be from the original publisher. Is there a way to verify the specific publisher, or is there something about code signing I don't understand?
The difficult we do right away... ...the impossible takes slightly longer.
I would have thought CryptQueryObject was heading down the path you wish to travel (gawd, what have I swallowed, a dictionary ?) .. https://support.microsoft.com/en-us/kb/323809[^]
-
I would have thought CryptQueryObject was heading down the path you wish to travel (gawd, what have I swallowed, a dictionary ?) .. https://support.microsoft.com/en-us/kb/323809[^]
Bingo! Thank you very much. :-D
The difficult we do right away... ...the impossible takes slightly longer.
