The MsiGetFileSignatureInformation function takes the path to a file that has been digitally signed and returns the file's signer certificate and hash. MsiGetFileSignatureInformation may be called to obtain the signer certificate and hash needed to populate the MsiDigitalCertificate, MsiPatchCertificate, and MsiDigitalSignature tables.
Windows Installer 3.0 and later: Beginning with Windows Installer 3.0, the Windows Installer can verify the digital signatures of patches (.msp files) by using the MsiPatchCertificate and MsiDigitalCertificate tables. For more information see Guidelines for Authoring Secure Installations and User Account Control (UAC) Patching.
Windows Installer 2.0: Digital signatures of patches is not supported. Windows Installer 2.0 uses digital signatures as a means to detect corrupted resources, and can only verify the digital signatures of external cabinets, and only by the use of the MsiDigitalSignature and MsiDigitalCertificate tables.
HRESULT MsiGetFileSignatureInformationA( LPCSTR szSignedObjectPath, DWORD dwFlags, PCCERT_CONTEXT *ppcCertContext, LPBYTE pbHashData, LPDWORD pcbHashData );
Pointer to a null-terminated string specifying the full path to the file that contains the digital signature.
Special error case flags.
Returned signer certificate context
Returned hash buffer. This parameter can be NULL if the hash data is not being requested.
Pointer to a variable that specifies the size, in bytes, of the buffer pointed to by the pbHashData parameter. This parameter cannot be NULL if pbHashData is non-NULL. If ERROR_MORE_DATA is returned, pbHashData gives the size of the buffer required to hold the hash data. If ERROR_SUCCESS is returned, it gives the number of bytes written to the hash buffer. The pcbHashData parameter is ignored if pbHashData is NULL.
||Invalid parameter was specified.|
WinVerifyTrust is not available on the system. MsiGetFileSignatureInformation requires the presence of the Wintrust.dll file on the system.
||A buffer is too small to hold the requested data. If ERROR_MORE_DATA is returned, pcbHashData gives the size of the buffer required to hold the hash data.|
||File is not signed|
||The file's current hash is invalid according to the hash stored in the file's digital signature.|
||The file's signer certificate has been revoked. The file's digital signature is compromised.|
||The subject failed the specified verification action. Most trust providers return a more detailed error code that describes the reason for the failure.|
||The trust provider is not recognized on this system.|
||The trust provider does not support the specified action.|
||The trust provider does not support the form specified for the subject.|
MsiGetFileSignatureInformation also returns all the Win32 error values mapped to their equivalent HRESULT data type by HRESULT_FROM_WIN32.
When requesting only the certificate context, an invalid hash in the digital signature does not cause MsiGetFileSignatureInformation to return a fatal error. To return a fatal error for an invalid hash, set the MSI_INVALID_HASH_IS_FATAL flag in the dwFlags parameter.
The certificate context and hash information is extracted from the file by a call to WinVerifyTrust. The ppcCertContext parameter is a duplicate of the signer certificate context from the signature. It is the responsibility of the caller to call CertFreeCertificateContext to free the certificate context when finished.
Note that MsiGetFileSignatureInformation requires the presence of the Wintrust.dll file on the system.
|Minimum supported client||Windows Installer 5.0 on Windows Server 2012, Windows 8, Windows Server 2008 R2 or Windows 7. Windows Installer 4.0 or Windows Installer 4.5 on Windows Server 2008 or Windows Vista. Windows Installer on Windows Server 2003 or Windows XP. See the Windows Installer Run-Time Requirements for information about the minimum Windows service pack that is required by a Windows Installer version.|