How to verify that my orgainization signed a trusted windows binary?

Question

This is a followup question to question 1072540, 'WinVerifyTrust to check for a specific signature?'.

I want to write a C++ function Lets call it TrustedByUs of the form:

bool TrustedByUs(std::string pathToBinary, std::string pathToPublicKey)

The idea is that we give this function a path to a binary .dll or .exe file that has been signed with a digital signature. The pathToPublicKey string is the path to a public key of our particular signing certificate.

Using the code in http://support.microsoft.com/kb/323809 it's pretty straight forward to verify that the pathToBinary file is in fact trusted by the operating system.

Now I'm in the same place as the writer of question 1072540, I know the OS trusts the signer of this binary, but I want to know if my organization's RSA key is the one that signed the binary.

The KB323809 shows how to extract the strings from certificate embedded in our binary file. This example shows how to extract strings from the signing certificate in its GetProgAndPublisherInfo function, but I'm uncomfortable using a string match to verfiy the certificate.

What I would like to do is extract the public key from the embedded signature and compare it to the public key that corresponds with the private key that signed my binary file in the first place.

The documentation for CryptMsgGetParam says that the CMSG_SIGNER_CERT_ID_PARAM parameter 'Returns information on a message signer needed to identify the signer's public key'. I succeed in getting the certificate's serial number with this key. My code looks like this:

// Get message handle and store handle from the signed file.
fResult = CryptQueryObject(CERT_QUERY_OBJECT_FILE,
    L"C:\\Program Files\\MySignedProgram.exe",
    CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED,
    CERT_QUERY_FORMAT_FLAG_BINARY,
    0, &dwEncoding, &dwContentType, &dwFormatType, &hStore, &hMsg, NULL);

// Get the public key information about the signer
// First get the size
DWORD dwCertIdSize(0);
fResult = CryptMsgGetParam(hMsg, CMSG_SIGNER_CERT_ID_PARAM,
    0, NULL, &dwCertIdSize);
BYTE* pCertId = new BYTE(dwCertIdSize);
::ZeroMemory(pCertId,dwCertIdSize);

// Now get the cert info
fResult = CryptMsgGetParam(hMsg, CMSG_SIGNER_CERT_ID_PARAM,
    0, (PVOID)pCertId, &dwCertIdSize);

if(fResult)
{      
    CERT_ID* pId = (CERT_ID*)pCertId;  
    pId->HashId;
    pId->dwIdChoice;
    pId->IssuerSerialNumber;  // Valid serial number (reversed)
    pId->KeyId;   
    _tprintf("pid\n");
}

This is close to what I want, but really I'd like to use the signing certificate's public key to verify that the target signed binary file was in fact created with my particular public/private key pair.

Using the CMSG_ENCRYPTED_DIGEST flag this code succeeds:

// Get digest which was encrypted with the private key
DWORD digestSize(0);
fResult = CryptMsgGetParam(hMsg, CMSG_ENCRYPTED_DIGEST, 0, NULL, &digestSize);

BYTE* pDigest = new BYTE[digestSize];

// Next CryptMsgGetParam call succeds,
// pDigest looks valid, can I use this to confirm my public key
// was used to sign MySignedProgram.exe ?
fResult = CryptMsgGetParam(hMsg, CMSG_ENCRYPTED_DIGEST, 0, pDigest, &digestSize);

Bottom line question: Given the certificate information discovered by CryptQueryObject, what technique should I used to ensure that the target file was in fact signed using the private key that corresponds to the public key that is available to me when the above code executes?

Answer 1

You want the CMSG_SIGNER_INFO_PARAM instead.

You can use this to get the entire certificate by looking up the certificate in the certificate store returned by CryptQueryObject:

CryptMsgGetParam(hMsg, 
                 CMSG_SIGNER_INFO_PARAM, 
                 0, 
                 NULL, 
                 &dwSignerInfo);
PCMSG_SIGNER_INFO pSignerInfo = (PCMSG_SIGNER_INFO) malloc(dwSignerInfo);
CryptMsgGetParam(hMsg, 
                 CMSG_SIGNER_INFO_PARAM, 
                 0, 
                 pSignerInfo, 
                 &dwSignerInfo);

PCCERT_CONTEXT pCertContext = CertFindCertificateInStore(hStore,
                                          ENCODING,
                                          0,
                                          CERT_FIND_SUBJECT_CERT,
                                          (PVOID)pSignerInfo,
                                          NULL);
// Compare with your certificate:
// - check pCertContext->pbCertEncoded (length is pCertContext->cbCertEncoded)

// *OR*
// Compare with your public-key:
// - check pCertContext->pCertInfo->SubjectPublicKeyInfo.Algorithm and
//   pCertContext->pCertInfo->SubjectPublicKeyInfo.PublicKey