Re: Verifying a signed executable?


Thanks for that - if it's tedious and painful, I'll avoid it! I've used the checksum approach before, so I guess I'll just stick with it!

Thanks again.


Chris Tacke, eMVP wrote:
Getting signing working can be a real tedious, painful process and if you're not trying to get trust levels implemented, I'd wager it's not worth the effort. Thjere are a lot of ways to attack the problem, but one simple mechanism would be that when you release your app, calculate a checksum and then just append it as 4 bytes to the end of the executable. The app could then check itself by running a checksum on itself and matching it to the last 4 bytes of the binary.