Re: Re: Verify digital signature of an executable file

Home Forums Discussions General Verify digital signature of an executable file Re: Re: Verify digital signature of an executable file

#6234
Anonymous

    Hello,

    The WINTRUST_CATALOG_INFO is filled like this:

    //*****************************************************************************************//

    WINTRUST_CATALOG_INFO CatalogData = {0};
    CATALOG_INFO CatInfo = {0};
    DWORD dw;
    BYTE byHash[100];
    wchar_t* pwszMemberTag = NULL;

    /*…*/

    // Initialize the WINTRUST_CATALOG_INFO structure.
    CatalogData.cbStruct = sizeof(WINTRUST_CATALOG_INFO);
    CatalogData.pcwszCatalogFilePath = CatInfo.wszCatalogFile;
    CatalogData.pcwszMemberTag = pwszMemberTag;
    CatalogData.pcwszMemberFilePath = pwszSourceFile;
    CatalogData.pbCalculatedFileHash = byHash;
    CatalogData.cbCalculatedFileHash = cbHash;

    //*****************************************************************************************//

    The pwszMemberTag variable it’s calculated as follows:

    //*****************************************************************************************//

    pwszMemberTag = (wchar_t*) malloc(sizeof(wchar_t) * (2 * cbHash + 1));
    for ( dw = 0; dw < cbHash; ++dw )
    {
    wsprintfW( &pwszMemberTag[dw * 2], L”%02X”, byHash[dw] );
    }

    //*****************************************************************************************//

    The other variables that fill the WINTRUST_CATALOG_INFO structure are obtained using CryptCatXXX functions.

    Good luck!

    Sorin