1

I Have used a utility written by Mark Russinovich, it is used to validate the file signature. Any one have ideas how this can be done, i know it is not a simple code, but just i need some hints, APIs, steps, A guide map, Just to go in the correct direction. I read too much a bout the cryptAPIs, then I read too much about the certAPIs, but i cannot get any thing useful to simply link a given file with the (unknown to me) data stored in the windows.

if any can help me in this issue please help, thanks a lot.

Bashar
  • 31
  • 4

1 Answers1

2

You should read about Authenticode.

Nickolay Olshevsky
  • 13,706
  • 1
  • 34
  • 48
  • yes, i know what is the Authentic-ode, my question is what windows do to verify that an executable file is a signed one and how to verify – Bashar Jan 05 '11 at 09:15
  • 1
    It checks for authenticode information inside executable. You should check this question for more information: http://stackoverflow.com/questions/301024/validate-authenticode-signature-on-exe-c-without-capicom – Nickolay Olshevsky Jan 05 '11 at 09:31