I am looking for sample code (or libraries) that can help me validate digital signatures for Windows PE files (.exe, .dll, .cab, .etc) on non-Windows platforms using C++. I am looking for a platform-independent approach.
Thanks!
You could check at WINE's WinVerifyTrust implementation for a full programmatic way.
And, actually, here is a good link How to verify executable digital signatures under Linux? that complains about WINE implementation (that was back in 2008), and thus, explains the process in a quite "portable" way, provided you have something similar to OpenSSL available in your platform.
There is no general answer to this, especially as you have not specified on how far do you want to port it. Linux on x86 with open source libraries will be easier, uCos running on MIPS32 or Arduino will be next to impossible ..
First, you obviously have to be able to read and parse the PE format itself, in particular you have to be able to get contents of individual sections and hash them, like .text, .data etc. For in depth look at how its put together, look here:
http://msdn.microsoft.com/en-us/magazine/cc301805.aspx http://msdn.microsoft.com/en-us/magazine/ms809762.aspx
Now you want this to be portable, so you can either roll your own PE reader/limited writer, or look around in some of the open source projects that already do this. Try ReactOS or Mono. Or if you are happy running python, try this http://code.google.com/p/pefile/
Second, as you are dealing with cryptography, digital signatures, and X.509 certificates, you pretty much need a full blown portable crypto library to perform signing, certificate chain validation and so on. If you are happy with GPL, try OpenSSL or CyaSSL, or Botan if you want BSD license.
The precise format of Authenticode signatures, the signing process and the validations process is desribed here: http://www.microsoft.com/whdc/winlogo/drvsign/Authenticode_PE.mspx ( Authenticode_PE.docx )
It will require quite a bit of code to pull everything together.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With