SignatureVerificationResult Enum
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Specifies most of the result codes for signature verification.
public enum class SignatureVerificationResultpublic enum SignatureVerificationResulttype SignatureVerificationResult = Public Enum SignatureVerificationResult- Inheritance
Fields
| Name | Value | Description |
|---|---|---|
| SystemError | -2146869247 | A system-level error occurred while verifying trust. |
| InvalidSignerCertificate | -2146869246 | The certificate for the signer of the message is invalid or not found. |
| InvalidCountersignature | -2146869245 | One of the counter signatures is invalid. |
| InvalidCertificateSignature | -2146869244 | The signature of the certificate cannot be verified. |
| InvalidTimestamp | -2146869243 | The time stamp signature or certificate could not be verified or is malformed. |
| BadDigest | -2146869232 | The digital signature of the object did not verify. |
| BasicConstraintsNotObserved | -2146869223 | The basic constraint extension of a certificate has not been observed. |
| UnknownTrustProvider | -2146762751 | The certificate has an unknown trust provider. |
| UnknownVerificationAction | -2146762750 | The certificate has an unknown verification action. |
| BadSignatureFormat | -2146762749 | The signature format is invalid. |
| CertificateNotExplicitlyTrusted | -2146762748 | The certificate is not trusted explicitly. |
| MissingSignature | -2146762496 | The signature is missing. |
| CertificateExpired | -2146762495 | The certificate has expired. |
| InvalidTimePeriodNesting | -2146762494 | A certificate was issued after the issuing certificate has expired. |
| InvalidCertificateRole | -2146762493 | The certificate has an invalid role. |
| PathLengthConstraintViolated | -2146762492 | A path length constraint in the certification chain has been violated. |
| UnknownCriticalExtension | -2146762491 | A certificate contains an unknown extension that is marked critical. |
| CertificateUsageNotAllowed | -2146762490 | The certificate cannot be used for signing and verification. |
| IssuerChainingError | -2146762489 | A parent of a given certificate did not issue that child certificate. |
| CertificateMalformed | -2146762488 | The certificate is missing or has an empty value for an important field, such as a subject or issuer name. |
| UntrustedRootCertificate | -2146762487 | The root certificate is not trusted. |
| CouldNotBuildChain | -2146762486 | The chain could not be built. |
| GenericTrustFailure | -2146762485 | There is a general trust failure with the certificate. |
| CertificateRevoked | -2146762484 | The certificate has been revoked. |
| UntrustedTestRootCertificate | -2146762483 | The test root certificate is not trusted. |
| RevocationCheckFailure | -2146762482 | The revocation check failed. |
| InvalidCertificateUsage | -2146762480 | The certificate has an invalid usage. |
| CertificateExplicitlyDistrusted | -2146762479 | The certificate was explicitly marked as not trusted by the user. |
| UntrustedCertificationAuthority | -2146762478 | The certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider. |
| InvalidCertificatePolicy | -2146762477 | The certificate has an invalid policy. |
| InvalidCertificateName | -2146762476 | The certificate has an invalid name. The name is either not included in the permitted list or is explicitly excluded. |
| Valid | 0 | The certificate verification result is valid. |
| AssemblyIdentityMismatch | 1 | The identity of the assembly specified in the /asm:assembly/asm:assemblyIdentity node of the manifest does not match the identity of the assembly in the Authenticode signature in the /asm:assembly/ds:signature/ds:KeyInfo/msrel:RelData/r:license/r:grant/as:ManifestInformation/as:assemblyIdentity node. |
| ContainingSignatureInvalid | 2 | The strong name signature does not verify in the AuthenticodeSignatureInformation object. Because the strong name signature wraps the Authenticode signature, someone could replace the Authenticode signature with a signature of their choosing. To prevent this, this error code is returned if the strong name does not verify because substituting a part of the strong name signature will invalidate it. |
| PublicKeyTokenMismatch | 3 | The public key token from the manifest identity in the /asm:assembly/asm:AssemblyIdentity node does not match the public key token of the key that is used to sign the manifest. |
| PublisherMismatch | 4 | The publisher name from /asm:assembly/asmv2:publisherIdentity does not match the subject name of the signing certificate, or the issuer key hash from the same publisherIdentity node does not match the key hash of the signing certificate. |
Remarks
A successful verification returns the Valid result.
HRESULT values are generally returned by the unmanaged Microsoft Cryptographic API (CAPI); the other values are set by managed verification. This enumeration is not comprehensive of all possible HRESULT values and is subject to change.
