Software Digital Signature Verification

Question

Software Digital Signature Verification

I have exe for an im project working on a digital signature, which means that when it asks for administrator rights, it shows the name of the company. This works very well, but if you change exe, it will still work and instead seems unknown.

Is there a way to verify the digital signature to make sure it is valid when starting exe to avoid working with modified versions?

Visual studio 2008 windows 7

+6

c ++ windows-7 winapi digital-signature

Lodle Jul 15 '09 at 9:30

source share

2 answers

Given that you already have a need for UAC, is it not enough to set the Group Policy setting "Only raise signed and verified executable files" to "Computer Configuration \ Windows Settings \ Local Policies \ Security Settings"? It may also be useful to "Use certificate rules for Windows executables for software restriction policies."

These settings are better than trying to verify from your own application, because the thing is that you can no longer trust yourself when your binary is changed.

0

Msalters Jul 15 '09 at 9:57

source share

Kirill V. Lyadvinsky · Accepted Answer · 2009-07-15T09:41:37+0000

Here is an example program (it uses WinVerifyTrust ) that verifies the signature, but I'm not sure that it will work under Windows 7. You should try it.

Software Digital Signature Verification

More articles: