none
What is new alternative for CryptQueryObject because it is deprecated RRS feed

  • Question

  • I am using this deprecated api to get handle to store and msg, which I am using to extract issuer of certificate.

    Please let me know whats new api to extract store and msg handle as other functions are not deprecated like

    CryptMsgGetParam

    CertFindCertificateInStore

    CertGetNameString

    Thursday, October 17, 2019 6:07 PM

All replies

  • Hello vibhor_kumar,

    I haven't found the replacement APIs in CNG (Cryptography Next Generation APIs).

    I'll consult the related engineer to see if the document needs some update.

    Best regards,

    Rita


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Friday, October 18, 2019 2:27 AM
  • My comments were not relevant.



    Sam Hobbs
    SimpleSamples.Info


    • Edited by Simple Samples Friday, October 18, 2019 7:36 PM My comments were not relevant.
    Friday, October 18, 2019 6:22 PM
  • Hi Rita,

    On 1 msdn page its mentioned, how to get information of authenticode from signed executable using cryptqueryobject.

    https://support.microsoft.com/en-us/help/323809/how-to-get-information-from-authenticode-signed-executables

    while on man page of cryptqueryobject , its written that api is depricated, so please let me know if its depricated what is alternative

    way to get authenticode from signed executable.

    https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptqueryobject

    Friday, October 18, 2019 7:24 PM
  • Hello vibhor_kumar,

    To extract issuer of a certificate from a signed executable you can use CertGetNameString as replacement. Here is an example:

    	HMODULE hDllCrypt32 = NULL;
    	PFnCertGetNameString pfnCertGetNameString = NULL;
    	HANDLE hFile = INVALID_HANDLE_VALUE;
    	DWORD dwCertCount = 0;
    	WIN_CERTIFICATE certHeader;
    	WIN_CERTIFICATE *pCert = NULL;
    	char  *pCertBuf = NULL;
    	PCCERT_CONTEXT pCertContext = NULL;
    	TCHAR *pSubjectName = NULL;
    	const WCHAR *TargetModule = L"C:\\Program Files (x86)\\Windows Kits\\10\\bin\\10.0.18362.0\\x86\\betest.exe";
    
    	hDllCrypt32 = LoadLibrary(CRYPT32_DLL);
    	pfnCertGetNameString = (PFnCertGetNameString)GetProcAddress(hDllCrypt32, "CertGetNameStringW");
    
    	hFile = CreateFile(TargetModule, FILE_READ_DATA, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL | FILE_FLAG_RANDOM_ACCESS, NULL);
    	if (!ImageEnumerateCertificates(hFile, CERT_SECTION_TYPE_ANY, &dwCertCount, NULL, 0))
    	{
    		std::cout << "ImageEnumerateCertificates error: " << GetLastError() << std::endl;
    		return FALSE;
    	}
    
    	certHeader.dwLength = 0;
    	certHeader.wRevision = WIN_CERT_REVISION_1_0;
    	if (!ImageGetCertificateHeader(hFile, 0, &certHeader))
    	{
    		std::cout << "ImageGetCertificateHeader error: " << GetLastError() << std::endl;
    		return FALSE;
    	}
    
    	DWORD dwCertLen = certHeader.dwLength;
    	pCertBuf = new char[sizeof(WIN_CERTIFICATE) + dwCertLen];
    	pCert = (WIN_CERTIFICATE *)pCertBuf;
    	pCert->dwLength = dwCertLen;
    	pCert->wRevision = WIN_CERT_REVISION_1_0;
    	if (!ImageGetCertificateData(hFile, 0, pCert, &dwCertLen))
    	{
    		std::cout << "ImageGetCertificateData error: " << GetLastError() << std::endl;
    		return FALSE;
    	}
    
    	DWORD dwDecodeSize = 0;
    	CRYPT_VERIFY_MESSAGE_PARA para = { 0 };
    	para.cbSize = sizeof(para);
    	para.dwMsgAndCertEncodingType = X509_ASN_ENCODING | PKCS_7_ASN_ENCODING;
    
    	if (!CryptVerifyMessageSignature(&para, 0, pCert->bCertificate, pCert->dwLength, NULL, &dwDecodeSize, &pCertContext))
    	{
    		std::cout << "CryptVerifyMessageSignature error: " << GetLastError() << std::endl;
    		return FALSE;
    	}
    
    	DWORD dwSubjectSize = pfnCertGetNameString(pCertContext, CERT_NAME_SIMPLE_DISPLAY_TYPE, CERT_NAME_ISSUER_FLAG, NULL, NULL, 0);
    	if (dwSubjectSize <= 0)
    	{
    		std::cout << "pfnCertGetNameString error: " << GetLastError() << std::endl;
    		return FALSE;
    	}
    
    	pSubjectName = new TCHAR[dwSubjectSize];
    	pfnCertGetNameString(pCertContext, CERT_NAME_SIMPLE_DISPLAY_TYPE, CERT_NAME_ISSUER_FLAG, NULL, pSubjectName, dwSubjectSize);
    
    	wprintf(pSubjectName);

    Feel free let me know if you have any concern.

    Best regards,

    Rita


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Tuesday, November 5, 2019 7:27 AM