1. 技术文章
  2. Verify whether an executable is signed or not (signtool used to sign that exe)

Verify whether an executable is signed or not (signtool used to sign that exe)

早过忘川 提交于 2019-12-01 01:00:43

问题


In my application I need to verify whether it's signed or not. If it's signed continue the execution and exit the application if not. The signtool will be used to sign the application. Is there any C# code to do that?


回答1:


Here is a utility method that does it:

var signed = IsSigned(@"c:\windows\explorer.exe");
...
public static bool IsSigned(string filePath)
{
    if (filePath == null)
        throw new ArgumentNullException(nameof(filePath));

    var file = new WINTRUST_FILE_INFO();
    file.cbStruct = Marshal.SizeOf(typeof(WINTRUST_FILE_INFO));
    file.pcwszFilePath = filePath;

    var data = new WINTRUST_DATA();
    data.cbStruct = Marshal.SizeOf(typeof(WINTRUST_DATA));
    data.dwUIChoice = WTD_UI_NONE;
    data.dwUnionChoice = WTD_CHOICE_FILE;
    data.fdwRevocationChecks = WTD_REVOKE_NONE;
    data.pFile = Marshal.AllocHGlobal(file.cbStruct);
    Marshal.StructureToPtr(file, data.pFile, false);

    int hr;
    try
    {
        hr = WinVerifyTrust(INVALID_HANDLE_VALUE, WINTRUST_ACTION_GENERIC_VERIFY_V2, ref data);
    }
    finally
    {
        Marshal.FreeHGlobal(data.pFile);
    }
    return hr == 0;
}

[StructLayoutAttribute(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
private struct WINTRUST_FILE_INFO
{
    public int cbStruct;
    public string pcwszFilePath;
    public IntPtr hFile;
    public IntPtr pgKnownSubject;
}

[StructLayoutAttribute(LayoutKind.Sequential)]
private struct WINTRUST_DATA
{
    public int cbStruct;
    public IntPtr pPolicyCallbackData;
    public IntPtr pSIPClientData;
    public int dwUIChoice;
    public int fdwRevocationChecks;
    public int dwUnionChoice;
    public IntPtr pFile;
    public int dwStateAction;
    public IntPtr hWVTStateData;
    public IntPtr pwszURLReference;
    public int dwProvFlags;
    public int dwUIContext;
    public IntPtr pSignatureSettings;
}

private const int WTD_UI_NONE = 2;
private const int WTD_REVOKE_NONE = 0;
private const int WTD_CHOICE_FILE = 1;
private static readonly IntPtr INVALID_HANDLE_VALUE = new IntPtr(-1);
private static readonly Guid WINTRUST_ACTION_GENERIC_VERIFY_V2 = new Guid("{00AAC56B-CD44-11d0-8CC2-00C04FC295EE}");

[DllImport("wintrust.dll")]
private static extern int WinVerifyTrust(IntPtr hwnd, [MarshalAs(UnmanagedType.LPStruct)] Guid pgActionID, ref WINTRUST_DATA pWVTData);



回答2:


   private bool IsAssemblySigned()
    {
        var assembly = Assembly.GetAssembly(GetType());

        var assemblyName = assembly.GetName();
        var key = assemblyName.GetPublicKey();
        return key.Length > 0;
    }



回答3:


I would suggest you use the 'CryptUIWizDigitalSign' API. This link can be used as a reference.




回答4:


    Try
        Dim objCertificate As New Security.Cryptography.X509Certificates.X509Certificate2(Security.Cryptography.X509Certificates.X509Certificate.CreateFromSignedFile(strFile))
        Return True

    Catch ex As Exception
        Return False
    End Try


来源:https://stackoverflow.com/questions/4345962/verify-whether-an-executable-is-signed-or-not-signtool-used-to-sign-that-exe

标签
c#
digital-signature
verification
signtool
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!