Fatal编程技术网

Vb.net 检查标志

vb.net

Vb.net 检查标志,vb.net,digital-signature,x509certificate,x509certificate2,Vb.net,Digital Signature,X509certificate,X509certificate2,我正在尝试检查一些“已签名”文件的签名,特别是Microsoft TrustedInstaller.exe。目前我正在Windows 7(64位)上尝试最新的更新 我下载了sysinternal工具并运行了该命令,获得了“良好”的信息 Verified: Signed Signing date: 2:37 PM 11/20/2010 Publisher: Microsoft Windows Company: Microsof

我正在尝试检查一些“已签名”文件的签名,特别是Microsoft TrustedInstaller.exe。目前我正在Windows 7(64位)上尝试最新的更新

我下载了sysinternal工具并运行了该命令,获得了“良好”的信息

    Verified:       Signed
    Signing date:   2:37 PM 11/20/2010
    Publisher:      Microsoft Windows
    Company:        Microsoft Corporation
    Description:    Windows Modules Installer
    Product:        Microsoft« Windows« Operating System
    Prod version:   6.1.7601.17514
    File version:   6.1.7601.17514 (win7sp1_rtm.101119-1850)
    MachineType:    64-bit
我试过下面的代码

Public Function CheckSign(Path As String) As String

    Dim filePath As String = Path

    If Not File.Exists(filePath) Then
        Console.WriteLine("File not found")
        Return "File Not Found"
    End If

    Dim theCertificate As X509Certificate2

    Try
        Dim theSigner As X509Certificate = X509Certificate.CreateFromSignedFile(filePath)
        theCertificate = New X509Certificate2(theSigner)
    Catch ex As Exception
          Return "Not Signed"
    End Try

    Dim chainIsValid As Boolean = False

    Dim theCertificateChain = New X509Chain(True)

    theCertificateChain.ChainPolicy.RevocationFlag = X509RevocationFlag.ExcludeRoot
    theCertificateChain.ChainPolicy.RevocationMode = X509RevocationMode.Offline
    theCertificateChain.ChainPolicy.UrlRetrievalTimeout = New TimeSpan(0, 1, 0)
    theCertificateChain.ChainPolicy.VerificationFlags = X509VerificationFlags.NoFlag

    chainIsValid = theCertificateChain.Build(theCertificate)


    Dim doTrust As Boolean = (theCertificateChain.ChainElements(theCertificateChain.ChainElements.Count - 1).Certificate.Verify)
    If doTrust = False Then
        Console.WriteLine("WE DO NOT TRUST THEM ")
        Console.WriteLine("Publisher Information : " + theCertificate.SubjectName.Name)
        Return "No Trust"
    End If

    Return "Trusted"

End Function
这适用于大多数情况,但事实证明,某些文件(如trustedinstaller@C:\windows\servicing\trustedinstaller.exe)返回为“未签名”,这意味着它抛出以下错误

System.Security.Cryptography.CryptographyException:找不到请求的对象

你知道我如何检查所有文件的签名,而不仅仅是“大多数”吗(就像上面的代码一样,或者你知道为什么会失败吗?

代码看起来没问题。
TrustedInstaller.exe
不是authenticode signed.sigcode…找到签名,我如何检查该类型的签名,或者你知道TrustedInstaller使用什么类型的签名?获取文件的属性,将没有数字签名选项卡。我怀疑sigcode使用目录签名来验证签名。