[Mono-dev] Checking Validity/Reputation of a Digital Signature File

Sebastien Pouliot sebastien.pouliot at gmail.com
Tue Sep 18 13:55:39 UTC 2012 

On Tue, Sep 18, 2012 at 9:45 AM, jaysonp <jaysonpryde at gmail.com> wrote:
> Sebastien Pouliot wrote
>> A cert file is not a signature - but it is a signed structure.
>> Checking the signature of a .cer file is rather easy (see X509Chain
>> class) but it only tells you about the certificate itself, not what it
>> (e.g. files) could have signed.
>
> I am not planning to check the signature of a .cer file. What I am trying to
> do is verify/check for the actual digital signature of a file (e.g. an EXE
> file) for its reputation. I just thought that .cer file is the exported
> version of a digital signature.

No, a .cer (X.509 certificate) is not a detached signature, but it's
often used as part of the signature (e.g. to identify who signed).

> For example, WINWORD.EXE has a digital signature, right? I want to
> dump/export that digital signature to a file and check it if it's still
> reputable (i.e. not tampered, etc).

WINWORD.EXE is likely signed (I don't have it to check) and it will
(very likely) be an Authenticode signature (since it's all MS
technologies).

Not sure why you want to export the signature to a separate file -
i.e. it does not make it easier to validate the file and you risk
having the two files getting out-of-sync (e.g. an update to word).

Anyway Mono itself supports the Authenticode tools and has the class
libraries to create and check digital signatures (but it does not have
non-authenticode tools for code/file signing - you'll have to build
your own).

> I am not very well versed on digisigs and certs but I hope I am making
> sense.
> Thanks again!
>
>
>
>
> --
> View this message in context: http://mono.1490590.n4.nabble.com/Checking-Validity-Reputation-of-a-Digital-Signature-File-tp4656681p4656683.html
> Sent from the Mono - Dev mailing list archive at Nabble.com.
> _______________________________________________
> Mono-devel-list mailing list
> Mono-devel-list at lists.ximian.com
> http://lists.ximian.com/mailman/listinfo/mono-devel-list

More information about the Mono-devel-list mailing list