C++ 在windows 8上从mmc.exe获取数字签名
我有一个尝试验证mmc.exe(服务)签名的应用程序。(我认为应用程序的上下文无关紧要)我正在尝试使用winapi函数,但两者都失败了 WinVerifyTrust。当我尝试从目录中进行验证时,我得到了TRUST_E_BAD_DIGEST,并且 尝试使用文件信息时,请信任\u E\u NOSIGNATURE。非常重要的一点是,我的函数在win7、XP上成功,但在win8上失败 这是函数的代码段C++ 在windows 8上从mmc.exe获取数字签名,c++,windows-8,digital-signature,winverifytrust,C++,Windows 8,Digital Signature,Winverifytrust,我有一个尝试验证mmc.exe(服务)签名的应用程序。(我认为应用程序的上下文无关紧要)我正在尝试使用winapi函数,但两者都失败了 WinVerifyTrust。当我尝试从目录中进行验证时,我得到了TRUST_E_BAD_DIGEST,并且 尝试使用文件信息时,请信任\u E\u NOSIGNATURE。非常重要的一点是,我的函数在win7、XP上成功,但在win8上失败 这是函数的代码段 CATALOG_INFO InfoStruct = {0}; InfoStruct.cbStruct
CATALOG_INFO InfoStruct = {0};
InfoStruct.cbStruct = sizeof(CATALOG_INFO);
WINTRUST_CATALOG_INFO WintrustCatalogStructure = {0};
WintrustCatalogStructure.cbStruct = sizeof(WINTRUST_CATALOG_INFO);
WINTRUST_FILE_INFO WintrustFileStructure = {0};
WintrustFileStructure.cbStruct = sizeof(WINTRUST_FILE_INFO);
GUID ActionGuid = WINTRUST_ACTION_GENERIC_VERIFY_V2;
//Get a context for signature verification.
HCATADMIN Context = NULL;
if(!::CryptCATAdminAcquireContext(&Context, NULL, 0) ){
return false;
}
//Open file.
cx_handle hFile(::CreateFileW(filename_.c_str(), GENERIC_READ, 7, NULL, OPEN_EXISTING, 0, NULL));
if( INVALID_HANDLE_VALUE == (HANDLE)hFile )
{
CryptCATAdminReleaseContext(Context, 0);
return false;
}
//Get the size we need for our hash.
DWORD HashSize = 0;
::CryptCATAdminCalcHashFromFileHandle(hFile, &HashSize, NULL, 0);
if( HashSize == 0 )
{
//0-sized has means error!
::CryptCATAdminReleaseContext(Context, 0);
return false;
}
//Allocate memory.
buffer hashbuf(HashSize);
//Actually calculate the hash
if( !CryptCATAdminCalcHashFromFileHandle(hFile, &HashSize, hashbuf.data, 0) )
{
CryptCATAdminReleaseContext(Context, 0);
return false;
}
//Convert the hash to a string.
buffer MemberTag(((HashSize * 2) + 1) * sizeof(wchar_t));
for( unsigned int i = 0; i < HashSize; i++ ){
swprintf(&((PWCHAR)MemberTag.data)[i * 2], L"%02X", hashbuf.data[i ]);
}
//Get catalog for our context.
HCATINFO CatalogContext = CryptCATAdminEnumCatalogFromHash(Context, hashbuf, HashSize, 0, NULL);
if ( CatalogContext )
{
//If we couldn't get information
if ( !CryptCATCatalogInfoFromContext(CatalogContext, &InfoStruct, 0) )
{
//Release the context and set the context to null so it gets picked up below.
CryptCATAdminReleaseCatalogContext(Context, CatalogContext, 0);
CatalogContext = NULL;
}
}
//If we have a valid context, we got our info.
//Otherwise, we attempt to verify the internal signature.
WINTRUST_DATA WintrustStructure = {0};
WintrustStructure.cbStruct = sizeof(WINTRUST_DATA);
if( !CatalogContext )
{
load_signature_verification_from_file_info(WintrustFileStructure, WintrustStructure);
}
else
{
load_signature_verification_from_catalog(WintrustStructure, WintrustCatalogStructure, InfoStruct, MemberTag);
}
//Call our verification function.
long verification_res = ::WinVerifyTrust(0, &ActionGuid, &WintrustStructure);
//Check return.
bool is_success = SUCCEEDED(verification_res) ? true : false;
// if failed with CatalogContext, try with FILE_INFO
if(!is_success && CatalogContext && verification_res != TRUST_E_NOSIGNATURE)
{
//warning2(L"Failed verification with Catalog Context: 0x%x %s ; Retrying with FILE_INFO.", verification_res, (const wchar_t*)format_last_error(verification_res));
load_signature_verification_from_file_info(WintrustFileStructure, WintrustStructure);
verification_res = ::WinVerifyTrust(0, &ActionGuid, &WintrustStructure);
is_success = SUCCEEDED(verification_res) ? true : false;
}
if(perr && !is_success && verification_res != TRUST_E_NOSIGNATURE)
{
perr->code = verification_res;
perr->description = format_last_error(verification_res);
}
//Free context.
if( CatalogContext ){
::CryptCATAdminReleaseCatalogContext(Context, CatalogContext, 0);
}
//If we successfully verified, we need to free.
if( is_success )
{
WintrustStructure.dwStateAction = WTD_STATEACTION_CLOSE;
::WinVerifyTrust(0, &ActionGuid, &WintrustStructure);
}
::CryptCATAdminReleaseContext(Context, 0);
return is_success;
CATALOG_INFO InfoStruct={0};
InfoStruct.cbStruct=sizeof(目录信息);
WINTRUST_CATALOG_INFO WintrustCatalogStructure={0};
WintrustCatalogStructure.cbStruct=sizeof(WinTrustCatalog\u信息);
WINTRUST_FILE_INFO WintrustFileStructure={0};
WintrustFileStructure.cbStruct=sizeof(WINTRUST\u文件\u信息);
GUID ActionGuid=WINTRUST\u ACTION\u GENERIC\u VERIFY\u V2;
//获取签名验证的上下文。
HCATADMIN Context=NULL;
if(!::CryptCATAdminAcquireContext(&Context,NULL,0)){
返回false;
}
//打开文件。
cx_handle hFile(::CreateFileW(filename_u.c_str(),GENERIC_READ,7,NULL,OPEN_EXISTING,0,NULL));
if(无效的句柄值==(句柄)hFile)
{
CryptCATAdminReleaseContext(上下文,0);
返回false;
}
//获取我们散列所需的大小。
dwordhashsize=0;
::CryptCatAdminCalHashFromFileHandle(hFile,&HashSize,NULL,0);
if(HashSize==0)
{
//0大小意味着错误!
::CryptCATAdminReleaseContext(上下文,0);
返回false;
}
//分配内存。
缓冲区hashbuf(HashSize);
//实际计算散列
if(!CryptCATAdminCalcHashFromFileHandle(hFile,&HashSize,hashbuf.data,0))
{
CryptCATAdminReleaseContext(上下文,0);
返回false;
}
//将哈希转换为字符串。
buffermembertag(((HashSize*2)+1)*sizeof(wchar\u t));
for(无符号整数i=0;icode=验证结果;
perr->description=格式\最后一次\错误(验证结果);
}
//自由语境。
如果(目录上下文){
::CryptCATAdminReleaseCatalogContext(上下文,目录上下文,0);
}
//如果我们成功验证,我们需要释放。
如果(你成功了吗)
{
WintrustStructure.dwStateAction=WTD_STATEACTION_CLOSE;
::WinVerifyTrust(0,&ActionGuid,&WintrustStructure);
}
::CryptCATAdminReleaseContext(上下文,0);
回报就是成功;
我不认为这个函数从win7到Win8有任何变化,所以可能会出什么问题
更新
我确实注意到我的职能在Win8中为任务管理器工作。
但对于mmc来说,它同样不起作用。看来您的一般方法是正确的,功能本身没有改变。但也有微妙的变化,;也就是说,他们操作的数据发生了变化。根据上的评论,Windows 8上存储的文件哈希是使用SHA-256哈希计算的 CryptCatAdminCalHashFromFileHandle不支持SHA-256哈希算法,因此必须更新代码才能在Windows 8上使用和;前者允许您使用指定的哈希算法获取
HCATADMIN
,后者允许使用该HCATADMIN
(有趣的是,它的
HCATADMIN-HCATADMIN
成员也指出了这个方向,记录为“Windows 8和Windows Server 2012:开始支持此成员。”)有没有办法避免使用这些功能?我不确定他们是否支持win xp和win 7。@whIsrael你是对的;根据这些文档,它们仅在Windows 8/Windows Server 2012及更高版本上可用。所以…不要给他们打电话。所有这些函数都是手动动态链接的,因此有条件地调用正确的代码路径。