[Mono-dev] Checking Validity/Reputation of a Digital Signature File

[jaysonp]

Sebastien Pouliot wrote
> A cert file is not a signature - but it is a signed structure.
> Checking the signature of a .cer file is rather easy (see X509Chain
> class) but it only tells you about the certificate itself, not what it
> (e.g. files) could have signed.

I am not planning to check the signature of a .cer file. What I am trying to
do is verify/check for the actual digital signature of a file (e.g. an EXE
file) for its reputation. I just thought that .cer file is the exported
version of a digital signature.

For example, WINWORD.EXE has a digital signature, right? I want to
dump/export that digital signature to a file and check it if it's still
reputable (i.e. not tampered, etc).

I am not very well versed on digisigs and certs but I hope I am making
sense.
Thanks again!




--
View this message in context: http://mono.1490590.n4.nabble.com/Checking-Validity-Reputation-of-a-Digital-Signature-File-tp4656681p4656683.html
Sent from the Mono - Dev mailing list archive at Nabble.com.