我搜索了github,發現Azure Microsoft C#code使用PowerShell對象來檢查有效的Authenticode簽名。
/// <summary>
/// Check for Authenticode Signature
/// </summary>
/// <param name="providedFilePath"></param>
/// <returns></returns>
private bool VerifyAuthenticodeSignature(string providedFilePath)
{
bool isSigned = true;
string fileName = Path.GetFileName(providedFilePath);
string calculatedFullPath = Path.GetFullPath(providedFilePath);
if (File.Exists(calculatedFullPath))
{
Log.LogMessage(string.Format("Verifying file '{0}'", calculatedFullPath));
using (PowerShell ps = PowerShell.Create())
{
ps.AddCommand("Get-AuthenticodeSignature", true);
ps.AddParameter("FilePath", calculatedFullPath);
var cmdLetResults = ps.Invoke();
foreach (PSObject result in cmdLetResults)
{
Signature s = (Signature)result.BaseObject;
isSigned = s.Status.Equals(SignatureStatus.Valid);
if (isSigned == false)
{
ErrorList.Add(string.Format("!!!AuthenticodeSignature status is '{0}' for file '{1}' !!!", s.Status.ToString(), calculatedFullPath));
}
else
{
Log.LogMessage(string.Format("!!!AuthenticodeSignature status is '{0}' for file '{1}' !!!", s.Status.ToString(), calculatedFullPath));
}
break;
}
}
}
else
{
ErrorList.Add(string.Format("File '{0}' does not exist. Unable to verify AuthenticodeSignature", calculatedFullPath));
isSigned = false;
}
return isSigned;
}
'X509Certificate.CreateFromSignedFile(「」)。Verify()'? – Sinatr
.CreateFromSignedFile返回X509Certificate的一個實例,但沒有.Verify方法。 – LTR
好吧,那麼另一個愚蠢的想法:通過使用'X509Certificate',而不是'Handle'構造'X509Certificate2'。我猜測:'Verify'方法*應該*檢查文件,否則證書會在包含exe文件被篡改時拋出異常(當實例化時)。也許你必須實現自己的驗證[鏈接](http://msdn.microsoft.com/en-us/library/system.security.cryptography.x509certificates.x509chain.aspx)。 – Sinatr