0

From what I understand about digital signatures, when code-signing exe's it the "signer" modifies the PE itself. I noticed that it adds the certificate content to the end of the PE and also (obviously) adds some kind of reference to the headers.

My question is: How secure is this ? Wouldn't someone capable of reverse engineering the executable be able to forge that onto his own executable thereby forging a digital signature ?

asudhak
  • 2,929
  • 4
  • 22
  • 27
  • No, because the digital signature also includes a hash of what is being signed. If you change the content, the hash that was originally used doesn't match. – vcsjones Aug 07 '12 at 20:13
  • code signing is a public/private key operation. reverse engineering the executable doesn't get you anything unless you also have the private key which originally signed the exe – Marc B Aug 07 '12 at 20:16
  • @vcsjones : Makes sense, but if I am able to control the hash, does it really matter ? – asudhak Aug 07 '12 at 20:17
  • @MarcB: Say Company A has signed the executable a.exe. What stops me from stripping the certificate details and appending it to my b.exe ? Am not trying to decrypt anything. I'm just copying some already encrypted data. Now, if the hash was calculated and then encrypted, this would of course not be possible – asudhak Aug 07 '12 at 20:19
  • @asudhak You don't have control over the signature of the hash because it is signed with the private key, which you do not have. – vcsjones Aug 07 '12 at 20:20
  • the .exe isn't encrypted via signing. The signing process calculates a hash of the exe's contents (minus where the signature is saved), and encrypts the hash with the private key. The other end will recalc the hash, decrypt the stored one with the public key, and compare. if the hashes match, it's the same exe. The ONLY encrypted bit in the file is the signature hash. – Marc B Aug 07 '12 at 20:21
  • @MarcB : Yes, now its clear to me. If for some reason the hash was not encrypted, then I assume this would be possible to forge the signatures. – asudhak Aug 07 '12 at 20:26
  • Could either of you post it as an answer so that the question can be closed ? – asudhak Aug 07 '12 at 20:27
  • If the hash wasn't encrypted, then it wouldn't be a signature. It'd just be another CRC value. – Marc B Aug 07 '12 at 20:28

1 Answers1

7

Code signing is a public-private key operation. The signing operation calculates a hash of the .exe file (minus the bits where the signature is stored), then encrypts the hash with the signer's private key.

On client-side validation, the client will redo the hash calculation, and decrypt the stored signature using the public key. If the two hashes match, then the exe has not been tampered with.

The only bits of the file are are encrypted are the signature - everythign else is stored in the clear. Nothing stops you from ripping apart the exe and stuff it (or parts of it) into another .exe.

Signing is not there to prevent theft - it's there to detect tampering.

Marc B
  • 356,200
  • 43
  • 426
  • 500
  • On a side note, I notice that, Digital Signatures in windows executable do not prevent anything. It looks like it is merely used to see if the executable has been tampered with. I may be wrong, or my settings may have been configured in some way, but windows doesn't even throw an error saying a Digital Signature isn't valid. One can find out if the digital signature is valid or not, only by looking into the details of the signature. Am I right with this ? – asudhak Aug 08 '12 at 16:54