C#: How to detect tampering of authenticode signed file

Question

I\'m trying to write a C# program that verifies the digital signature of exe\'s. The exe\'s are signed with an authenticode certificate, and I want to detect tampering.

Answer 1

I'm assuming you've scoured the .NET Framework docs and didn't find what you needed. The answer to this StackOverflow question has a link that describes how to use the native Windows CryptQueryObject function to verify a signature. So all that's left is to check out PInvoke.NET to see how to bring that function into .NET.

Answer 2

Could you just shell to signtool.exe /verify, and check the result?

I recently wrote a simple app which signs executables using the same method, and it works great.

Signtool on MSDN