Getting WinVerifyTrust to work with catalog signed files such as cmd.exe

c++ windows winapi certificate winverifytrust

I Tested the Following Code Which sets NULL (as recommended in the docs) instead of BCRYPT_SHA256_ALGORITHM. It's No Problem.
Although The Document says The default hashing algorithm may change in future Windows versions, It’s necessary to maintain consistent behavior For Microsoft.

DWORD VerifyCatalogSignature(_In_ HANDLE FileHandle,    _In_ bool UseStrongSigPolicy){    ...    if (UseStrongSigPolicy != false)    {        SigningPolicy.cbSize = sizeof(CERT_STRONG_SIGN_PARA);        SigningPolicy.dwInfoChoice = CERT_STRONG_SIGN_OID_INFO_CHOICE;        //SigningPolicy.pszOID = const_cast<char*>(szOID_CERT_STRONG_SIGN_OS_CURRENT);        SigningPolicy.pszOID = const_cast<char*>(szOID_CERT_STRONG_KEY_OS_1);        if (!CryptCATAdminAcquireContext2(            &CatAdminHandle,            NULL,            NULL,            &SigningPolicy,            0))        {            Error = GetLastError();            goto Cleanup;        }    }    else    {        if (!CryptCATAdminAcquireContext2(            &CatAdminHandle,            NULL,            BCRYPT_SHA256_ALGORITHM,            NULL,            0))        {            Error = GetLastError();            goto Cleanup;        }    }    ...}

CodeHunter

Getting WinVerifyTrust to work with catalog signed files such as cmd.exe

Recent Posts

How can I color dots in a xy scatterplot according to column value?

How to update a claim in ASP.NET Identity?

What does {0} mean when initializing an object?

Accessing members of items in a JSONArray with Java

How to log SQL statements in Spring Boot?

Powershell Get-WebSite name parameter is ignored

How to detect scroll to bottom of html element

Java synchronized method

How to test controllers with CodeIgniter?

Detect Visual Composer

Matplotlib: Specify format of floats for tick labels

Rails join a list of strings with commas and "and" before the last