How checking the Authenticode signature of the dll ?

Question

How checking the Authenticode signature of the dll ?

Fred

Hi,

I have read some posts concerning checking the Authenticode signature of the dll to prevent some hacking.

Could you please explain me how to to it ?

Thanks,Fred

Sep 15, 2016

Sam · Answer 1 · 2016-09-15T15:15:10Z

Honestly the easiest thing to do is hardcode the SHA2 hash of TurboActivate.dll in your app, and at runtime take the hash of the DLL, and compare it against the hardcoded hash.

There are lots of SHA2 libraries for every language.

Fred · Answer 2 · 2016-09-15T15:29:44Z

Thanks, Sam.

I thought it would be safier to check the signature.

But maybe , it's a bit hard to do...

Thanks,Fred

Sam · Answer 3 · 2016-09-15T15:48:40Z

It's a lot harder to do, and effectively accomplishes the same end-goal.

Fred · Answer 4 · 2016-09-15T17:34:10Z

Ok, Sam, understood, thanks.

What is safier in your experience at wday ? SHA512, SHA256, something else ?

Thanks, Fred

Sam · Answer 5 · 2016-09-15T17:46:15Z

SHA256 produces good non-conflicting hashes. That would be the best choice.

Ewen Wallace · Answer 6 · 2016-09-16T05:08:28Z

You can check Authenticode signatures in C#. http://stackoverflow.com/questions/4595537/verify-authenticode-signature-as-being-from-our-company-for-automatic-updater

Fred · Answer 7 · 2016-09-16T08:06:52Z

Ok Sam, I'll use SHA256, thanks.

Thanks for the link, CADbloke, I'll look at it.

Regards,Fred

LimeLM
Overview Pricing & Sign up Why LimeLM? Tour Log in Help
wyBuild
Overview Pricing & Buy Features What's new Help
Support forum
wyDay blog
wyDay Home
Downloads Buy Contact us Careers

Guest name
Youʼre not logged-in, but you can still post as a guest.

Email