Discuss this help topic in SecureBlackbox Forum
This class is used to verify and remove file signatures in EXE and DLL files.
Description
This class has several functions:
- check if the file has signatures;
- verify all file signatures;
- delete the signature from the file.
To verify the file signature you should perform the following sequence of operations:
- Create TElAuthenticodeVerifier class instance.
- Call OpenFile method and check result.
If this method returned value other than SB_AUTHENTICODE_ERROR_SUCCESS process the error and go to the step of file closing.
- If you want to get date and time of signatures creation call GetSignatureInfo
method using as Index parameter numbers from 0 to the SignatureCount - 1. To access additional signature properties
use Signatures property with the same Index parameter. For more information
about additional signature properties see TElPKCS7Signer class.
This step is optional.
- Compare ActualChecksum and Checksum
properties values. If they are different the file might be changed after its creation or checksum was not specified. In any case it is not
reason to worry.
This step is optional.
- Compare ActualDigest and Digest properties values.
If they are different the file was changed after it had been signed.
There is no reason for further signature verification as the signatures are already invalid.
Skip the next step.
- For each signature:
- Call VerifySignature method.
If it returned result other than SB_AUTHENTICODE_ERROR_SUCCESS process the error and go to the next signature processing.
- Verify the certificate used for this signature creating.
- On success signature is correct.
- Using results of 4 previous steps decide if file content was changed after signing and i this content can be trusted.
- Call CloseFile method.
- Repeat previous 7 steps for all files which have to be verified.
- Destroy TElAuthenticodeVerifier class instance.
To remove the signature from the file you should perform the following sequence of operations:
- Create TElAuthenticodeVerifier class instance.
- Call OpenFile method and check result.
If this method returned value other than SB_AUTHENTICODE_ERROR_SUCCESS process the error and go to the step of file closing.
- Call RemoveAuthenticode method. If it returned SB_AUTHENTICODE_ERROR_SUCCESS skip the next step.
- Call CloseFile method.
- Repeat previous 3 steps for all files which signatures have to be deleted.
- Destroy TElAuthenticodeVerifier class instance.
Properties
Methods
Declared in
.NET:
- Namespace: SBAuthenticode
- Assembly: SecureBlackbox.PKI
VCL:Java:
- Package: SecureBlackbox.PKI.jar
C++:
Licensing
To use this class in the development and distribution of your software projects, you need to purchase one of the following licenses:
PKIBlackbox, SecureBlackbox Data Security, SecureBlackbox Transports, SecureBlackbox Standard, SecureBlackbox Professional
Discuss this help topic in SecureBlackbox Forum