0

I was playing around with code signing my app in Visual Studio (strong name key file pfx with password). My understanding is that once signed, the assembly would not be able to be reassembled with edited code.

I tested this out. I disassembled the dll to il, changed some string value and was then able to successfully reassemble using ilasm. I didn't think that would be possible.

Is that because the code is self signed?

Romano
  • 1
  • 2
  • Did you [verify](https://learn.microsoft.com/en-us/windows/win32/seccrypto/using-signtool-to-verify-a-file-signature) the signature after reassembling? – dxiv Dec 26 '20 at 17:30
  • Yes I did. It says ".dll is a delay-signed or test-signed assembly" whereas the original says ".dll is valid". But I thought it would fail reassembling? – Romano Dec 26 '20 at 17:40
  • The digital signature just verifies the integrity of the signed piece, or lack thereof. It does not (and could possibly not) prevent tampering by itself. – dxiv Dec 26 '20 at 18:03
  • I thought the point of code signing was not only verification of the author, but also to prevent tampering of the assembly. I'm able to alter the code, reassemble, swap out dlls and then run the application. Surely that should not be possible? I'm trying to understand the reason behind this? If it's because of self-signed cert, or because it's all on the same dev machine/user? – Romano Dec 26 '20 at 18:22
  • Neither. Signing the binary certifies its integrity, which is the part you do. Verifying and/or enforcing the validity of digital signatures at the other end is a matter of policy that you have no control over. – dxiv Dec 26 '20 at 18:56

0 Answers0