English 中文(简体)
How to verify that my orgainization signed a trusted windows binary?
原标题:

This is a followup question to question 1072540, WinVerifyTrust to check for a specific signature? .

I want to write a C++ function Lets call it TrustedByUs of the form:

bool TrustedByUs(std::string pathToBinary, std::string pathToPublicKey)

The idea is that we give this function a path to a binary .dll or .exe file that has been signed with a digital signature. The pathToPublicKey string is the path to a public key of our particular signing certificate.

Using the code in http://support.microsoft.com/kb/323809 it s pretty straight forward to verify that the pathToBinary file is in fact trusted by the operating system.

Now I m in the same place as the writer of question 1072540, I know the OS trusts the signer of this binary, but I want to know if my organization s RSA key is the one that signed the binary.

The KB323809 shows how to extract the strings from certificate embedded in our binary file. This example shows how to extract strings from the signing certificate in its GetProgAndPublisherInfo function, but I m uncomfortable using a string match to verfiy the certificate.

What I would like to do is extract the public key from the embedded signature and compare it to the public key that corresponds with the private key that signed my binary file in the first place.

The documentation for CryptMsgGetParam says that the CMSG_SIGNER_CERT_ID_PARAM parameter Returns information on a message signer needed to identify the signer s public key . I succeed in getting the certificate s serial number with this key. My code looks like this:

// Get message handle and store handle from the signed file.
fResult = CryptQueryObject(CERT_QUERY_OBJECT_FILE,
    L"C:\Program Files\MySignedProgram.exe",
    CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED,
    CERT_QUERY_FORMAT_FLAG_BINARY,
    0, &dwEncoding, &dwContentType, &dwFormatType, &hStore, &hMsg, NULL);

// Get the public key information about the signer
// First get the size
DWORD dwCertIdSize(0);
fResult = CryptMsgGetParam(hMsg, CMSG_SIGNER_CERT_ID_PARAM,
    0, NULL, &dwCertIdSize);
BYTE* pCertId = new BYTE(dwCertIdSize);
::ZeroMemory(pCertId,dwCertIdSize);

// Now get the cert info
fResult = CryptMsgGetParam(hMsg, CMSG_SIGNER_CERT_ID_PARAM,
    0, (PVOID)pCertId, &dwCertIdSize);

if(fResult)
{      
    CERT_ID* pId = (CERT_ID*)pCertId;  
    pId->HashId;
    pId->dwIdChoice;
    pId->IssuerSerialNumber;  // Valid serial number (reversed)
    pId->KeyId;   
    _tprintf("pid
");
}

This is close to what I want, but really I d like to use the signing certificate s public key to verify that the target signed binary file was in fact created with my particular public/private key pair.

Using the CMSG_ENCRYPTED_DIGEST flag this code succeeds:

// Get digest which was encrypted with the private key
DWORD digestSize(0);
fResult = CryptMsgGetParam(hMsg, CMSG_ENCRYPTED_DIGEST, 0, NULL, &digestSize);

BYTE* pDigest = new BYTE[digestSize];

// Next CryptMsgGetParam call succeds,
// pDigest looks valid, can I use this to confirm my public key
// was used to sign MySignedProgram.exe ?
fResult = CryptMsgGetParam(hMsg, CMSG_ENCRYPTED_DIGEST, 0, pDigest, &digestSize);

Bottom line question: Given the certificate information discovered by CryptQueryObject, what technique should I used to ensure that the target file was in fact signed using the private key that corresponds to the public key that is available to me when the above code executes?

最佳回答

You want the CMSG_SIGNER_INFO_PARAM instead.

You can use this to get the entire certificate by looking up the certificate in the certificate store returned by CryptQueryObject:

CryptMsgGetParam(hMsg, 
                 CMSG_SIGNER_INFO_PARAM, 
                 0, 
                 NULL, 
                 &dwSignerInfo);
PCMSG_SIGNER_INFO pSignerInfo = (PCMSG_SIGNER_INFO) malloc(dwSignerInfo);
CryptMsgGetParam(hMsg, 
                 CMSG_SIGNER_INFO_PARAM, 
                 0, 
                 pSignerInfo, 
                 &dwSignerInfo);

PCCERT_CONTEXT pCertContext = CertFindCertificateInStore(hStore,
                                          ENCODING,
                                          0,
                                          CERT_FIND_SUBJECT_CERT,
                                          (PVOID)pSignerInfo,
                                          NULL);
// Compare with your certificate:
// - check pCertContext->pbCertEncoded (length is pCertContext->cbCertEncoded)

// *OR*
// Compare with your public-key:
// - check pCertContext->pCertInfo->SubjectPublicKeyInfo.Algorithm and
//   pCertContext->pCertInfo->SubjectPublicKeyInfo.PublicKey
时间:2010-01-07 13:43:23
问题回答

暂无回答


上一篇:
下一篇:


相关问题
How to read exact number of bytes from a stream (tcp) socket?

In winsock, both the sync recv and the async WSARecv complete as soon as there is data available in a stream socket, regardless of the size specified (which is only the upper limit). This means that ...

时间:2009-11-15 22:27:59 回答:1 展示:1
AcquireCredentialsHandle returns SEC_E_NO_CREDENTIALS

I created a self-signed certificate (created using OpenSSL) and installed it into the Certificate Store using the Certificates MMC snap-in (CertMgr.msc) on Windows Vista Ultimate. I have managed to ...

时间:2009-11-13 05:15:13 回答:1 展示:1
Calling Win32 EnumThreadWindows() in C#

I m trying to get a call to EnumThreadWindows working, but I always get a Wrong Parameter-Error, although my code is nearly the same as this example on pinvoke.net. I don t know why this doesn t work: ...

时间:2009-11-10 15:17:34 回答:1 展示:1
COM Basic links

folks can you provide me the tutorial link or .pdf for learning basic COM?. i do google it.. still i recommend answers of stackoverflow so please pass me.. Thanks

时间:2009-11-10 13:21:01 回答:5 展示:1
Handling multiple windows WIN32 API

HI I m trying to create an application in the Win32 environment containing more than one window. How do i do that? all the Win32 Tutorials on web i found only showed how to manage one window. How do i ...

时间:2009-11-10 13:18:15 回答:2 展示:1
Creating a thread in DllMain?

It seems that when a thread is created from within DllMain upon DLL_PROCESS_ATTACH it won t begin until all dll s have been loaded. Since I need to make sure the thread runs before I continue, I get a ...

时间:2009-11-06 15:22:59 回答:4 展示:1
热门标签

友情链接

Allggapp Alljchome-教程家园 mvfinale.com-影视剧情大结局大全