Reputation: 95
Internet Explorer crashes when loading signed ocx
I have an .ocx/ActiveX library that I coded in Delphi. I have thoroughly tested this library in the following environments:
Windows XP SP3 - IE6 Windows XP SP3 - IE7 Windows XP SP3 - IE8 Windows 7 Ultimate 64 bit - IE 9 (32bit)
The library interacts with my IIS server, then loads the MsRdpClient library interface, then runs an RDP session inside the browser client area. Works great.
Now it's deployment time, will be deploying to customer site on their network. Users will be accessing/downloading ocx to their PC's by accessing customer network using VPN etc.
We purchased a code signing certificate from Go Daddy. Using the Microsoft signtool, I have successfully signed the ocx. Here's the process that I used:
I downloaded my cert from GoDaddy. I installed the cert in IE. I exported the cert from IE into a .pfx file, private key and all. I successfully signed the cert using signtool sign I also tested signing the cert using the older signtool (6.1) using signtool signwizard and the pvk utility, creating a pvk file and pairing it with the .spc file received from GoDaddy.
The first time I attempt to load the ocx in a web page, I get prompted to accept the object from the trusted authority. Then it crashes IE!
After the first time/once the cert is loaded and the object is approved, as soon as I attempt to run my site with the ActiveX, IE 7, 8, and 9 crash!
I don't get any error messages, the browser just 'goes away'!
It's deployment time, and I don't have any info from IE as to what is happening. Any help would be GREATLY appreciated!
Upvotes: 4
Views: 706
Answers (1)
Reputation: 53880
When code signing a file, the file contents are changed, and the file length increases. The signature is inserted into the file.
If you have anti-tamper code in the program, it could be triggered simply by signing the file. For example, if you are using EurekaLog, ensure that you disable the "Check file corruption (anti-crack)" option, otherwise your program will crash with the error "This file is cracked" simply because the signature has modified the file.
Generally, you should disable any such anti-tamper code prior to signing the application and use the Windows API to verify the validity of the signature. The signature will be invalid if the file has been tampered with after it has been signed. The Eldos SecureBlackBox components have functions for verifying the signature from within the application.
Also, consider using a timestamp when signing the file. Without a timestamp, once your code signing certificate expires, the signature will expire. With a timestamp, the signature lives on, even past the expiration of your code signing certificate (unless you revoke the certificate).
Upvotes: 4
Related Questions
- Delphi XE 2 Crashing on Startup
- Delphi 7 crashes after installing Delphi XE (BPL mixed paths)
- stack overflow error when i open Delphi XE IDE
- ERROR ITMS-9000: Missing or invalid signature
- Why does the Delphi XE2 IDE crash in msimg32.dll?
- Exception in xul.dll and images are not shown in gecko browser inside delphi app
- delphi 2010 and IE9
- Runtime error 216 on IE when using BHO
- Any ideas for Delphi XE can randomly not load design package?
- Delphi, TWebBrowser and IE8 -> application freeze on closedown