c++ - WinVerifyTrust error code handling -

-

i've been tasked determining whether particular dll third party company has been tampered with, after installation on user's system. i've never done related digital signing before. i'm trying set test on own system using winverifytrust.

{     wintrust_file_info wtfi;     wtfi.cbstruct = sizeof(wintrust_file_info);     wtfi.pcwszfilepath = text("*****.dll");     //wtfi.hfile = dllhandle;     wtfi.pgknownsubject = null;      guid wtvpolicyguid = driver_action_verify;      wintrust_data wtd;     wtd.cbstruct = sizeof(wintrust_data);     wtd.ppolicycallbackdata = null;     wtd.psipclientdata = null;     wtd.dwuichoice = wtd_ui_none;     wtd.fdwrevocationchecks = wtd_revoke_none;     wtd.dwunionchoice = wtd_choice_file;     wtd.pfile = &wtfi;     wtd.dwstateaction = wtd_stateaction_ignore;     wtd.pwszurlreference = null;     wtd.dwprovflags = wtd_revocation_check_none;     //wtd.psignaturesettings = null;            // win8 , server2012 only?      long result = winverifytrust( null, &wtvpolicyguid, &wtd);     debugf(text("validation result: 0x%08x"), result); }

this returning 0x57. i've gathered msdn, errors come supplied trust provider. don't know trust provider or error messages can return.

  1. i've linked in wintrust.dll , wintrust.lib, presume means i'm using microsoft's "software publisher trust provider". recommended, or there better ones out there? should using 1 specific / provided software publisher product you're analyzing?
  2. softpub.h contains guid input value, not seem provide output error codes. in tracking down response code list appreciated.

thanks in advance.

edit: have since figured out library uses error codes provided winerror.h. 0x57 "error_invalid_parameter", i'm reviewing complaining about. tried switching policy guid wintrust_action_generic_verify_v2, returned error trust_e_subject_form_unknown. neither error code particularly illuminating ultimate issue is.

edit 2: ran microsoft's signtool.exe on dll in question, , got following output:

signtool error: certificate chain processed, terminated in root         certificate not trusted trust provider.  number of errors: 1

so seems need change trust provider i'm using. after discussing software manufacturer, task being dropped in favor of approach.

according msdn seems should set

dwstateaction = wtd_stateaction_verify;

also try setting

wtfi.hfile = null;

or when giving file handle setting

wtfi.pcwszfilepath = null;

(it's not quite clear me if providing hfile or not. , not set both hfile , pcwszfilepath valid values.)

another point check: if compiling windows 8 or windows server 2012 have struct member psignaturesettings , need initialize it. take care set cbstruct psignaturesettings not included or initialize psignaturesettings.


Comments

Post a Comment

Popular posts from this blog

javascript - oscilloscope of speaker input stops rendering after a few seconds -

-
the following script reads audio user's microphone , renders oscilloscope on html canvas. the source taken example of mozilla developer network: visualizations web audio api and here fiddle: http://jsfiddle.net/b7j8pktp/ mozgetusermedia (note: code has no fork mechanism different browsers: works firefox) it works fine few seconds , stops rendering. whereas works totally stable: http://mdn.github.io/voice-change-o-matic/ the problem can reduced following code. microphone activation icon (next the address bar in firefox) disappears after 5 seconds: navigator.mozgetusermedia({audio: true}, function() {}, function() {} ); ( http://jsfiddle.net/b7j8pktp/2/ ) this known bug in firefox. take stream getusermedia call , hook window so: navigator.mozgetusermedia({audio: true}, function(stream) { window.stream = stream; // rest of code }, function err() { // handle error }); hopefully can fixed soon. problem we're f
Read more

javascript - gulp-nodemon - nodejs restart after file change - Error: listen EADDRINUSE events.js:85 -

-
i'm running nodejs 0.12.3 - gulp 3.10.8 , gulp-nodemon 2.0.3. gulpfile.js : gulp.task('serve', ['build'], function() { gulp.start('fb-flo'); nodemon({ script: paths.server, env: { 'node_env': 'development' }, // env: { 'node_env': 'production' }, execmap: { 'js': 'node_modules/babel/bin/babel-node --stage 1' //es7 cote server }, delay: '0ms', watch: ['src/shared/', 'src/server/'], ignore: ['src/shared/components'], tasks: function (changedfiles) { var tasks = []; changedfiles.foreach(function (file) { if (path.extname(file) === '.jsx' && !~tasks.indexof('bundlejs')) tasks.push('bundlejs'); if (path.extname(file) === '.less' && !~tasks.indexof('compileless')) tasks.push('compileless'); }); return tasks; }
Read more

Fatal Python error: Py_Initialize: unable to load the file system codec. ImportError: No module named 'encodings' -

-
i trying make simple python program opening list of webpages user manually download reports site. don't have previous experience preparing exe files.. , i'm in learning process python coding. of done on windows 7 x64 this python code: #!c:/python34/python.exe -u splinter import * import time import os import csv #---------------------------------- raporty = [] open('../raporty.csv', newline='') csvfile: contents = csv.reader(csvfile, delimiter=' ', quotechar='|') row in contents: r = ', '.join(row) r = r.replace(',','') raporty.append(r) #--not implemented yet zmienne = [] open('../zmienne.csv', newline='') csvfile: contents = csv.reader(csvfile, delimiter=' ', quotechar='|') row in contents: r = ', '.join(row) r = r.replace(',','') zmienne.append(r) print("start") browser = browser(
Read more