kunal-chowdhury.com

Here’s how to detect whether an assembly is digitally signed (using C#)


Digital signatures are the public-key primitives of message authentication. In common words, hand written signatures are defined to put authenticity of a file. In digital word, it’s the digital signature binds a person/entity to the digital data.

 

In this blog post, we will learn how to detect whether an assembly (.dll or .exe) is digitally signed. We will use .NET/C# to identify the same. Continue reading to know more on this topic.

 

Using C#, how to detect whether a dll or exe is digitally signed (www.kunal-chowdhury.com)

 

When a signer electronically signs a document, the signature is created using the signer's private key, which is always securely kept by the signer. You can digitally sign a document for many of the same reasons why you might place a handwritten signature on a paper document.

 

A digital signature is used to help authenticate the identity of the creator of digital information — such as documents, e-mail messages etc. — by using the cryptographic algorithms. When a .dll and/or .exe file is digitally signed by a signer, you can confirm the same from the said file’s properties.

 

To detect whether the assembly file is signed or not, right click on the file and click the ‘Properties’ from the context menu. If you see a ‘Digital Signatures’ tab in the properties window, that means, the file is signed by a digital signature (as shown below). Clicking the tab will show you a list of signatures added to the file.

 

Digital signature of a dll (www.kunal-chowdhury.com)

 

To detect the same in .NET applications using C#, you need to first add the Microsoft assembly ‘System.Management.Automation.dll’ in the project. Then you need to create the RunspaceConfiguration to create the runspace. Once that is created, open the pipeline and get the ‘AuthenticationSignature’. This will return you a result set. If the first item in the result set is not null and has a signer certificate as signature, you can say that the said file has a digital signature.

 

You can find the code method to check the digital signing status of an assembly below:

 

 
public static bool IsSigned(string filepath)
{
    var runspaceConfiguration = RunspaceConfiguration.Create();
    using (var runspace = RunspaceFactory.CreateRunspace(runspaceConfiguration))
    {
        runspace.Open();
        using (var pipeline = runspace.CreatePipeline())
        {
            pipeline.Commands.AddScript("Get-AuthenticodeSignature \"" + filepath + "\"");
            var results = pipeline.Invoke();
            runspace.Close();
 
            var signature = results[0].BaseObject as Signature;
            return signature == null || signature.SignerCertificate == null ? 
                   false : (signature.Status != SignatureStatus.NotSigned);
        }
    }
}
 

Please note that the above process is simple enough to check whether the assembly is signed or not. But the problem that come here is the size of the System.Management.Automation.dll, which is approximately 2 MB. For such a small implementation, adding a 2MB file in the solution/installer is no way a recommended approach.

 

Anyway, I hope that the above post was useful. Do let me know, if you have any queries. Stay tuned for upcoming articles in this blog space. Have a great day!

 

 


Kunal Chowdhury
If you have come this far, it means that you liked what you are reading (Here’s how to detect whether an assembly is digitally signed (using C#)).

Why not reach little more and connect with me directly on Twitter, Facebook, Google+ and LinkedIn. I would love to hear your thoughts and opinions.

Authored Books: