In this post, I’m introducing the API which can be used to verify the signature of a Portable Executable (PE) file under windows. The applications like Process Explorer allows to verify the signature of the executables.

We can do the same thing using it using WinVerifyTrust. MSDN has a samplesnippet on the usage of this API. Let me put the same snippet (with some small modifications).

See the snippet list. It’s necessary to use Wide Character string(UNICODE) path to the file to use this function.

[sourcecode language='cpp']
BOOLVerifyEmbeddedSignature(LPCWSTR pwszSourceFile)
{
LONG lStatus;
DWORD dwLastError;

BOOL bRet = FALSE;

WINTRUST_FILE_INFO FileData;
memset(&FileData, 0, sizeof(FileData));
FileData.cbStruct = sizeof(WINTRUST_FILE_INFO);
FileData.pcwszFilePath = pwszSourceFile;
FileData.hFile = NULL;
FileData.pgKnownSubject = NULL;

GUID WVTPolicyGUID = WINTRUST_ACTION_GENERIC_VERIFY_V2;
WINTRUST_DATA WinTrustData;

// Initialize the WinVerifyTrust input data structure.
// Default all fields to 0.
memset(&WinTrustData, 0, sizeof(WinTrustData));
WinTrustData.cbStruct = sizeof(WinTrustData);

WinTrustData.pPolicyCallbackData = NULL;
WinTrustData.pSIPClientData = NULL;
WinTrustData.dwUIChoice = WTD_UI_NONE;
WinTrustData.fdwRevocationChecks = WTD_REVOKE_NONE;
// Verify an embedded signature on a file.
WinTrustData.dwUnionChoice = WTD_CHOICE_FILE;
WinTrustData.dwStateAction = 0;
WinTrustData.hWVTStateData = NULL;
WinTrustData.pwszURLReference = NULL;

// Default.
WinTrustData.dwProvFlags = WTD_SAFER_FLAG;

// This is not applicable if there is no UI because it changes
// the UI to accommodate running applications instead of
// installing applications.
WinTrustData.dwUIContext = 0;

// Set pFile.
WinTrustData.pFile = &FileData;

// WinVerifyTrust verifies signatures as specified by the GUID
// and Wintrust_Data.
lStatus = WinVerifyTrust( NULL, &WVTPolicyGUID, &WinTrustData);

switch (lStatus)
{
case ERROR_SUCCESS:
{
CString strMessage;
strMessage.Format( _T( “The file \”%s\” is signed and the signature was verified.\n”),
pwszSourceFile);
AfxMessageBox( strMessage );
bRet = TRUE;
break;
}

case TRUST_E_NOSIGNATURE:
// The file was not signed or had a signature
// that was not valid.

// Get the reason for no signature.
dwLastError = GetLastError();
if (TRUST_E_NOSIGNATURE == dwLastError ||
TRUST_E_SUBJECT_FORM_UNKNOWN == dwLastError ||
TRUST_E_PROVIDER_UNKNOWN == dwLastError)
{
CString strMessage;
// The file was not signed.
strMessage.Format( _T( “The file \”%s\” is not signed.\n”), pwszSourceFile);
AfxMessageBox( strMessage );
}
else
{
// The signature was not valid or there was an error
// opening the file.
CString strMessage;

strMessage.Format( _T( “An unknown error occurred trying to ”
L”verify the signature of the \”%s\” file.\n”),
pwszSourceFile);
AfxMessageBox(strMessage);
}

break;

case TRUST_E_EXPLICIT_DISTRUST:
// The hash that represents the subject or the publisher
// is not allowed by the admin or user.
AfxMessageBox(L”The signature is present, but specifically disallowed.\n”);
break;

case TRUST_E_SUBJECT_NOT_TRUSTED:
// The user clicked “No” when asked to install and run.
AfxMessageBox( _T( “The signature is present, but not trusted.\n”));
break;

case CRYPT_E_SECURITY_SETTINGS:
/*
The hash that represents the subject or the publisher
was not explicitly trusted by the admin and the
admin policy has disabled user trust. No signature,
publisher or time stamp errors.
*/
MessageBoxW(L”CRYPT_E_SECURITY_SETTINGS – The hash ”
L”representing the subject or the publisher wasn’t ”
L”explicitly trusted by the admin and admin policy ”
L”has disabled user trust. No signature, publisher ”
L”or timestamp errors.\n”);
break;

default:
// The UI was disabled in dwUIChoice or the admin policy
// has disabled user trust. lStatus contains the
// publisher or time stamp chain error.
{
CString strMessage;
strMessage.Format( _T( “Error is: 0x%x.\n”), lStatus );
AfxMessageBox( strMessage );
break;
}
}
return bRet;
}
[/sourcecode]

I finished with "The Angel of God" by Jyothi Menon. Jyothi is currently Senior Vice President and Head of HR Shared Services at Scope International, Standard Chartered Bank based out of Chennai. (as described in her LinkedIn profile)

The book is talking about three parallel stories of Moosa, Bhaskaran and Aboobacker(also his lost brother coming into seen in the half way). Moosa had born and brought up in Dharawi which is regarded as the largest slum in Asia. The bad living condition and his family situations made him a criminal, who started everything by killing his own father who tried to rape his sister. Soon he became a hired professional killer. He built up his own gang and he slowly started controlling the Mumbai underworld. He started various business and those made his rich than anyone else. Even he’s doing dirty business, the people who were working for him was very happy. His generosity was infamous among people.

As part of expanding business, Aboobacker is getting introduced to the scene who was very honest and brave enough and was working for a rich man in Kozhikode, Kerala. Aboobacker worked well for Moosa and the returns from Moosa was more than enough, that he can think of. Sooner he became a rich man in the area and he also started several business.

Another guy called Bhasakaran also plays critical role in Moosa’s life and later he inspired,mentored Bhasakaran to get serious about life and do well with his studies. Also Moosa finds his lost brother Raashid, who later undertaken Moosa’s business.

The way Moosa becoming the best with his business, the humanity inside him, how he made others life better. How he made his family. Those are the highlights of this novel. And Jyo did it well.

The story always propagated the fact that, "people are the key to success". (Of course we should expect this from a HR professional no?). During some chapters the novel became a people management chapters and it was quite inspiring. Jyo’s way of writing is marvellous. It’s simple, professional and never make you stop anywhere in between(**cough,cough***)

The few problems I’ve noticed are that, the redundant sentences in many chapters like "~ best in the world", "best minds where money can buy" etc. I never felt comfortable with this redundant sentences and sometimes it gives us an exaggerated or boasted feeling of the situation. Also few abrupt ending of chapters, some lame comparisons were not suitable for her stunning story. There’s a guy introduced in a chapter, who taught Moosa about table manners, dressing and all. at the end of the very quick chapter he’s passed away. Actually it was really odd in that situation. Another example is Aboobacker’s newspaper becomes "the best" in recent surveys. Actually these kind of sentences had given an odd feeling. Except all these the story is good, interesting, simple and surely it inspires, motivates you for a better tomorrow.

In one of the previous post I mentioned about How to rename a file using windows API. Many people have asked is there any other option than using MoveFile API for renaming a file. Yes! there’s an alternative you can C-Runtime function rename, _wrenameto rename a file. This code will be portable across platforms as it’s part of standard library function. You can also use _trename , which is a typedef of rename_wrename to make the call compatible with both UNICODE and Non-UNICODE character set

See the sample taken from MSDN itself for renaming a file.
[sourcecode language='cpp']

int _tmain(int argc, _TCHAR* argv[])
{
TCHAR old_filename[] = _T(“CRT_RENAMER.OBJ”), new_filename[] = _T(“CRT_RENAMER.JBO”);

/* Attempt to rename file: */
int result = _trename( old_filename, new_filename );
if( result != 0 )
_tcprintf( _T(“Could not rename ‘%s’\n”), old_filename );
else
_tcprintf( _T(“File ‘%s’ renamed to ‘%s’\n”), old_filename, new_filename );
return 0;
}
[/sourcecode]
–Updated–
2009/05/25 – Made the sample source compatible with both UNICODE and non-UNICODE character set.
2009/05/25 – Updated few typos