stackoom
  简体   繁体   中英

Get X509 Code Signing Certificate Serial Number of signed EXE in unmanaged C/C++

 原文  2019-02-17 13:30:32       c++/ c/ x509certificate/ unmanaged/ code-signing-certificate

Question

I know how to get the code signing certificate details, including serial number, of a signed DLL or EXE using C# DotNet. For example:

using System.Security.Cryptography.X509Certificates;
...
X509Certificate certinfo = X509Certificate.CreateFromSignedFile(filename);
byte[] serialno = certinfo.GetSerialNumber();

But how can I do that using unmanaged C/C++?

I did find an example of how to traverse a certificate store in C/++, but not how to get the certificate details of a signed EXE or DLL.

1 answers

solution1
 1 ACCPTED  2019-02-17 14:53:50

Here's an example of how to decode an executable's PKCS7 (CMS) data.

DWORD dwEncoding, dwContentType, dwFormatType;
HCERTSTORE hStore = NULL;
HCRYPTMSG hMsg = NULL;

// Get PKCS7 data

if(1)
{
    // Must be an absolute path.
    const wchar_t *filePath = L"C:\\Windows\\System32\\ntdll.dll";

    if(!CryptQueryObject(CERT_QUERY_OBJECT_FILE, filePath,
                         CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED,
                         CERT_QUERY_FORMAT_FLAG_BINARY, 0, &dwEncoding,
                         &dwContentType, &dwFormatType, &hStore,
                         &hMsg, NULL))
        return 1;
}
else
{
/*  Or do this if you want more control:

    - load exe into memory
    - find the certificate directory (WIN_CERTIFICATE)

    WIN_CERTIFICATE &winCert = ...

    CERT_BLOB certBlob = { winCert.dwLength, winCert.bCertificate };
    if(!CryptQueryObject(CERT_QUERY_OBJECT_BLOB, &certBlob, 
                         CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED,
                         CERT_QUERY_FORMAT_FLAG_BINARY, 0, &dwEncoding,
                         &dwContentType, &dwFormatType, &hStore,
                         &hMsg, NULL))
        return 1;
*/
}

// Get signers information

DWORD dwSignerCount = 0;
DWORD dwSignerCountSize = sizeof(dwSignerCount);
if(!CryptMsgGetParam(hMsg, CMSG_SIGNER_COUNT_PARAM, 0, &dwSignerCount, &dwSignerCountSize))
    return 1;

// The signer count seems to always be 1.
// Subsequent certificates can be retrieved like this:
// https://stackoverflow.com/q/36931928/2682312

for(DWORD i = 0; i < dwSignerCount; ++i)
{
    DWORD cbSignerInfo;
    if(!CryptMsgGetParam(hMsg, CMSG_SIGNER_INFO_PARAM, i, NULL, &cbSignerInfo))
        return 1;

    PCMSG_SIGNER_INFO pSignerInfo = (PCMSG_SIGNER_INFO)malloc(cbSignerInfo);
    if(!CryptMsgGetParam(hMsg, CMSG_SIGNER_INFO_PARAM, i, pSignerInfo, &cbSignerInfo))
        return 1;

    // Do something with pSignerInfo->SerialNumber

    // Enumerate nested certificates...

    free(pSignerInfo);
}

return 0;

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Access X509 Certificate store with unmanaged C++ Print an x509 certificate c++ How to get PEM encoded X509 certificate as C++ string using openssl? How to find private key in token by using X509 certificate modulus in C++ How to check the revocation status of a x509 certificate in c++ with wincrypt.h? RSA public encryption using public key from X509 certificate c++ How to convert an X509 certificate to a public key string in C++? How can i translate SecCertificateRef cert object to openssl's x509 certificate object in C++ Parse DER x509 in C or C++ x509 openssl in C
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM