Re: Re: Verify digital signature of an executable file

Home Forums Discussions General Discussion Verify digital signature of an executable file Re: Re: Verify digital signature of an executable file

#6234

sorin_v
Participant

Hello,

The WINTRUST_CATALOG_INFO is filled like this:

//*****************************************************************************************//

WINTRUST_CATALOG_INFO CatalogData = {0};
CATALOG_INFO CatInfo = {0};
DWORD dw;
BYTE byHash[100];
wchar_t* pwszMemberTag = NULL;

/*…*/

// Initialize the WINTRUST_CATALOG_INFO structure.
CatalogData.cbStruct = sizeof(WINTRUST_CATALOG_INFO);
CatalogData.pcwszCatalogFilePath = CatInfo.wszCatalogFile;
CatalogData.pcwszMemberTag = pwszMemberTag;
CatalogData.pcwszMemberFilePath = pwszSourceFile;
CatalogData.pbCalculatedFileHash = byHash;
CatalogData.cbCalculatedFileHash = cbHash;

//*****************************************************************************************//

The pwszMemberTag variable it’s calculated as follows:

//*****************************************************************************************//

pwszMemberTag = (wchar_t*) malloc(sizeof(wchar_t) * (2 * cbHash + 1));
for ( dw = 0; dw < cbHash; ++dw )
{
wsprintfW( &pwszMemberTag[dw * 2], L”%02X”, byHash[dw] );
}

//*****************************************************************************************//

The other variables that fill the WINTRUST_CATALOG_INFO structure are obtained using CryptCatXXX functions.

Good luck!

Sorin