How can I determine if a Windows Driver is Digitally signed

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Rymfax
    #1

    How can I determine if a Windows Driver is Digitally signed

    Hey all.

    I need to determine whether or not a Windows Driver is digitally
    signed using a C# application. Can anyone point me in the right
    direction for doing this? I know it has something to do with the .cat
    file, but I'm not sure exactly what else I need to do.

    TIA!
    Tags: None
    • Willy Denoyette [MVP]
      #2
      Re: How can I determine if a Windows Driver is Digitally signed

      "Rymfax" <cwalker@bigban gllc.comwrote in message
      news:7122f03b-949e-44e2-a3d3-0c473f20791d@n7 5g2000hsh.googl egroups.com...
      Hey all.
      >
      I need to determine whether or not a Windows Driver is digitally
      signed using a C# application. Can anyone point me in the right
      direction for doing this? I know it has something to do with the .cat
      file, but I'm not sure exactly what else I need to do.
      >
      TIA!

      If the driver file is signed, then it should contain a valid X509
      certificate, so one way to check this is by using using the
      System.Security .Cryptography.X 509Certificates namespace.
      Here a small snip to get you started..

      using System;
      using System.Security .Cryptography;
      using System.Security .Cryptography.X 509Certificates ;
      ....

      X509Certificate certp =
      X509Certificate 2.CreateFromSig nedFile(@"C:\Wi ndows\System32\ drivers\tcpip.s ys");
      X509Certificate 2 x509 = new X509Certificate 2(certp.Handle) ;
      // if valid, dump some properties to the console
      Console.WriteLi ne("{0}Subject : {1}{0}",
      Environment.New Line,x509.Subje ct);
      Console.WriteLi ne("{0}Issuer: {1}{0}", Environment.New Line,x509.Issue r);
      Console.WriteLi ne("{0}Version : {1}{0}",
      Environment.New Line,x509.Versi on);
      Console.WriteLi ne("{0}Valid Date: {1}{0}",
      Environment.New Line,x509.NotBe fore);
      Console.WriteLi ne("{0}Expiry Date: {1}{0}",
      Environment.New Line,x509.NotAf ter);
      Console.WriteLi ne("{0}Thumbpri nt: {1}{0}",
      Environment.New Line,x509.Thumb print);
      Console.WriteLi ne("{0}Serial Number: {1}{0}",
      Environment.New Line,x509.Seria lNumber);
      Console.WriteLi ne("{0}Friendl y Name: {1}{0}",
      Environment.New Line,x509.Publi cKey.Oid.Friend lyName);
      Console.WriteLi ne("{0}Public Key Format: {1}{0}",
      Environment.New Line,x509.Publi cKey.EncodedKey Value.Format(tr ue));
      Console.WriteLi ne("{0}Raw Data Length: {1}{0}",
      Environment.New Line,x509.RawDa ta.Length);
      Console.WriteLi ne("{0}Certific ate to string: {1}{0}",
      Environment.New Line,x509.ToStr ing(true));

      Willy.

        Comment

        • Rymfax
          #3
          Re: How can I determine if a Windows Driver is Digitally signed

          On Mar 13, 4:42 pm, "Willy Denoyette [MVP]"
          <willy.denoye.. .@telenet.bewro te:
          "Rymfax" <cwal...@bigban gllc.comwrote in message
          >
          news:7122f03b-949e-44e2-a3d3-0c473f20791d@n7 5g2000hsh.googl egroups.com...
          >
          Hey all.
          >
          I need to determine whether or not a Windows Driver is digitally
          signed using a C# application.  Can anyone point me in the right
          direction for doing this?  I know it has something to do with the .cat
          file, but I'm not sure exactly what else I need to do.
          >
          TIA!
          >
          If the driver file is signed, then it should contain a valid X509
          certificate, so one way to check this is by using using the
          System.Security .Cryptography.X 509Certificates namespace.
          Here a small snip to get you started..
          >
          using System;
          using System.Security .Cryptography;
          using System.Security .Cryptography.X 509Certificates ;
          ...
          >
             X509Certificate certp =
          X509Certificate 2.CreateFromSig nedFile(@"C:\Wi ndows\System32\ drivers\tcpip.s ­ys");
             X509Certificate 2 x509 = new X509Certificate 2(certp.Handle) ;
             // if valid, dump some properties to the console
             Console.WriteLi ne("{0}Subject : {1}{0}",
          Environment.New Line,x509.Subje ct);
             Console.WriteLi ne("{0}Issuer: {1}{0}", Environment.New Line,x509.Issue r);
             Console.WriteLi ne("{0}Version : {1}{0}",
          Environment.New Line,x509.Versi on);
             Console.WriteLi ne("{0}Valid Date: {1}{0}",
          Environment.New Line,x509.NotBe fore);
             Console.WriteLi ne("{0}Expiry Date: {1}{0}",
          Environment.New Line,x509.NotAf ter);
             Console.WriteLi ne("{0}Thumbpri nt: {1}{0}",
          Environment.New Line,x509.Thumb print);
             Console.WriteLi ne("{0}Serial Number: {1}{0}",
          Environment.New Line,x509.Seria lNumber);
             Console.WriteLi ne("{0}Friendl y Name: {1}{0}",
                  Environment.New Line,x509.Publi cKey.Oid.Friend lyName);
             Console.WriteLi ne("{0}Public Key Format: {1}{0}",
                   Environment.New Line,x509.Publi cKey.EncodedKey Value.Format(tr ue));
             Console.WriteLi ne("{0}Raw Data Length: {1}{0}",
          Environment.New Line,x509.RawDa ta.Length);
             Console.WriteLi ne("{0}Certific ate to string: {1}{0}",
          Environment.New Line,x509.ToStr ing(true));
          >
          Willy.
          You Rock Willy! That worked perfectly...THA NKS!

            Comment

            Previous template Next
            Working...