static extern WinVerifyTrustResult WinVerifyTrust(

Declare Function WinVerifyTrust Lib "wintrust.dll" (TODO) As TODO

     enum WinVerifyTrustResult : uint

        static extern WinVerifyTrustResult WinVerifyTrust(

        // call WinTrust.WinVerifyTrust() to check embedded file signature

            WinVerifyTrustResult result = WinVerifyTrust(INVALID_HANDLE_VALUE, guidAction, wtd);

            bool ret = (result == WinVerifyTrustResult.Success);

I noted that under some cicumstances the destructors are called too early and memory is corrupted, therefore WinVerifyTrust returning FileNotSigned even if the file was actually signed. I recommend replacing the destructors with Dispose() and calling dispose at the end of VerifyEmbeddedSignature().

[Michael Zarlenga] First, thank you so much for this code! You saved me a lot of work and time. I also experienced corrupted memory issues (access violation exceptions). The problem is, as soon as you exit the WinTrustData constructor, WinTrustFileInfo can be destroyed, before (or even during) the call into WinVerifyTrust. To explicitly call .Dispose() on WinTrustFileInfo from WinTrustData, you need the object reference held in a scope external to the constructor but then sizeof WinTrustData will be wrong. Long story short, I solved that by instantiating a WinTrustFileInfo object myself and passing that to the WinTrustData constructor to use. I implemented .Dispose() on WinTrustData and WinTrustFileInfo and called them both, myself, after the call to WinVerifyTrust completed:

        // specify the WinVerifyTrust function/action that we want

        // call into WinVerifyTrust

        return WinVerifyTrust(INVALID_HANDLE_VALUE, action, winTrustData);