Discuss this help topic in SecureBlackbox Forum

TElAuthenticodeVerifier class

Properties     Methods     Declared in     Licensing     


This class is used to verify and remove file signatures in EXE and DLL files.

Description

    This class has several functions:

  • check if the file has signatures;
  • verify all file signatures;
  • delete the signature from the file.

    To verify the file signature you should perform the following sequence of operations:
  1. Create TElAuthenticodeVerifier class instance.
  2. Call OpenFile method and check result. If this method returned value other than SB_AUTHENTICODE_ERROR_SUCCESS process the error and go to the step of file closing.
  3. If you want to get date and time of signatures creation call GetSignatureInfo method using as Index parameter numbers from 0 to the SignatureCount - 1. To access additional signature properties use Signatures property with the same Index parameter. For more information about additional signature properties see TElPKCS7Signer class.
    This step is optional.
  4. Compare ActualChecksum and Checksum properties values. If they are different the file might be changed after its creation or checksum was not specified. In any case it is not reason to worry.
    This step is optional.
  5. Compare ActualDigest and Digest properties values. If they are different the file was changed after it had been signed. There is no reason for further signature verification as the signatures are already invalid. Skip the next step.
  6. For each signature:
    • Call VerifySignature method. If it returned result other than SB_AUTHENTICODE_ERROR_SUCCESS process the error and go to the next signature processing.
    • Verify the certificate used for this signature creating.
    • On success signature is correct.
  7. Using results of 4 previous steps decide if file content was changed after signing and i this content can be trusted.
  8. Call CloseFile method.
  9. Repeat previous 7 steps for all files which have to be verified.
  10. Destroy TElAuthenticodeVerifier class instance.

    To remove the signature from the file you should perform the following sequence of operations:
  1. Create TElAuthenticodeVerifier class instance.
  2. Call OpenFile method and check result. If this method returned value other than SB_AUTHENTICODE_ERROR_SUCCESS process the error and go to the step of file closing.
  3. Call RemoveAuthenticode method. If it returned SB_AUTHENTICODE_ERROR_SUCCESS skip the next step.
  4. Call CloseFile method.
  5. Repeat previous 3 steps for all files which signatures have to be deleted.
  6. Destroy TElAuthenticodeVerifier class instance.

Properties

Methods

Declared in

.NET:
  • Namespace: SBAuthenticode
  • Assembly: SecureBlackbox.PKI
VCL:
  • Unit: SBAuthenticode
Java:
  • Package: SecureBlackbox.PKI.jar
C++:
  • sbauthenticode.h

Licensing

To use this class in the development and distribution of your software projects, you need to purchase one of the following licenses:

PKIBlackbox, SecureBlackbox Data Security, SecureBlackbox Transports, SecureBlackbox Standard, SecureBlackbox Professional

Discuss this help topic in SecureBlackbox Forum