C#:如何检测篡改authenti code签署文件 [英] C#: How to detect tampering of authenticode signed file
问题描述
我试图写一个C#程序,验证了exe文件的数字签名。该EXE的是与authenti code证书签名,我想检测篡改。
I'm trying to write a C# program that verifies the digital signature of exe's. The exe's are signed with an authenticode certificate, and I want to detect tampering.
我已经能够创建一个SignedCms实例如下所述:<一href="http://stackoverflow.com/questions/3281057/get-timestamp-from-authenti$c$c-signed-files-in-net">Get从Authenti code签名的文件时间戳.NET
I've been able to create a SignedCms instance as described here: Get timestamp from Authenticode Signed files in .NET
我认为SignedCms.CheckSignature会做的伎俩,但这种方法不会抛出异常。即使不是当我修改exe文件的某些位...
I assumed SignedCms.CheckSignature would do the trick, but this method never throws an exception... Even not when I modify some bits of the exe...
推荐答案
我假设你已经冲刷的.NET框架文档,并没有找到你需要的东西。这个问题的答案<一个href="http://stackoverflow.com/questions/301024/validate-authenti$c$c-signature-on-exe-c-without-capicom">this StackOverflow的问题有介绍如何使用本机Windows CryptQueryObject函数来验证签名的链接。因此,所有剩下的就是检查出 PInvoke.NET来看看如何把该功能为.NET 。
I'm assuming you've scoured the .NET Framework docs and didn't find what you needed. The answer to this StackOverflow question has a link that describes how to use the native Windows CryptQueryObject function to verify a signature. So all that's left is to check out PInvoke.NET to see how to bring that function into .NET.
这篇关于C#:如何检测篡改authenti code签署文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
