'Re: Less expensive way to check the authenticity of DLL'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ms-cryptoapi
Subject:    Re: Less expensive way to check the authenticity of DLL
From:       Laszlo Elteto <lelteto () RAINBOW ! COM>
Date:       2003-06-27 15:05:20
[Download RAW message or body]

Because your primary DLL is signed by Microsoft - and supposedly that
signature is checked by Windows... (Well, in general - at least on THIS list
if we are talking about CSPs. However, in case of a device driver that may
not be true.)

Laszlo Elteto
Fellow Scientist
Rainbow Technologies, Inc.

-----Original Message-----
From: Daniel Sie [mailto:dsie@WINDOWS.MICROSOFT.COM]
Sent: Friday, June 20, 2003 11:46 PM
To: CryptoAPI@DISCUSS.MICROSOFT.COM
Subject: Re: Less expensive way to check the authenticity of DLL


If someone is able to replace your secondary DLL, what makes you think
they can't replace your main DLL?

Thanks.

-----Original Message-----
From: Microsoft Cryptographic API
[mailto:CryptoAPI@DISCUSS.MICROSOFT.COM] On Behalf Of Laszlo Elteto
Sent: Friday, June 20, 2003 3:33 PM
To: CryptoAPI@DISCUSS.MICROSOFT.COM
Subject: Re: Less expensive way to check the authenticity of DLL

Same. Sign yourself with YOUR private key and embed the corresponding
public
key into your dll. Then when your main driver dll is loaded you can read
and
verify your second driver dll.

Laszlo Elteto
Fellow Scientist
Rainbow Technologies, Inc.

-----Original Message-----
From: Armstrong, Charles [mailto:Charles.Armstrong@CDA.CANON.COM]
Sent: Friday, June 20, 2003 3:30 PM
To: CryptoAPI@DISCUSS.MICROSOFT.COM
Subject: Re: Less expensive way to check the authenticity of DLL


Thanks,
but I'm not writing CSP, this dll is part of video driver that is signed
by
Microsoft.
Basically I want Main DLL to verify this specific dll before loading it.

Charles


-----Original Message-----
From: Eric Peterson [mailto:eric@PURPLESUIT.COM]
Sent: Friday, June 20, 2003 3:14 PM
To: CryptoAPI@DISCUSS.MICROSOFT.COM
Subject: Re: Less expensive way to check the authenticity of DLL


On Fri, Jun 20, 2003 at 06:06:58PM -0400, Charles wrote:
> 1. Actually Microsoft has a WFP(Windows File Protection scheme) that
runs
> in background and check only files installed from OS Instation media.
> 2. Driving Signing, but i need to use CA to sign the dll.
> 3. I could use Checksum value in the optional header of PE image.
> 4. I could reverse engineer authenticode to doit myself. I have seen
that
> some place in the message board.
> 
> Which one would be? Is there any other technique?

You could sign your DLL's with a private key, embed the corresponding
public key in your CSP and have microsoft sign the CSP.

----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM

----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM

This message and any material contained in any attachment may contain
information which is the property of and which is confidential to
Rainbow Technologies, Inc. This information is intended solely for the
use of the individual or entity to whom it is addressed. If you are not
the intended recipient, you are hereby notified that any disclosure,
copying, distribution, or use of any of the information contained in
this message is STRICTLY PROHIBITED. If you have received this message
in error, please notify us immediately. Thank you.

----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM

----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM

This message and any material contained in any attachment may contain information \
which is the property of and which is confidential to Rainbow Technologies, Inc. This \
information is intended solely for the use of the individual or entity to whom it is \
addressed. If you are not the intended recipient, you are hereby notified that any \
disclosure, copying, distribution, or use of any of the information contained in this \
message is STRICTLY PROHIBITED. If you have received this message in error, please \
notify us immediately. Thank you.

----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic