Reputation: 61
How to protect MSI installer digital signature from tampering
My Windows MSI installer has a digital signature signed with a valid code signing certificate. To validate incoming update installer, I use WinVerifyTrust to verify the file trust and also checked if signer exactly match my organization's name, say ABC, Inc. for example. But the file is being reported that it might be compromised by certificate chain attack. The hacker can use the same signer's name under different certificate chain path. So, what can I do to prevent such attack? Validate each signer's name until Root CA, or any other efficient method to prevent? I can't figure it out for a while and need some experts to help out some advice.
Upvotes: 0
Views: 165
Answers (1)
Reputation: 116
If you don't trust the CAs installed in Windows (even though generally you can because that is ~everybody's security boundary), you can always set up your own CA and add a second signature to your MSI that's signed with a certificate issued by that CA. Your updater can check that, while for regular MSI execution, Windows will be content with the regular certificate. You'll have the overhead of running your own CA though, including the security requirements that come from dealing with some customers.
Upvotes: 0
Related Questions
- How does the SQL injection from the "Bobby Tables" XKCD comic work?
- How to validate a PE file's digital signature in windows and find who signed it? (using c/c++)
- Can strong naming an assembly be used to verify the assembly author?
- "Unknown publisher" while starting properly signed installer
- The signed MSI-package isn't liked by Windows
- What part of a signed executable/MSI file can I modify so as not to affect its digital signature?
- How to sign assembly and exe files in the installer package?
- Why do I keep getting "The digital signature of the object did not verify" for Windows JavaEE installer
- How can I establish trust in a X.509 certificate issued by an intermediary?