相关疑难解决方法(0)

我正在尝试编写从DLL或EXE读取签名(证书)的代码.大多数DLL或EXE只有一个签名,我的代码正确读取与此签名关联的所有证书.更具体地说,它读取签名证书,它是发行者(不是root),签名证书(带有时间戳)和它的发行者(不是root).我有2个C++和C#示例程序,它们都返回相同的证书.这是C#代码,C++是100倍长:)

static void Main(string[] args)
{
    X509Certificate2Collection collection = new X509Certificate2Collection();
    collection.Import(args[0]);
}

但是有一些DLL有2个签名,如文件属性/数字签名所示,例如C:\ Program Files(x86)\ Microsoft SQL Server\80\Tools\Binn\msvcr71.dll:

对于此DLL,我的代码只读取与第一个签名关联的证书.

我也尝试使用signtool,它返回与我的代码相同的信息:first cert(带有它的路径)和counterignature(带有它的路径).但最后还要注意错误.

C:\Windows>signtool verify /d /v "C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\msvcr71.dll"

Verifying: C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\msvcr71.dll
Signature Index: 0 (Primary Signature)
Hash of file (sha1): 33BBCCF6326276B413A1ECED1BF7842A6D1DDA07

Signing Certificate Chain:
Issued to: Microsoft Root Certificate Authority
Issued by: Microsoft Root Certificate Authority
Expires:   Sun May 09 19:28:13 2021
SHA1 hash: CDD4EEAE6000AC7F40C3802C171E30148030C072

    Issued to: Microsoft Code Signing PCA
    Issued by: Microsoft …