Home › Forums › Discussions › General › Verify digital signature of an executable file › Reply To: Verify digital signature of an executable file
Hello,
Thanks for your reply..
I took your advice and had a closer look at SigCheck and found out that SigCheck passes to WINTRUST_DATA structure (the third parameter of WinVerifyTrust function) a pointer to a catalog file.
Here is how WINTRUST_DATA structure looks when WinVerifyTrust function is first called be SigCheck:
WINTRUST_DATA members and values:
cbStruct=48
pPolicyCallbackData=0x00000000
pSIPClientData=0x00000000
dwUIChoice=2 //WTD_UI_NONE
fdwRevocationChecks=0 //WTD_REVOKE_NONE
dwUnionChoice=2 //WTD_CHOICE_CATALOG
pCatalog=0x0012e570
—>cbStruct=36
—>dwCatalogVersion=0
—>pcwszCatalogFilePath=0x0012e5ec “C:WINDOWSsystem32CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}NT5.CAT”
—>pcwszMemberTag=0x0012e594 “8CD65FA193E9D11D5C1D946CFC003FB03F21D2F2”
—>pcwszMemberFilePath=0x0012f73c “c:windowsnotepad.exe”
—>hMemberFile=0x00000000
—>pbCalculatedFileHash=0x0012e55c
—>cbCalculatedFileHash=20
—>pcCatalogContext=0x00000000
dwStateAction=1 //WTD_STATEACTION_VERIFY
hWVTStateData=0x00000000
pwszURLReference=0x00000000
dwProvFlags=0
dwUIContext=0 //WTD_UICONTEXT_EXECUTE
How could I determine what catalog file should be used for a specified file?
Thanks!
Sorin