Win API call to check if cert is valid?

Windows specific forum
Mike Yurgalavage
Enthusiast
Enthusiast
Posts: 118
Joined: Thu May 17, 2007 8:35 pm
Location: USA

Win API call to check if cert is valid?

Post by Mike Yurgalavage »

Hi guys. To address some of the anti virus false positives that come along with using Purebasic as a programming platform, we've gotten ahold of a certificate and are applying it to our .exe compilations. One of the things that we considered that might be of use with this is that the cert process creates a CRC within the .exe. We may make a call (if it exists) to a function to check the running process to see if it's been tampered with by calling a windows api call. Is there such a windows api call to 'check a file certification'?

For instance:

Program X, we compiled, and then has had a certification added to it.
Could we add a windows api call into our program that, 1) checks to see if cert is applied then, 2) checks the cert/CRC to see if the file still checks out? I assume it would be a call that took the directory and name of the program you are wishing to check.

In this way, we could use our cert as a sort of DRM or integrity check and then if it's not CRC or has been tampered with, then we can have it do alternate code or shut down certain functionality.

Are there any windows api calls that can be called directly within our programs to do this? We are not interested in trying to run a tool or some third party software to do this.

It's just an idea or a thought. Right now we have CRC that we did ourselves, but unfortunately the CRC gets modified when cert is applied, so we are looking for alternate ways to have cert/CRC/integrity check, etc.

thanks in advance for any ideas or information.
Mike Yurgalavage
Enthusiast
Enthusiast
Posts: 118
Joined: Thu May 17, 2007 8:35 pm
Location: USA

Re: Win API call to check if cert is valid?

Post by Mike Yurgalavage »

I see this (The WinVerifyTrust API):

https://docs.microsoft.com/en-us/window ... -a-pe-file

Is anyone used this api or can translate an example out of this link to info and source code for PB?

best,
Mike
JHPJHP
Addict
Addict
Posts: 2129
Joined: Sat Oct 09, 2010 3:47 am
Contact:

Re: Win API call to check if cert is valid?

Post by JHPJHP »

Hi Mike Yurgalavage,

See this post by Thunder93: Verifty Digital Signatures with PB

Alternate method: CryptQueryObject...

Windows Services & Other Stuff
- \Other_Stuff\OtherStuff\CryptQueryObject.pb
Mike Yurgalavage
Enthusiast
Enthusiast
Posts: 118
Joined: Thu May 17, 2007 8:35 pm
Location: USA

Re: Win API call to check if cert is valid?

Post by Mike Yurgalavage »

JHPJHP wrote:Hi Mike Yurgalavage,

See this post by Thunder93: Verifty Digital Signatures with PB

Alternate method: CryptQueryObject...

Windows Services & Other Stuff
- \Other_Stuff\OtherStuff\CryptQueryObject.pb
Thanks for reply!

Got it sorted

best,
Mike
Post Reply