Reply To: Verify digital signature of an executable file

Home Forums Discussions General Verify digital signature of an executable file Reply To: Verify digital signature of an executable file

#6228
Anonymous

    Hello,

    Thanks for your reply..
    I took your advice and had a closer look at SigCheck and found out that SigCheck passes to WINTRUST_DATA structure (the third parameter of WinVerifyTrust function) a pointer to a catalog file.
    Here is how WINTRUST_DATA structure looks when WinVerifyTrust function is first called be SigCheck:

    WINTRUST_DATA members and values:
    cbStruct=48
    pPolicyCallbackData=0x00000000
    pSIPClientData=0x00000000
    dwUIChoice=2 //WTD_UI_NONE
    fdwRevocationChecks=0 //WTD_REVOKE_NONE
    dwUnionChoice=2 //WTD_CHOICE_CATALOG
    pCatalog=0x0012e570
    —>cbStruct=36
    —>dwCatalogVersion=0
    —>pcwszCatalogFilePath=0x0012e5ec “C:WINDOWSsystem32CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}NT5.CAT”
    —>pcwszMemberTag=0x0012e594 “8CD65FA193E9D11D5C1D946CFC003FB03F21D2F2”
    —>pcwszMemberFilePath=0x0012f73c “c:windowsnotepad.exe”
    —>hMemberFile=0x00000000
    —>pbCalculatedFileHash=0x0012e55c
    —>cbCalculatedFileHash=20
    —>pcCatalogContext=0x00000000
    dwStateAction=1 //WTD_STATEACTION_VERIFY
    hWVTStateData=0x00000000
    pwszURLReference=0x00000000
    dwProvFlags=0
    dwUIContext=0 //WTD_UICONTEXT_EXECUTE

    How could I determine what catalog file should be used for a specified file?
    Thanks!

    Sorin