Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Checking digital signature on EXE

Tags:

c#

.net

exe

x509

My .NET exe is signed using signtool. Using this code, I can verify the validity of the certificate itself:

var cert = X509Certificate.CreateFromSignedFile("application.exe");
var cert2 = new X509Certificate2(cert.Handle);
bool valid = cert2.Verify();

However, this only checks the certificate itself, and not the signature of the EXE. Therefore, if the EXE is tampered with, this method doesn't detect it.

How can I check the signature?

like image 326
LTR Avatar asked Jun 05 '14 12:06

LTR


People also ask

How can I tell if an EXE file is signed?

Step 1: Right-click on the program that you want to check and select properties from the context menu that is displayed. Step 2: Select the Digital Signatures tab in the Properties window. Step 3: If you see signatures listed on the tab, you know that the file has been signed digitally.

How do you check if a file has a digital signature?

Open the file that contains the certificate you want to view. Click File > Info > View Signatures. In the list, on a signature name, click the down-arrow, and then click Signature Details.

What is digital signature for exe files?

Executable signing certificates, commonly referred to as code signing certificates, are digital files you can use to digitally sign executable files (.exe files). The code signing certificate uses a cryptographic hash that validates the executable file's integrity and authenticity.


1 Answers

You need to call (P/Invoke) WinVerifyTrust() function from wintrust.dll. There is (as far as I know) no alternative in managed .NET.

You can find documentation of this method here.

Someone already asked this question on SO. It was not accepted, but it should be correct (I only scrolled through). Take a look.

You could also take a look at this guide but they really do the same.

like image 105
pepo Avatar answered Oct 23 '22 02:10

pepo