From .NET verify a dll has valid signature and has not been modified
Question
My c# .NET program accesses a c++ library.
The library is signed with a certificate and is in the same folder as the program.
At runtime, before i load the c++ library, i want to make sure the library is really mine and has not been tampered with.
I have been able to get the certificate from my dll and verify the certificate :
X509Certificate2 cert = new X509Certificate2(X509Certificate.CreateFromSignedFile(filename));
Console.WriteLine(cert.Issuer);`
cert.Verify();`
This tells me the file certificate is ok, but if I then hexedit my file and run my program again, the certificate still validates ok.
Where can I find in the certificate the hash of my library (not the hash of the certificate) and how can I create the hash of my library to compare them so I can detect the file being tampered with?
I suspect it should be simple, maybe I overlooked something.
1 answers
solution1
0 2018-05-26 05:39:40
PInvoke the native Windows API WinVerifyTrust , which is documented by Microsoft at MSDN with a sample in C.
There might be managed examples by others if you use a search engine.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.