Can I remove a digital signature from a DLL?

后端 未结 6 1895
误落风尘
误落风尘 2020-12-29 05:01

My installer build \"signs\" a DLL using a Code Signing certificate during the build process.

I\'ve noticed that if I try to build twice in succession, the second b

相关标签:
6条回答
  • 2020-12-29 05:06

    Another possible option is to switch to the SignTool.exe. It comes with the Windows SDK and signing a binary that has already been signed does not generate an error. I use signtool.exe in my build process and haven't any difficulties with it, even when something is already signed.

    Also, check out the question What's the main difference between signcode.exe and signtool.exe?

    0 讨论(0)
  • 2020-12-29 05:08

    Check if your build tool supports "Re-signing". This should replace all existing signatures.

    If not, you can use Stud_PE to remove the signature block. Open the DLL or EXE in Stud_PE, go to the sections tab, right click the digital signature section and select "Delete section". However, this needs user interaction. Old versions of the tool could destroy the file.

    0 讨论(0)
  • 2020-12-29 05:16
    signtool remove /s C:\path\to.exe.or.dll
    

    signtool is available in Windows SDK, and must be at least from Windows 8 SDK kit (version 6.2.9200.20789) to have the remove command supported.

    0 讨论(0)
  • 2020-12-29 05:16

    You can use delcert.exe from the this XDA Forum post.

    here is a small tool that strips (removes) digital sign (Authenticode) from PE executable files like *.exe, *.dll, *.mui, etc.

    0 讨论(0)
  • 2020-12-29 05:17

    It's fairly easy to remove the signature from a .dll file using the ImageRemoveCertificate API.

    You don't have any language specified in your tags but this article shows how to implement it in C#. Remove digital signature from a file using C#

    Other than that, if you are looking for a simple tool to do the work for you, you can use FileUnsigner.

    0 讨论(0)
  • 2020-12-29 05:18

    Sure it's possible, but not trivial.

    Although it would be easier to save a copy of the presigned DLL.

    This digital signature is little more than an extra section appended to the end of a PE file. You could write a program that deleted the signature, if you want.

    It's not quite as simple as truncating the file; you have to remove references to the signature in the file header. It could get complicated if the DLL has multiple signatures and you just want to remove one.

    The format of a PE file is publicly documented here

    0 讨论(0)
提交回复
热议问题