#include "stdafx.h"/* * An example of file signature verification using Wi

1. #include "stdafx.h"
2.  
3. /*
4.  * An example of file signature verification using WinTrust API
5.  * Derived from the sample vertrust.cpp in the Platform SDK
6.  *
7.  * Copyright (c) 2009 Mounir IDRASSI <mounir.idrassi@idrix.fr>. All rights reserved.
8.  *
9.  * This program is distributed in the hope that it will be useful,
10.  * but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
11.  * or FITNESS FOR A PARTICULAR PURPOSE.
12.  *
13.  */
14.  
15. #ifndef UNICODE
16. #define UNICODE
17. #endif
18.  
19. #ifndef _UNICODE
20. #define _UNICODE
21. #endif
22.  
23. #define _WIN32_WINNT 0x0500
24. #define WINVER       0x0500
25.  
26. #include <windows.h>
27. #include <Softpub.h>
28. #include <Wincrypt.h>
29. #include <tchar.h>
30. #include <stdlib.h>
31.  
32. #pragma comment(lib, "Crypt32.lib")
33. #pragma comment(lib, "Wintrust.lib")
34.  
35. LPTSTR GetCertificateDescription(PCCERT_CONTEXT pCertCtx)
36. {
37.    DWORD dwStrType;
38.    DWORD dwCount;
39.    LPTSTR szSubjectRDN = NULL;
40.  
41.    dwStrType = CERT_X500_NAME_STR;
42.    dwCount = CertGetNameString(pCertCtx,
43.       CERT_NAME_RDN_TYPE,
44.       0,
45.       &dwStrType,
46.       NULL,
47.       0);
48.    if (dwCount)
49.    {
50.       szSubjectRDN = (LPTSTR) LocalAlloc(0, dwCount * sizeof(TCHAR));
51.       CertGetNameString(pCertCtx,
52.          CERT_NAME_RDN_TYPE,
53.          0,
54.          &dwStrType,
55.          szSubjectRDN,
56.          dwCount);
57.    }
58.  
59.    return szSubjectRDN;
60. }
61.  
62.  
63. int _tmain(int argc, _TCHAR* argv[])
64. {
65.    GUID guidAction = WINTRUST_ACTION_GENERIC_VERIFY_V2;
66.    WINTRUST_FILE_INFO sWintrustFileInfo;
67.    WINTRUST_DATA      sWintrustData;
68.    HRESULT            hr;
69.  
70.    if (argc != 2)
71.    {
72.       _tprintf(_T("Usage: VerifyExeSignature file_name\n"));
73.       return -1;
74.    }
75.  
76.    memset((void*)&sWintrustFileInfo, 0x00, sizeof(WINTRUST_FILE_INFO));
77.    memset((void*)&sWintrustData, 0x00, sizeof(WINTRUST_DATA));
78.  
79.    sWintrustFileInfo.cbStruct = sizeof(WINTRUST_FILE_INFO);
80.    sWintrustFileInfo.pcwszFilePath = argv[1];
81.    sWintrustFileInfo.hFile = NULL;
82.  
83.    sWintrustData.cbStruct            = sizeof(WINTRUST_DATA);
84.    sWintrustData.dwUIChoice          = WTD_UI_NONE;
85.    sWintrustData.fdwRevocationChecks = WTD_REVOKE_NONE;
86.    sWintrustData.dwUnionChoice       = WTD_CHOICE_FILE;
87.    sWintrustData.pFile               = &sWintrustFileInfo;
88.    sWintrustData.dwStateAction       = WTD_STATEACTION_VERIFY;
89.  
90.    hr = WinVerifyTrust((HWND)INVALID_HANDLE_VALUE, &guidAction, &sWintrustData);
91.  
92.    if (TRUST_E_NOSIGNATURE == hr)
93.    {
94.       _tprintf(_T("No signature found on the file.\n"));
95.    }
96.    else if (TRUST_E_BAD_DIGEST == hr)
97.    {
98.       _tprintf(_T("The signature of the file is invalid\n"));
99.    }
100.    else if (TRUST_E_PROVIDER_UNKNOWN == hr)
101.    {
102.       _tprintf(_T("No trust provider on this machine can verify this type of files.\n"));
103.    }
104.    else if (S_OK != hr)
105.    {
106.       _tprintf(_T("WinVerifyTrust failed with error 0x%.8X\n"), hr);
107.    }
108.    else
109.    {
110.       _tprintf(_T("File signature is OK.\n"));
111.  
112.       // retreive the signer certificate and display its information
113.       CRYPT_PROVIDER_DATA const *psProvData     = NULL;
114.       CRYPT_PROVIDER_SGNR       *psProvSigner   = NULL;
115.       CRYPT_PROVIDER_CERT       *psProvCert     = NULL;
116.       FILETIME                   localFt;
117.       SYSTEMTIME                 sysTime;
118.  
119.       psProvData = WTHelperProvDataFromStateData(sWintrustData.hWVTStateData);
120.       if (psProvData)
121.       {
122.          psProvSigner = WTHelperGetProvSignerFromChain((PCRYPT_PROVIDER_DATA)psProvData, 0 , FALSE, 0);
123.          if (psProvSigner)
124.          {
125.             FileTimeToLocalFileTime(&psProvSigner->sftVerifyAsOf, &localFt);
126.             FileTimeToSystemTime(&localFt, &sysTime);
127.  
128.             _tprintf(_T("Signature Date = %.2d/%.2d/%.4d at %.2d:%2.d:%.2d\n"), sysTime.wDay, sysTime.wMonth,sysTime.wYear, sysTime.wHour,sysTime.wMinute,sysTime.wSecond);
129.  
130.             psProvCert = WTHelperGetProvCertFromChain(psProvSigner, 0);
131.             if (psProvCert)
132.             {
133.                LPTSTR szCertDesc = GetCertificateDescription(psProvCert->pCert);
134.                if (szCertDesc)
135.                {
136.                   _tprintf(_T("File Signer = %s\n"), szCertDesc);
137.                   LocalFree(szCertDesc);
138.                }
139.             }
140.  
141.             if (psProvSigner->csCounterSigners)
142.             {
143.                _tprintf(_T("\n"));
144.                // Timestamp information
145.                FileTimeToLocalFileTime(&psProvSigner->pasCounterSigners[0].sftVerifyAsOf, &localFt);
146.                FileTimeToSystemTime(&localFt, &sysTime);
147.  
148.                _tprintf(_T("Timestamp Date = %.2d/%.2d/%.4d at %.2d:%2.d:%.2d\n"), sysTime.wDay, sysTime.wMonth,sysTime.wYear, sysTime.wHour,sysTime.wMinute,sysTime.wSecond);              
149.                psProvCert = WTHelperGetProvCertFromChain(&psProvSigner->pasCounterSigners[0], 0);
150.                if (psProvCert)
151.                {
152.                   LPTSTR szCertDesc = GetCertificateDescription(psProvCert->pCert);
153.                   if (szCertDesc)
154.                   {
155.                      _tprintf(_T("Timestamp Signer = %s\n"), szCertDesc);
156.                      LocalFree(szCertDesc);
157.                   }
158.                }
159.             }
160.          }
161.       }
162.    }
163.    
164.    sWintrustData.dwUIChoice = WTD_UI_NONE;
165.    sWintrustData.dwStateAction = WTD_STATEACTION_CLOSE;
166.    WinVerifyTrust((HWND)INVALID_HANDLE_VALUE, &guidAction, &sWintrustData);
167.  
168.     return 0;
169. }