Verifying a CTL

To make it more difficult for an interloper to substitute a bogus certificate trust list (CTL) for an existing one, verify the signature on the CTL each time the CTL is used. Do not use a CTL that does not contain a trusted signature.

Aa388188.wedge(en-us,VS.85).gifTo verify a CTL signature

  1. Open the certificate store containing the desired CTL.
  2. Get a handle to a CTL_CONTEXT for the CTL. This can be done by calling any of the functions that return a handle to the CTL_CONTEXT, such as CertFindCTLInStore.
  3. Call CryptMsgGetAndVerifySigner, passing the CTL_CONTEXT retrieved in step 2 in the hCryptMsg parameter, a handle to the certificate store containing the certificate of the trusted source for CTLs in the rghSignerStore parameter, and the CMSG_TRUSTED_SIGNER_FLAG in the dwFlags parameter. If the function returns TRUE, the signature was verified, and a pointer to the CTL signer's PCCERT_CONTEXT is returned in the ppSigner parameter.