Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

how to verify a digitally signed file?

Posted on 2011-02-20
4
Medium Priority
?
831 Views
Last Modified: 2012-08-14
I am using the following code to check for a signature and it works great.  except, if the file is modified it still returns that it is signed.  I want to further check that the signature is still valid but I can't seem to find the right function to do it.  Please help if you can!

uses jwawincrypt;

function issigned(const f: string): boolean;
var
  SignerInfo: PCmsgSignerInfo;
  CertInfo: TCertInfo;
  Msg:HCRYPTMSG;
  StoreHandle:HCERTSTORE;
  CertContext: PCertContext;
  Filepath: WideString;
  CertName: array[0..255] of WideChar;
  CT:Dword;
  DataSize: Cardinal;
begin
  filepath:=f;
  signerinfo:=nil;

  CT:=0;
  DataSize:=0;
  result:=false;
  try
  if (f <> '') and CryptQueryObject(CERT_QUERY_OBJECT_FILE, @FilePath[1], CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED, CERT_QUERY_FORMAT_FLAG_BINARY, 0, nil, @CT, nil, @StoreHandle, @Msg, nil)
    and (CT = CERT_QUERY_CONTENT_PKCS7_SIGNED_EMBED) and CryptMsgGetParam(Msg,CMSG_SIGNER_INFO_PARAM,0,nil,DataSize) then
    begin
      try
        Getmem(SignerInfo,DataSize);
        CryptMsgGetParam(Msg, CMSG_SIGNER_INFO_PARAM, 0, SignerInfo, DataSize);
        fillchar(certinfo, sizeof(certinfo), #0);
        certinfo.Issuer:=signerinfo^.Issuer;
        CertInfo.SerialNumber := SignerInfo^.SerialNumber;
        CertContext:=CertFindCertificateInStore(StoreHandle, X509_ASN_ENCODING or PKCS_7_ASN_ENCODING,0,CERT_FIND_SUBJECT_CERT, @CertInfo, nil);
        result:=(CertGetNameStringW(CertContext, CERT_NAME_FRIENDLY_DISPLAY_TYPE, 0, nil, CertName, 256) > 0);
      finally
         if assigned(signerinfo) then
           FreeMem(SignerInfo);
         CertCloseStore(StoreHandle, 0);
         CryptMsgClose(Msg);
      end;
    end;
  except
  end;
end;

Open in new window

0
Comment
Question by:DSOM
  • 2
3 Comments
 
LVL 27

Expert Comment

by:BigRat
ID: 34941760
CertVerifyTimeValidity Function perhaps?

http://msdn.microsoft.com/en-us/library/aa376091(v=vs.85).aspx

0
 

Accepted Solution

by:
DSOM earned 0 total points
ID: 34943399
I found what I was looking for here after spending a lot of timing finding out what I was looking for ;)

http://www.experts-exchange.com/Programming/Languages/Pascal/Delphi/Q_20318315.html

0
 

Author Closing Comment

by:DSOM
ID: 34986419
Found answer from another question here.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this tutorial I will show you how to use the Windows Speech API in Delphi. I will only cover basic functions such as text to speech and controlling the speed of the speech. SAPI Installation First you need to install the SAPI type library, th…
Introduction I have seen many questions in this Delphi topic area where queries in threads are needed or suggested. I know bumped into a similar need. This article will address some of the concepts when dealing with a multithreaded delphi database…
Is your OST file inaccessible, Need to transfer OST file from one computer to another? Want to convert OST file to PST? If the answer to any of the above question is yes, then look no further. With the help of Stellar OST to PST Converter, you can e…
As many of you are aware about Scanpst.exe utility which is owned by Microsoft itself to repair inaccessible or damaged PST files, but the question is do you really think Scanpst.exe is capable to repair all sorts of PST related corruption issues?
Suggested Courses

577 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question