原文链接:http://www.titilima.cn/readblog.php?id=108
有的朋友问李马July的数字签名验证是如何做的,所以李马把July中的这段代码共享如下,在Win2K sp4/WinXP sp2上调试通过。
BOOLCheckFileTrust(LPCWSTRlpFileName) { BOOLbRet=FALSE; WINTRUST_DATAwd={0}; WINTRUST_FILE_INFOwfi={0}; WINTRUST_CATALOG_INFOwci={0}; CATALOG_INFOci={0};
HCATADMINhCatAdmin=NULL; if(!CryptCATAdminAcquireContext(&hCatAdmin,NULL,0)) { returnFALSE; }
HANDLEhFile=CreateFileW(lpFileName,GENERIC_READ,FILE_SHARE_READ, NULL,OPEN_EXISTING,0,NULL); if(INVALID_HANDLE_VALUE==hFile) { CryptCATAdminReleaseContext(hCatAdmin,0); returnFALSE; }
DWORDdwCnt=100; BYTEbyHash[100]; CryptCATAdminCalcHashFromFileHandle(hFile,&dwCnt,byHash,0); CloseHandle(hFile);
LPWSTRpszMemberTag=newWCHAR[dwCnt*2+1]; for(DWORDdw=0;dw<dwCnt;++dw) { wsprintfW(&pszMemberTag[dw*2],L"%02X",byHash[dw]); }
HCATINFOhCatInfo=CryptCATAdminEnumCatalogFromHash(hCatAdmin, byHash,dwCnt,0,NULL); if(NULL==hCatInfo) { wfi.cbStruct=sizeof(WINTRUST_FILE_INFO); wfi.pcwszFilePath=lpFileName; wfi.hFile=NULL; wfi.pgKnownSubject=NULL;
wd.cbStruct=sizeof(WINTRUST_DATA); wd.dwUnionChoice=WTD_CHOICE_FILE; wd.pFile=&wfi; wd.dwUIChoice=WTD_UI_NONE; wd.fdwRevocationChecks=WTD_REVOKE_NONE; wd.dwStateAction=WTD_STATEACTION_IGNORE; wd.dwProvFlags=WTD_SAFER_FLAG; wd.hWVTStateData=NULL; wd.pwszURLReference=NULL; } else { CryptCATCatalogInfoFromContext(hCatInfo,&ci,0); wci.cbStruct=sizeof(WINTRUST_CATALOG_INFO); wci.pcwszCatalogFilePath=ci.wszCatalogFile; wci.pcwszMemberFilePath=lpFileName; wci.pcwszMemberTag=pszMemberTag;
wd.cbStruct=sizeof(WINTRUST_DATA); wd.dwUnionChoice=WTD_CHOICE_CATALOG; wd.pCatalog=&wci; wd.dwUIChoice=WTD_UI_NONE; wd.fdwRevocationChecks=WTD_STATEACTION_VERIFY; wd.dwProvFlags=0; wd.hWVTStateData=NULL; wd.pwszURLReference=NULL; } GUIDaction=WINTRUST_ACTION_GENERIC_VERIFY_V2; HRESULThr=WinVerifyTrust(NULL,&action,&wd); bRet=SUCCEEDED(hr);
if(NULL!=hCatInfo) { CryptCATAdminReleaseContext(hCatInfo,0); } CryptCATAdminReleaseCatalogContext(hCatAdmin,hCatInfo,0); delete[]pszMemberTag; returnbRet; } |
这段代码是在一个老外的论坛上不经意搜索到的,一个貌似德国人(因为他的注释不是英文写的,德国亦仅猜测尔,西班牙、葡萄牙、法兰西、俄罗斯亦都有可能)写的Delphi代码,其中使用了WinTrust.dll中的导出函数。使用VS2005的朋友们可以包含WinTrust.h、SoftPub.h和Mscat.h,并添加导入库WinTrust.lib;使用VC6的朋友们可以参考MSDN上的函数及结构体声明,并用函数指针进行调用。