I have gone through many articles and questions @ SO about this but still I am not clear. I have a digitally signed PE, I am able to calculate the Sha1 Hash of the file but do not know how to decrypt the signature using public key. I have read that it can be done using openssl source codes but they are just too much to go through. Can anyone provide me the respective source codes or links and details on how to use them? Is there any good tutorials available for the same? TIA
Asked
Active
Viewed 478 times
0
-
2Which particular acronym should we use for "PE"? – Maarten Bodewes Oct 08 '12 at 18:27
-
What about: http://stackoverflow.com/questions/2756553/x509-certificate-verification-in-c – Maarten Bodewes Oct 08 '12 at 18:30
-
If you choose MS Windows as a platform, why don't you use Microsoft CryptoAPI? It's very simple to verify signature with certificate using them. – Pavel Ognev Oct 09 '12 at 06:54
-
@owlstead- PE:: Portable Executable... :-) – Oct 09 '12 at 07:00
-
We need to know the signature was generated. I presume PKCS#1 v1.5 using SHA-1 then? Does the PE use a container format for the signature? – Maarten Bodewes Oct 09 '12 at 17:51
-
@owlstead- Sorry, its PKCS#7 v3 and SHA1withRSAEncryption. Rest of the details are documented here:: http://www.microsoft.com/whdc/winlogo/drvsign/Authenticode_PE.mspx – Oct 10 '12 at 05:43
-
If you just use [`PKCS7_verify`](http://www.openssl.org/docs/crypto/PKCS7_verify.html) then OpenSSL will do the verification of the signature for you. It doesn't seem to be an overly difficult method call to use... – Maarten Bodewes Oct 10 '12 at 22:53
1 Answers
0
you could use the openssl command line interface. This should be something like:
openssl rsautl -verify -inkey 1-cert.pem -keyform PEM -certin -in signature > verified
If you want to use the library you could use the openssl cli especially the verify command as a start point.
David Feurle
- 2,687
- 22
- 38