Verify dll is signed on program launch

Question

Possible Duplicate:
File Signature Validation

Hello I have a basic game that I made that relies on dll files, all of which are signed. If someone were to tamper with the dll files, one may be able to manipulate the game in ways that are not intended. Is there a way in either VB, C++ or C# to verify that a file is digitally signed from a certain source? I found that this sign tool says it verifies files but that is distributed with an sdk and although im not a lawyer, I would imagine that I am not allowed to distribute that file in my program.

Maybe a dublicate of [Validate Authenticode signature on EXE - C++ without CAPICOM](http://stackoverflow.com/questions/301024/validate-authenticode-signature-on-exe-c-without-capicom) or [File Signature Validation](http://stackoverflow.com/questions/4602259/file-signature-validation). — rekire, May 10 '12 at 06:29

score 0 · Answer 1 · edited May 23 '17 at 12:20

0

You should use CryptQueryObject.

This KB-article demonstrates the use: How To Get Information from Authenticode Signed Executables.

To the commenter that asked about how to do it without the Windows-APIs, I am not aware of any library that can do it, but the format is documented here: Windows Authenticode Portable Executable Signature Format

[Source]

edited May 23 '17 at 12:20

Community

1
1

answered May 10 '12 at 06:26

rekire

47,260
30
167
264

Verify dll is signed on program launch

1 Answers1