Click here to Skip to main content
15,868,049 members
Please Sign up or sign in to vote.
3.00/5 (2 votes)
I am writing a driver and I need to check the signature of a PE file in it. I know how to do it in user mode and it works fine according to http://forum.sysinternals.com/topic19247.html[^] but now I need to do the same in my driver, I can not use the headers like "wintrust.h" in my driver so I am clueless. Any suggestions on how to verify PE signatures in kernel mode?

Thanks
Posted
Comments
Abhishek Pant 23-Dec-12 3:07am    
c:\program files\microsoft visual studio\vc98\include\wintrust.h
http://www.codeproject.com/Messages/1219457/wintrust-h.aspx
lilyNaz 23-Dec-12 3:10am    
I know where wintrust is but my problem is that I cannot include wintrust.h in the driver, because it causes so many errors.
lilyNaz 23-Dec-12 3:17am    
Thank you for the link but I still have the same problem
Abhishek Pant 23-Dec-12 3:29am    
http://msdn.microsoft.com/en-us/library/windows/desktop/aa388208(v=vs.85).aspx

1 solution

Hi,
Wintrust.h and wincrypt.h use type definitions and / or macros which are defined in or indirectly from windows.h
This means that windows.h must be included before the wincrypt and wintrust headers.

It seems (from the error listing you posted above) like you include hierarchy does not include windows.h before wintrust or wincrypt.

Just adding the window.h include line before you include wintrust/wincrypt should make it compile. It worked when I tried the specific scenarios.

I hope this helps.
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900