如何用WinVerifyTrust验证文件的数字签名?
求VB中使用WinVerifyTrust的方法,http://msdn.microsoft.com/en-us/library/aa388208.aspx 这里看了一下,有个C语言的例子,而且我也用VC调试成功了
可是在转成VB的时候犯难了,主要的一个结构WINTRUST_DATA搞了很久还是没有头绪,它是内嵌共用体的,试了很多方法,都以IDE崩溃告终,貌似是VB不支持union
请教大家有什么好的方法可以用VB验证文件的数字签名??先谢谢了!
[解决办法]
由于篇幅有限,查MSDN看注释
Public Declare Sub RtlFillMemory Lib "kernel32.dll" (Destination As Long, Length As Long, Fill As Byte)Public Declare Function WinVerifyTrust Lib "Wintrust.dll" (hWnd As Long, pgActionID As Long, pWVTData As Long) As LongPublic Declare Function GetLastError Lib "kernel32.dll" () As LongConst ERROR_SUCCESS = 0&Const TRUST_E_NOSIGNATURE = &H800B0100Const TRUST_E_EXPLICIT_DISTRUST = &H800B0111Const TRUST_E_SUBJECT_NOT_TRUSTED = &H800B0004Const CRYPT_E_SECURITY_SETTINGS = &H80092026Const WTD_UI_ALL = 1& 'Display all UI. Const WTD_UI_NONE = 2& ' Display no UI. Const WTD_UI_NOBAD = 3& ' Do not display any negative UI. Const WTD_UI_NOGOOD = 4& ' Do not display any positive UI. Const WTD_REVOKE_NONE = 0& 'No additional revocation checking will be done. Const WTD_REVOKE_WHOLECHAIN = 1& ' Revocation checking will be done on the whole chain. Const WTD_CHOICE_FILE = 1& ' Use the file pointed to by pFile. Const WTD_CHOICE_CATALOG = 2& ' Use the catalog pointed to by pCatalog. Const WTD_CHOICE_BLOB = 3& ' Use the BLOB pointed to by pBlob. Const WTD_CHOICE_SIGNER = 4& ' Use the WINTRUST_SGNR_INFO structure pointed to by pSgnr. Const WTD_CHOICE_CERT = 5& ' Use the certificate pointed to by pCert. Const WTD_SAFER_FLAG = 256& Type GUID D1 As Long D2 As Integer D3 As Integer D4(0 To 7) As Byte End TypeType WINTRUST_FILE_INFO cbStruct As Long pcwszFilePath As Long hFile As Long pgKnownSubject As LongEnd TypeType WINTRUST_DATA cbStruct As Long pPolicyCallbackData As Long pSIPClientData As Long dwUIChoice As Long fdwRevocationChecks As Long dwUnionChoice As Long 'Union pUnionData As Long dwStateAction As Long hWVTStateData As Long pwszURLReference As Long dwProvFlags As Long dwUIContext As LongEnd TypePublic Function VerifyEmbeddedSignature(pwszSourceFile As String) As Boolean Dim lStatus As Long Dim dwLastError As Long ' Initialize the WINTRUST_FILE_INFO structure. Dim FileData As WINTRUST_FILE_INFO RtlFillMemory ByVal VarPtr(FileData), ByVal LenB(FileData), ByVal 0 FileData.cbStruct = LenB(FileData) FileData.pcwszFilePath = StrPtr(pwszSourceFile) FileData.hFile = 0 FileData.pgKnownSubject = 0 Dim WVTPolicyGUID As GUID '=WINTRUST_ACTION_GENERIC_VERIFY_V2 WVTPolicyGUID.D1 = &HAAC56B WVTPolicyGUID.D2 = &HCD44 WVTPolicyGUID.D3 = &H11D0 WVTPolicyGUID.D4(0) = &H8C WVTPolicyGUID.D4(1) = &HC2 WVTPolicyGUID.D4(2) = &H0 WVTPolicyGUID.D4(3) = &HC0 WVTPolicyGUID.D4(4) = &H4F WVTPolicyGUID.D4(5) = &HC2 WVTPolicyGUID.D4(6) = &H95 WVTPolicyGUID.D4(7) = &HEE Dim WinTrustData As WINTRUST_DATA '// Initialize the WinVerifyTrust input data structure. '// Default all fields to 0. RtlFillMemory ByVal VarPtr(WinTrustData), ByVal LenB(WinTrustData), ByVal 0 WinTrustData.cbStruct = LenB(WinTrustData) '// Use default code signing EKU. WinTrustData.pPolicyCallbackData = 0 '// No data to pass to SIP. WinTrustData.pSIPClientData = 0 '// Disable WVT UI. WinTrustData.dwUIChoice = WTD_UI_NONE '// No revocation checking. WinTrustData.fdwRevocationChecks = WTD_REVOKE_NONE '// Verify an embedded signature on a file. WinTrustData.dwUnionChoice = WTD_CHOICE_FILE '// Default verification. WinTrustData.dwStateAction = 0 '// Not applicable for default verification of embedded signature. WinTrustData.hWVTStateData = 0 '// Not used. WinTrustData.pwszURLReference = 0 '// Default. WinTrustData.dwProvFlags = WTD_SAFER_FLAG' // This is not applicable if there is no UI because it changes' // the UI to accommodate running applications instead of' // installing applications. WinTrustData.dwUIContext = 0 '// Set pFile. WinTrustData.pUnionData = VarPtr(FileData) '// WinVerifyTrust verifies signatures as specified by the GUID '// and Wintrust_Data. lStatus = WinVerifyTrust(ByVal 0, ByVal VarPtr(WVTPolicyGUID), ByVal VarPtr(WinTrustData)) Select Case (lStatus) Case ERROR_SUCCESS MsgBox "The file """ & pwszSourceFile & """ is signed and the signature was verified." Case TRUST_E_NOSIGNATURE dwLastError = GetLastError() If (TRUST_E_NOSIGNATURE = dwLastError) Or (TRUST_E_SUBJECT_FORM_UNKNOWN = dwLastError) Or (TRUST_E_PROVIDER_UNKNOWN = dwLastError) Then '// The file was not signed. MsgBox "The file """ & pwszSourceFile & """ is not signed." Else ' // The signature was not valid or there was an error' // opening the file. MsgBox "An unknown error occurred trying to verify the signature of the """ & pwszSourceFile & """ file." End If Case TRUST_E_EXPLICIT_DISTRUST' // The hash that represents the subject or the publisher' // is not allowed by the admin or user. MsgBox "The signature is present, but specifically disallowed." Case TRUST_E_SUBJECT_NOT_TRUSTED '// The user clicked "No" when asked to install and run. MsgBox "The signature is present, but not trusted." Case CRYPT_E_SECURITY_SETTINGS MsgBox "CRYPT_E_SECURITY_SETTINGS - The hash " & _ "representing the subject or the publisher wasn't " & _ "explicitly trusted by the admin and admin policy " & _ "has disabled user trust. No signature, publisher " & _ "or timestamp errors." Case Else' // The UI was disabled in dwUIChoice or the admin policy' // has disabled user trust. lStatus contains the' // publisher or time stamp chain error. MsgBox "Error is: 0x" & Hex(lStatus) & "." End Select VerifyEmbeddedSignature = TrueEnd Function
[解决办法]
学习了。帮顶下。
