[prev in list] [next in list] [prev in thread] [next in thread]
List: ms-cryptoapi
Subject: Re: Extract certificate and signature from signed EXE?
From: Soumik Sarkar <Soumik_Sarkar () PHOENIX ! COM>
Date: 2002-05-30 18:44:02
[Download RAW message or body]
Then the MSDN documentation on CryptQueryObject is incorrect.
-----Original Message-----
From: Daniel Sie [mailto:dsie@WINDOWS.MICROSOFT.COM]
Sent: Thursday, May 30, 2002 11:42 AM
To: CryptoAPI@DISCUSS.MICROSOFT.COM
Subject: Re: Extract certificate and signature from signed EXE?
That is incorrect. I am sure it is available with IE 5.0.
Thanks.
-----Original Message-----
From: Soumik Sarkar [mailto:Soumik_Sarkar@PHOENIX.COM]
Sent: Thursday, May 30, 2002 11:40 AM
To: CryptoAPI@DISCUSS.MICROSOFT.COM
Subject: Re: Extract certificate and signature from signed EXE?
But remember, CryptQueryObject is not supported on 95/98/Me Soumik.
-----Original Message-----
From: Daniel Sie [mailto:dsie@WINDOWS.MICROSOFT.COM]
Sent: Thursday, May 30, 2002 10:10 AM
To: CryptoAPI@DISCUSS.MICROSOFT.COM
Subject: Re: Extract certificate and signature from signed EXE?
The Image* APIs work only for EXE, DLL, and CAB files. They won't work
for other Authenticode signed files, such as VBS.
Use the following code, instead:
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++
This code is provided for illustration purpose only.
Linked with Crypt32.lib.
------------------------------------------------------------------------
----*/
#include <stdio.h>
#include <crtdbg.h>
#include <windows.h>
#include <wincrypt.h>
int wmain (int argc, LPWSTR argv[])
{
int nRetCode = 0;
HCERTSTORE hCertStore = NULL;
HCRYPTMSG hCryptMsg = NULL;
DWORD dwContentType = 0;
DWORD dwExpectedType =
CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED;
DWORD cbData = 0;
CMSG_SIGNER_INFO * pSignerInfo = NULL;
CERT_INFO CertInfo = {0};
PCCERT_CONTEXT pCertContext = NULL;
LPWSTR pwszSubjectName = NULL;
__try
{
// Check command parameters.
if (2 != argc)
{
nRetCode = E_INVALIDARG;
printf("Usage: %s AuthenticodeSignedFileName\n", argv[0]);
__leave;
}
// Retrieve the signed executable's HCRYPTMSG and HCERTSTORE.
if (!CryptQueryObject(CERT_QUERY_OBJECT_FILE,
(LPCVOID) argv[1],
dwExpectedType,
CERT_QUERY_FORMAT_FLAG_BINARY,
0,
NULL,
&dwContentType,
NULL,
&hCertStore,
&hCryptMsg,
NULL))
{
nRetCode = GetLastError();
printf("Error [%#x]: CryptQueryObject() failed.\n",
nRetCode);
__leave;
}
// Sanity check.
_ASSERT(CERT_QUERY_CONTENT_PKCS7_SIGNED_EMBED == dwContentType);
// Use low level messaging API to retrieve signer's info.
if (!CryptMsgGetParam(hCryptMsg,
CMSG_SIGNER_INFO_PARAM,
0,
NULL,
&cbData))
{
nRetCode = GetLastError();
printf("Error [%#x]: CryptMsgGetParam() failed.\n",
nRetCode);
__leave;
}
if (!(pSignerInfo = (CMSG_SIGNER_INFO *) malloc(cbData)))
{
nRetCode = E_OUTOFMEMORY;
printf("Error [%#x]: malloc() failed.\n", nRetCode);
__leave;
}
if (!CryptMsgGetParam(hCryptMsg,
CMSG_SIGNER_INFO_PARAM,
0,
pSignerInfo,
&cbData))
{
nRetCode = GetLastError();
printf("Error [%#x]: CryptMsgGetParam() failed.\n",
nRetCode);
__leave;
}
// Find signer's cert in store.
CertInfo.Issuer = pSignerInfo->Issuer;
CertInfo.SerialNumber = pSignerInfo->SerialNumber;
if (!(pCertContext = CertFindCertificateInStore(hCertStore,
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
0,
CERT_FIND_SUBJECT_CERT,
(LPVOID)
&CertInfo,
NULL)))
{
nRetCode = GetLastError();
printf("Error [%#x]: CryptMsgGetParam() failed.\n",
nRetCode);
__leave;
}
// Retrieve signer's simple name.
if (!(cbData = CertGetNameStringW(pCertContext,
CERT_NAME_SIMPLE_DISPLAY_TYPE,
0,
NULL,
NULL,
0)))
{
nRetCode = CRYPT_E_NOT_FOUND;
printf("Error [%#x]: CertGetNameString() failed.\n",
nRetCode);
__leave;
}
if (!(pwszSubjectName = (LPWSTR) malloc(cbData)))
{
nRetCode = E_OUTOFMEMORY;
printf("Error [%#x]: malloc() failed.\n", nRetCode);
__leave;
}
if (!(cbData = CertGetNameStringW(pCertContext,
CERT_NAME_SIMPLE_DISPLAY_TYPE,
0,
NULL,
pwszSubjectName,
cbData)))
{
nRetCode = CRYPT_E_NOT_FOUND;
printf("Error [%#x]: CertGetNameString() failed.\n",
nRetCode);
__leave;
}
// Display signer's simple name.
printf("%ls was signed by %ls.\n", argv[1], pwszSubjectName);
}
__finally
{
// Clean up - left as an exercise for the reader.
}
return nRetCode;
}
-----Original Message-----
From: Tony Selke [mailto:tony.selke@SCALA.COM]
Sent: Thursday, May 30, 2002 9:48 AM
To: CryptoAPI@DISCUSS.MICROSOFT.COM
Subject: Re: Extract certificate and signature from signed EXE?
Thank you so much for your assistance. I am now successfully iterating
through the certificates attached to an EXE and pulling their data into
a byte array.
Tony
----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html . To unsubscribe,
mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html . To unsubscribe,
mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html . To unsubscribe,
mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic