How can I verify SHA-2 signature of PE file?

Asked Jun 29 '15 at 11:15

Active Jun 30 '15 at 10:02

Viewed 631 times

I would like to verify SHA-2 authenticode digital signature of PE file on Windows platform.

I tried to verify a SHA-2 signature by using WinVerifyTrustEx(). WinVerifyTrustEx works fine on Windows 7. But WinVerifyTrustEx does not work on Windows Vista.

I used same codes on both Windows 7 and Windows Vista.

How can I verify SHA-2 signature on Window Vista?

[UPDATE]

WinVerifyTrustEx returns TRUST_E_NOSIGNATURE(0x800B0100) on Windows Vista.

WinVerifyTrustEx returns ERROR_SUCCESS on Windows 7.

I used same sample codes and verified the same executable file which is signed. The signed executable file has SHA-256 signature.

The difference is only OS (vista and 7).

When I tried to verify another executable file which is signed by SHA-1, WinVerifyTrustEx returns ERROR_SUCCESS on both Vista and 7.

edited Jun 30 '15 at 10:02

Alex K.

171,639
30
264
288

asked Jun 29 '15 at 11:15

橋本敬

"does not work" how? – Jonathan Potter Jun 29 '15 at 11:25
Perhaps there's a defect in your code. Which we cannot see. – David Heffernan Jun 29 '15 at 11:37
Most likely Vista doesn't support SHA2, hence the problem. External library is needed in this case. – Eugene Mayevski 'Callback Jun 30 '15 at 04:58
Could you teach me which external library can be used in this case? – 橋本敬 Jun 30 '15 at 06:03
Our SecureBlackbox supports SHA2 signatures in Authenticode. – Eugene Mayevski 'Callback Jul 02 '15 at 04:34
@Eugene Thank you for your information! – 橋本敬 Jul 06 '15 at 10:09

How can I verify SHA-2 signature of PE file?

0 Answers0