1

Possible Duplicate:
how to check if a file has a digital signature

I want to implement sigcheck like functionality using C#. As per my understanding C# donot have classes for this functionality and I will have to port WinVerifyTrust() as well as CryptCATAdminCalcHashFromFileHandle().

Is anyone of you have already done this porting? or Can you suggest any other alternative to check if file is signed?

Appreciate your help.

Thank you.

Community
  • 1
  • 1
user1136789
  • 71
  • 2
  • 6
  • [Here](http://geekswithblogs.net/robp/archive/2007/05/04/112250.aspx)'s a fairly old article that might help. – M.Babcock Jan 08 '12 at 07:52

1 Answers1

0

Edit : Its a duplicate of an old question on SO. This should have been a comment which I dint know at the time of posting. Just wanted to relink that his answers are already out there on SO. This is not an answer but only a reference to the old questions which are answered that are the same to this.

There is Wintrust.dll. So you need not port but you can PInvoke WinVerifyTrust() from it as does CryptCATAdminCalcHashFromFileHandle or any other function from the dll.

relink to a previous question of the same type.

one more on the same topic.

Community
  • 1
  • 1
King
  • 1,170
  • 2
  • 16
  • 33
  • He mentions `WinVerifyTrust()` in his question. I'm pretty sure he knows it needs to be implemented. – M.Babcock Jan 08 '12 at 07:55
  • Good job finding the duplicate. But usually we mention those in comments, not answers. – Ben Voigt Jan 08 '12 at 07:55
  • @M.Babcock yes, ofcourse. But he can invoke them from the dll. It is a duplicate of two other questions from the SO already. – King Jan 08 '12 at 07:57
  • @King - Which means you likely won't see upvotes. Links are not answers so this probably should have been a comment. – M.Babcock Jan 08 '12 at 07:58
  • @BenVoigt Oh. I dint know how to link the question to a previous question. So added it in answer. Is there way to link this question to the previous question. – King Jan 08 '12 at 07:58
  • @M.Babcock I don't want votes my friend. I just want to tell the OP that his answers are already there. Dint know that it should be in comment. Tried to see if I can link it to a previous question like in many other sites. I couldn't find such feature. So I added. Yes, should be a comment. Will follow hereafter. – King Jan 08 '12 at 08:00
  • @King: To put a link in a comment, put the link caption inside square brackets, and the link URL inside parentheses right afterward. Like `[click here](http://www.stackoverflow.com/)` becomes [click here](http://www.stackoverflow.com/). – Ben Voigt Jan 08 '12 at 08:01
  • @King - If you find a duplicate it is usually best to post a comment notifying the asker and then flag it as such. – M.Babcock Jan 08 '12 at 08:02
  • @M.Babcock: He doesn't yet have enough reputation to vote to close as duplicate. – Ben Voigt Jan 08 '12 at 08:02
  • @BenVoigt - My mistake. The comment should be enough then. – M.Babcock Jan 08 '12 at 08:03
  • Thanks for the tips. Will follow them :) – King Jan 08 '12 at 08:03
  • Eventually, you'll accumulate enough reputation to vote to close questions as duplicates. That will automagically insert the comment you've probably seen all over the place, just like Ben's above on the question. Until then, when you want to suggest a duplicate, you can manually leave a comment. Other users with close vote privileges will see it, and if they agree, cast close votes of their own. You can also use the "flag" link to suggest a question as a duplicate, which ensures that people will notice it. This is especially useful for old questions that people might not happen across. – Cody Gray - on strike Jan 08 '12 at 08:09
  • Using only WinVerifyTrust() doesn't work. I think We need to use unmanged code from here. http://forum.sysinternals.com/howto-verify-the-digital-signature-of-a-file_topic19247.html I have limited skills in interop, can anyone please help? – user1136789 Jan 08 '12 at 08:23
  • @user1136789 - Feel free to open a separate question to ask any questions specific to any impedances you encounter. This question will likely end up being closed as a duplicate anyway. And note that the question comment I posted above includes an example of doing what you're asking. – M.Babcock Jan 08 '12 at 08:28
  • @M.Babcock: I tried the example for your link but it is not fully functional. It returns false for the signed file detected by sigcheck tool. I think it is missing the catelogContext calculation. – user1136789 Jan 08 '12 at 09:00
  • @user1136789 check this[c# digital signature](http://geekswithblogs.net/robp/archive/2007/05/04/112250.aspx) – King Jan 08 '12 at 13:06
  • @king: its the same thing. It returns false for signed files. – user1136789 Jan 09 '12 at 07:33