How to check dll Authenticode?

Question

I have a dll that is digitally signed, when my application start I want check that this dll is "original", in particular isn't replaced with a fake one. How can I do this checking the Authenticode signature?

I never did something like this, and I need a bit help to start.

UPDATE

I want prevent someone from replacing the dll with their own and provide their own api method to this dll, and thus myApp.exe always appearing properly licensed.

I asked to the author and he tell me:

"There are steps you can take to prevent the type of cracking you mentioned. For instance, somewhere in your code you can verify TurboActivate by checking that the Authenticode signature is still valid (TurboActivate is code-signed). Or, if you want a simpler solution, you can do a simple MD5 or CRC check. This will prevent "drop in" replacement of TurboActivate with a malicious version."

Answer 1

If the dll is a regular reference of your program, the check will be done automatically for you and your program won't start if it has been tampered with. You don't need to do anything extra, it's part of the normal startup and finding all referenced assemblies routine.

---

If this assembly is loaded "behind your back" at some point in your program, you can look at it and check it's token:

var assembly = AppDomain.CurrentDomain.GetAssemblies().First(a => a.FullName.Contains("TurboActive"));
var token = assembly.GetName().GetPublicKeyToken();

// check if token is *their* valid token