Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How can I validate digital signatures for Microsoft's Portable Executable format in portable code? [closed]

Tags:

c++

validation

cross-platform

digital-signature

portable-executable

I am looking for sample code (or libraries) that can help me validate digital signatures for Windows PE files (.exe, .dll, .cab, .etc) on non-Windows platforms using C++. I am looking for a platform-independent approach.

Thanks!

like image 411
Jamaal Smith Avatar asked Jun 28 '11 22:06

Jamaal Smith

2 Answers

You could check at WINE's WinVerifyTrust implementation for a full programmatic way.

And, actually, here is a good link How to verify executable digital signatures under Linux? that complains about WINE implementation (that was back in 2008), and thus, explains the process in a quite "portable" way, provided you have something similar to OpenSSL available in your platform.

like image 156
Simon Mourier Avatar answered Sep 18 '22 05:09

Simon Mourier

There is no general answer to this, especially as you have not specified on how far do you want to port it. Linux on x86 with open source libraries will be easier, uCos running on MIPS32 or Arduino will be next to impossible ..

First, you obviously have to be able to read and parse the PE format itself, in particular you have to be able to get contents of individual sections and hash them, like .text, .data etc. For in depth look at how its put together, look here:

http://msdn.microsoft.com/en-us/magazine/cc301805.aspx http://msdn.microsoft.com/en-us/magazine/ms809762.aspx

Now you want this to be portable, so you can either roll your own PE reader/limited writer, or look around in some of the open source projects that already do this. Try ReactOS or Mono. Or if you are happy running python, try this http://code.google.com/p/pefile/

Second, as you are dealing with cryptography, digital signatures, and X.509 certificates, you pretty much need a full blown portable crypto library to perform signing, certificate chain validation and so on. If you are happy with GPL, try OpenSSL or CyaSSL, or Botan if you want BSD license.

The precise format of Authenticode signatures, the signing process and the validations process is desribed here: http://www.microsoft.com/whdc/winlogo/drvsign/Authenticode_PE.mspx ( Authenticode_PE.docx )

It will require quite a bit of code to pull everything together.

like image 22
kert Avatar answered Sep 22 '22 05:09

kert
Sign in to Comment

Related questions

how do I validate user input as a double in C++?
constexpr undefined behaviour
Which comes first? header guards, namespace and includes [closed]
Why does a perfect forwarding function have to be templated?
Why does RegCloseKey exist (when CloseHandle seems to perform the same function)?
C++: Function pointer to functions with variable number of arguments
Where in the C++11 standard does it specify when a constexpr function can be evaluated during translation?
Is it possible to have enum of enums in c++?
Assertion failed (size.width>0 && size.height>0)
How to write a C++11 template that can take a const iterator
Prevent PLT (procedure linkage table) breakpoints in GDB
some friend functions don't follow the rule
SDL2: Fast Pixel Manipulation
c++ : unsequenced modification and access to "i"
gRPC: What is the recommended way to shut down an asynchronous server in C++?
Is 'typedef' automatically inherited in C++ class?
Are empty macros allowed by the C++ language standard?
Why do char{} and char() work as a temporary variable for a char* argument?
Hash table faster in C# than C++?
What's the difference in undefined behavior between C++03 and C++11?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!