Validate signature on EXE with CertGetCertificateChain
Posted
by
cobaia
on Stack Overflow
See other posts from Stack Overflow
or by cobaia
Published on 2009-07-14T19:47:44Z
Indexed on
2011/03/14
0:10 UTC
Read the original article
Hit count: 1166
I would like to verify a signed executable. The requirement is to validate that the executable itself is valid and where it came from (probably from the subject of the cert). The cert type is PKCS.
I found a similar posting here, http://stackoverflow.com/questions/301024/validate-authenticode-signature-on-exe-c-without-capicom
The Microsoft documentation, among others, appears to point to CertGetCertificateChain, but the examples tend to work with certificates that are in a store. Does anyone know how to validate a signed executable using CertGetCertificateChain and related API's?
© Stack Overflow or respective owner