在以下代码片段中,WinVerifyTrust为在系统上加载并运行的内核驱动程序文件(.sys)返回CERT_E_UNTRUSTEDROOT:
GUID guidAction = DRIVER_ACTION_VERIFY;
WINTRUST_FILE_INFO sWintrustFileInfo = { 0 };
WINTRUST_DATA sWintrustData = { 0 };
HRESULT hr = 0;
sWintrustFileInfo.cbStruct = sizeof(WINTRUST_FILE_INFO);
sWintrustFileInfo.pcwszFilePath = argv[1];
sWintrustFileInfo.hFile = NULL;
sWintrustData.cbStruct = sizeof(WINTRUST_DATA);
sWintrustData.dwUIChoice = WTD_UI_NONE;
sWintrustData.fdwRevocationChecks = WTD_REVOKE_NONE;
sWintrustData.dwUnionChoice = WTD_CHOICE_FILE;
sWintrustData.pFile = &sWintrustFileInfo;
sWintrustData.dwStateAction = WTD_STATEACTION_VERIFY;
hr = WinVerifyTrust((HWND)INVALID_HANDLE_VALUE, &guidAction, &sWintrustData);
一些有趣的观点: - 使用SHA-256使用有效(购买)证书对驱动程序进行签名。 - 系统上安装了KB3033929(Win7 / 32) - 从文件属性查看证书时,整个认证链显示为有效
我是否将WinVerifyTrust称为错误?
替代问题:是否存在另一种了解(通过存在注册表项或类似内容)基于SHA-256的代码签名验证在目标系统上可用的方法? (我需要在安装期间验证这一点......)
谢谢:)
答案 0 :(得分:-1)
DRIVER_ACTION works good for WHQL afaik. Try
GUID WINTRUST_ACTION_GENERIC_VERIFY_V2
以下是您可以参考的其他内容 http://gnomicbits.blogspot.in/2016/03/how-to-verify-pe-digital-signature.html