X509Certificate2.Verify behaviour

Question

I have a digitally signed binary app.exe. Certificate is issued by commercial CA. In file properties (on Windows), Digital Signature information says that This digital signature is OK. If I somehow modify binary (e.g. by changing resources in Resource Hacker) Digital Signature information says that This digital signature is not valid.

I tried to verify certificate programmatically but X509Certificate2.Verify() returns true no matter which file I use - original (app.exe) or tampered one (app-modified.exe).

string filename = "app.exe"; // "app-modified.exe"
X509Certificate cert1 = X509Certificate.CreateFromSignedFile(filename);
X509Certificate2 cert2 = new X509Certificate2(cert1);
bool isValid = cert2.Verify();

Why does this function return true in both cases? Is this a proper way of validating digital signatures of files?

Answer 1

I think that you are misunderstanding the digital-signature verification process. Roughly verify digital-signature process consists in two steps, first step is validate the signature integrity (check that no one modify the document after signature is applied), and the second step is validate certificate status (check that certificate is valid, not expired or revoked).

So If you modify your signed app.exe you are broken your signature, but if the certificate was valid it remains valid which is the reason that in both cases your certificate validation is ok.

If instead of validate only the certificate you validate the signature the result will be false in the app-modified.exe because when you modify the app.exe you broke the signature.

Hope this helps,