473,405 Members | 2,282 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > visual basic .net > questions > verifying digital signatures in code

Join Bytes to post your question to a community of 473,405 software developers and data experts.

Verifying Digital Signatures in Code

I've recently started signing all EXEs that come out of here. I would
like to verify the signature at startup to detect any changes to the EXE
itself. Is something like that possible?

I'm using VB.NET 2003..

--
- Mitchell Vincent
Jun 28 '06 #1
5 4569
Hi Mitchell,

Thanks for your post!

Can you tell me which type of Exe do you want to sign? If you want to sign
..Net assembly, I recommend you use Strong Name technology to get this done.
Strong Name is a build-in security feature for protecting .Net assemblies,
and after signing with Strong Name, CLR will help you to verify the
assembly at loading time. Please refer to the articles below for more
information:
"Cracking .NET Assemblies"
http://www.grimes.demon.co.uk/worksh...WSCrackOne.htm
"Security Briefs: Strong Names and Security in the .NET Framework"
http://msdn.microsoft.com/library/de...us/dnnetsec/ht
ml/strongNames.asp

If you want to sign a normal PE file, you can leverage signcode.exe to get
this done, it is shipped with Platform SDK.

Below are two articles that describe how to use it to sign a file:
"Digital Signing for ActiveX Components"
http://msdn.microsoft.com/library/de...us/vbcon98/htm
l/vbconunderstandingdigitalsigning.asp

"Signing Files and Checking Signatures"
http://msdn.microsoft.com/library/de...us/security/cr
yptotools_6cdv.asp

In .Net, you can use System.Diagnostics.Process class to invoke
signcode.exe with command line programmatically.

Hope this helps!

Best regards,
Jeffrey Tan
Microsoft Online Community Support
==================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

Jun 29 '06 #2
Jeffrey Tan[MSFT] wrote:
Hi Mitchell,

Thanks for your post!

Can you tell me which type of Exe do you want to sign? If you want to sign
.Net assembly, I recommend you use Strong Name technology to get this done.
Strong Name is a build-in security feature for protecting .Net assemblies,
and after signing with Strong Name, CLR will help you to verify the
assembly at loading time. Please refer to the articles below for more
information:

"Signing Files and Checking Signatures"
http://msdn.microsoft.com/library/de...us/security/cr
yptotools_6cdv.asp

In .Net, you can use System.Diagnostics.Process class to invoke
signcode.exe with command line programmatically.


"We apologize for the inconvenience, but the page you are seeking cannot
be found in this location." - on that last link.

I just want to verify the signature, and was hoping to not have to rely
on signcode.exe (which, by the way, can I ship with my application?).

Thanks!

--
- Mitchell Vincent
Jun 29 '06 #3
Hi Mitchell,

Thanks for your feedback!

To sign a PE file programmatically, you may leverage CAPICOM 2.0.0.1
capability for Authenticode signatures:
http://msdn.microsoft.com/library/de...us/seccrypto/s
ecurity/signedcode.asp

CAPICOM is available to be downloaded here:
http://www.microsoft.com/downloads/d...&FamilyID=860E
E43A-A843-462F-ABB5-FF88EA5896F6

Below is some general steps for signing:
1. Signer.Load --> Loads a signing certificate from a specified PFX file.
2. SignedCode.Sign --> The Sign method creates an Authenticode digital
signature and signs the executable file specified in the
SignedCode.FileName property.
3. Signer.Certificate.PrivateKey.Delete().

Michel Gallant MVP has written a sample tool, please refer to the link
below:
"JAuth/Authnet: Authenticode Signature Verification Utilities"
http://www.jensign.com/JavaScience/jauth/

Finally, if you are interested in CAPICOM capability, below is very good
article:
"Extending .NET Cryptography with CAPICOM and P/Invoke"
http://msdn.microsoft.com/library/de...us/dncapi/html
/netcryptoapi.asp

Hope this helps!

Best regards,
Jeffrey Tan
Microsoft Online Community Support
==================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

Jun 30 '06 #4
Jeffrey Tan[MSFT] wrote:
Hi Mitchell,

Thanks for your feedback!
Thanks Jeffery, I'll give all this a try!

--
- Mitchell Vincent
Jul 3 '06 #5
Ok, if you need further help, please feel free to feedback. Thanks.

Best regards,
Jeffrey Tan
Microsoft Online Community Support
==================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

Jul 4 '06 #6
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

7
Which type of digital certificate to get from VeriSign for SignedXML
by: Guangxi Wu | last post by:
Hi all, Happy New Year. I am using SignedXML and an X509 certificate to digitally sign a SOAP message body and put the signature in the SOAP header for a B2B business application. Can you...
.NET Framework
5
XML Digital Signatures
by: John Campbell | last post by:
Hi everyone I've been doing my best to understand the specifics of implimentating XML Digital Signatures, but I seem to be missing a fundamental concept. Let me start with a description of the...
.NET Framework
0
Any good resources for digital signatures?
by: Bradley Ward | last post by:
I have been searching and searching online for code examples of using both ..net framework and also WSE 2.0 classes to digitally sign a SOAP document and then verify the document. I got a few...
.NET Framework
0
Digital signatures for macros
by: dixie | last post by:
My application developed in A2k has recently been run on an Access 2003 system and when it starts up there is a message that suggests that the macros need digital signatures. How do I create...
Microsoft Access / VBA
6
Programmatically Working with Digital Signatures
by: Matt Frame | last post by:
I have a client that has asked us to get a digital signature certificate and start digitally signing all files we pass between each other. I have heard of the subject and know about the certs but...
Visual Basic .NET
1
Word 2003 and Digital Signatures
by: karflips33 | last post by:
Is it possible to automate the signing of Word 2003 docs with Digital Signatures? My problem with the code approach using ActiveDocument.Signatures.Add
Visual Basic .NET
6
Help with Digital Signatures
by: simon | last post by:
I created an access database and digitally signed it. I then gave a copy of this Database to a friend. A few months later he wanted me to make some changes to it so i took an up-to-date copy from...
Microsoft Access / VBA
1
Digital signatures
by: ckpoll2 | last post by:
Hi, I have a rookie question for you. I have a database where people create a form that has to be signed. Rather than print off a hard copy, I'd like the spot for the signature to have a digital...
Microsoft Access / VBA
0
headache with applying and verifying of digital signature - C#
by: steven acer | last post by:
Hi i'm trying to sign a file and verify its signature with a DSA key. But i don't know if i'm doing it the right way !. I tried 2 different ways but i either got an error or simply the...
C# / C Sharp
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!