Vb.net 检查标志
我正在尝试检查一些“已签名”文件的签名,特别是Microsoft TrustedInstaller.exe。目前我正在Windows 7(64位)上尝试最新的更新 我下载了sysinternal工具并运行了该命令,获得了“良好”的信息Vb.net 检查标志,vb.net,digital-signature,x509certificate,x509certificate2,Vb.net,Digital Signature,X509certificate,X509certificate2,我正在尝试检查一些“已签名”文件的签名,特别是Microsoft TrustedInstaller.exe。目前我正在Windows 7(64位)上尝试最新的更新 我下载了sysinternal工具并运行了该命令,获得了“良好”的信息 Verified: Signed Signing date: 2:37 PM 11/20/2010 Publisher: Microsoft Windows Company: Microsof
Verified: Signed
Signing date: 2:37 PM 11/20/2010
Publisher: Microsoft Windows
Company: Microsoft Corporation
Description: Windows Modules Installer
Product: Microsoft« Windows« Operating System
Prod version: 6.1.7601.17514
File version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
MachineType: 64-bit
我试过下面的代码
Public Function CheckSign(Path As String) As String
Dim filePath As String = Path
If Not File.Exists(filePath) Then
Console.WriteLine("File not found")
Return "File Not Found"
End If
Dim theCertificate As X509Certificate2
Try
Dim theSigner As X509Certificate = X509Certificate.CreateFromSignedFile(filePath)
theCertificate = New X509Certificate2(theSigner)
Catch ex As Exception
Return "Not Signed"
End Try
Dim chainIsValid As Boolean = False
Dim theCertificateChain = New X509Chain(True)
theCertificateChain.ChainPolicy.RevocationFlag = X509RevocationFlag.ExcludeRoot
theCertificateChain.ChainPolicy.RevocationMode = X509RevocationMode.Offline
theCertificateChain.ChainPolicy.UrlRetrievalTimeout = New TimeSpan(0, 1, 0)
theCertificateChain.ChainPolicy.VerificationFlags = X509VerificationFlags.NoFlag
chainIsValid = theCertificateChain.Build(theCertificate)
Dim doTrust As Boolean = (theCertificateChain.ChainElements(theCertificateChain.ChainElements.Count - 1).Certificate.Verify)
If doTrust = False Then
Console.WriteLine("WE DO NOT TRUST THEM ")
Console.WriteLine("Publisher Information : " + theCertificate.SubjectName.Name)
Return "No Trust"
End If
Return "Trusted"
End Function
这适用于大多数情况,但事实证明,某些文件(如trustedinstaller@C:\windows\servicing\trustedinstaller.exe)返回为“未签名”,这意味着它抛出以下错误
System.Security.Cryptography.CryptographyException:找不到请求的对象
你知道我如何检查所有文件的签名,而不仅仅是“大多数”吗(就像上面的代码一样,或者你知道为什么会失败吗?代码看起来没问题。
TrustedInstaller.exe
不是authenticode signed.sigcode…找到签名,我如何检查该类型的签名,或者你知道TrustedInstaller使用什么类型的签名?获取文件的属性,将没有数字签名选项卡。我怀疑sigcode使用目录签名来验证签名。