how to verify a digitally signed file?

I am using the following code to check for a signature and it works great.  except, if the file is modified it still returns that it is signed.  I want to further check that the signature is still valid but I can't seem to find the right function to do it.  Please help if you can!

uses jwawincrypt;

function issigned(const f: string): boolean;
var
  SignerInfo: PCmsgSignerInfo;
  CertInfo: TCertInfo;
  Msg:HCRYPTMSG;
  StoreHandle:HCERTSTORE;
  CertContext: PCertContext;
  Filepath: WideString;
  CertName: array[0..255] of WideChar;
  CT:Dword;
  DataSize: Cardinal;
begin
  filepath:=f;
  signerinfo:=nil;

  CT:=0;
  DataSize:=0;
  result:=false;
  try
  if (f <> '') and CryptQueryObject(CERT_QUERY_OBJECT_FILE, @FilePath[1], CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED, CERT_QUERY_FORMAT_FLAG_BINARY, 0, nil, @CT, nil, @StoreHandle, @Msg, nil)
    and (CT = CERT_QUERY_CONTENT_PKCS7_SIGNED_EMBED) and CryptMsgGetParam(Msg,CMSG_SIGNER_INFO_PARAM,0,nil,DataSize) then
    begin
      try
        Getmem(SignerInfo,DataSize);
        CryptMsgGetParam(Msg, CMSG_SIGNER_INFO_PARAM, 0, SignerInfo, DataSize);
        fillchar(certinfo, sizeof(certinfo), #0);
        certinfo.Issuer:=signerinfo^.Issuer;
        CertInfo.SerialNumber := SignerInfo^.SerialNumber;
        CertContext:=CertFindCertificateInStore(StoreHandle, X509_ASN_ENCODING or PKCS_7_ASN_ENCODING,0,CERT_FIND_SUBJECT_CERT, @CertInfo, nil);
        result:=(CertGetNameStringW(CertContext, CERT_NAME_FRIENDLY_DISPLAY_TYPE, 0, nil, CertName, 256) > 0);
      finally
         if assigned(signerinfo) then
           FreeMem(SignerInfo);
         CertCloseStore(StoreHandle, 0);
         CryptMsgClose(Msg);
      end;
    end;
  except
  end;
end;

Open in new window

DSOMAsked:
Who is Participating?
 
DSOMConnect With a Mentor Author Commented:
I found what I was looking for here after spending a lot of timing finding out what I was looking for ;)

http://www.experts-exchange.com/Programming/Languages/Pascal/Delphi/Q_20318315.html

0
 
BigRatCommented:
CertVerifyTimeValidity Function perhaps?

http://msdn.microsoft.com/en-us/library/aa376091(v=vs.85).aspx

0
 
DSOMAuthor Commented:
Found answer from another question here.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.