Validating Embeded Digital Signatures

31 10 2008

I had a recent project that had a feature of being able to update itself as determined by a web service. The service provided information as to the URI of the files to be updated. The client component grabs the files, in zip format, downloads it and extracts and either replaces files in the application or executes it; replacement and/or execution determined by the meta-data from the service. As a precaution, we wanted to ensure that the files executed really are from us. To verify, we implemented a rule that only digitally signed dll’s and exe’s would be allowed to run by our updater.

The challenge was being able to verify the digital signatures. Initially I was using the System.Security.Cryptography.X509Certificates.X509Certificate class to validate the certificate. The idea is to validate the certificate chain to the root CA and verify the publisher.

What I ran into was that the .NET classes only successfully validated .NET assemblies, but not all. The final solution was to create a wrapper class that calls the WinVerifyTrust method of wintrust.dll.
Read the rest of this entry »


Comments : Leave a Comment »

Categories : ASP.NET, C#, Programming

Generating Multiple GUIDs

28 10 2008

Been a while since I’ve written anything and this will be a short one as well.  I recently had a need to generate about 600 some odd GUIDs and spent quite some time trying to figure out how to do this.  Visual Studio has an add in but the UI only generates one GUID at a time.

You can use the uuidgen.exe to generate any number of GUIDs and even have it serialized for easier reference later on.

usage: uuidgen [-xisconvh?]

  • x – Generate sequential (V1) UUIDs
  • i – Output UUID in an IDL interface template
  • s- Output UUID as an initialized C struct
  • c – Output UUID in upper case
  • o{filename} – redirect output to a file, specified immediately after o
  • n{number} – Number of UUIDs to generate, specified immediately after n
  • v – display version information about uuidgen
  • h, ? – Display command option summary

Example: To generate 30 GUIDs, capitalized and serialized to sample.txt

uuidgen -c -n30 -osample.txt


Comments : Leave a Comment »

Categories : Programming