PDA

View Full Version : PE "Digital Signature" format?


Maximus
August 21st, 2010, 10:52
Hello,

while I am able to DS an executable, I would like to know a bit more about it in order to automate such process. The docs I have found about it are not what i need, so I guess its better ask...

What I want to achieve is just the ability to sign an application from my c++ code -with the difference that I have to add the space for DS and place it into the code.
How does it work, exactly? I mean, how can I apply a digital signature to a prepared exe (i.e. an exe where i carve/add space for DS), given i have the cert?

Thanks for any insight!

Maximus

Neitsa
August 21st, 2010, 12:09
Hi,

I hope that the concept of "Digital signature" and what is called "The Attribute Certificate Table" in the PE specification (chap. 5.7) are the same things.

You may already have checked the ImageAddCertificate() API:

http://msdn.microsoft.com/en-us/library/ms680147%28VS.85%29.aspx

If you want to do all the stuff by yourself (why not relying on the API?), check out the internal logic of the API on the ReactOS website:

http://doxygen.reactos.org/d2/d5a/integrity_8c_a6a220d3293584ff01aae0e92a60c6cbe.html#a6a220d3293584ff01aae0e92a60c6cbe

Sorry if it's not the same thing at all...

Maximus
August 23rd, 2010, 10:28
hi,

thanks for reminding me ReactOS

I have used it sometime when I were digging in kernelland, it is a very valueable source of information, indeed.

Indeed, those APIs looks to contain exactly what I were looking for - I will move next days for implementing them , thanks