Autorun and digital signature (2)

In the previous article, Autorun is very useful. The trouble is that others may use it to do bad things. Someone else may use it to run his dangerous program, steal information or even destroy the device, or even your own Autorun may be infected with viruses. One way to deal with this is to put Autorun in a directory that is not easy to guess and give it a strange name. It cannot solve the problem from the root, but it is better than no. The fundamental solution is to add a digital signature to Autorun. Windows Mobile devices seem to have built-in support for program digital signatures. Windows CE does not support it directly, but it also provides some necessary components. With these components, we can implement the digital signature function on our own. The process consists of three steps: generate the key and sign Autorun. EXE, and verify Autorun. EXE:

• Generate key

1. Generate a pair of public/private keys using the key generation tool on the PC;
2. The private key is properly kept somewhere and used to generate digital signatures for Autorun. EXE;
3. The Public Key is embedded in the CE kernel to verify the digital signature of Autorun. EXE.

• Sign Autorun. exe

1. The development of Autorun programs is exactly the same as that of common Windows CE;
2. After the EXE is compiled, use the signature tool to append the signature to the EXE to make it Autorun. EXE;

• Use Autorun. exe

1. When a USB flash drive is inserted to the CE device, the system checks whether Autorun. EXE exists in a specific directory on the USB flash drive;
2. If yes, use the public key in the kernel to verify its signature;
3. If yes, run Autorun. EXE.

Using the Wikipedia diagram, the digital signature creation and verification process is as follows:

There are several steps to implement the Program's digital signature on WinCE:

• Use the makecert.exe tool of Visual Studio to generate the key:

Makecert-SV mycert. PVK-A sha1-len 1024-sky signature-n "cn = xxxxxxx, O = yyyyyyy" mycert. Cer

The preceding command specifies the sha1 algorithm. The key length is 1024 bits, and the certificate file mycert. CER and private key file mycert. PVK are generated.

• Cert2spc.exe converts a CER file (X.509 Certificate) to a SPC file (software publisher certificate)

 

Cert2spc.exe mycert. Cer mycert. SPC

• Use pvk2pfx.exe to merge the. SPC file and. PVK file into a pfx-format (Personal Information Exchange) file. 1234 is the password to protect the pfx file.

Pvk2pfx.exe-PVK mycert. PVK-SPC mycert. SPC-F-po 1234-pfx mycert. pfx

• Sign autorunwith signfile.exe:

Signfile.exe -fautorun.exe-xmycert. pfx-ppubkey. H-w1234-

Using the command above to sign autorun.exe, the Public Key (pubkey. h) is also exported in the form of a C header file ). Pubkey. H should be placed in BSP and used to verify the digital signature of Autorun. EXE. The public key can be exported once.

To verify the signature in BSP, you must implement oemcertifymodule and oemcertifyinit. The signature verification algorithm CE is provided in loadauth. Lib. For more information about the usage, see msdn.

In the authorization command, signfile.exe is the source code (D: \ wince500 \ public \ common \ oak \ tools \ signfile) provided in platform builder. c) based on the changes, the Code provided by Pb can only obtain certificates from the Windows registry, which is inconvenient for the management and use of certificates. The modified version can read certificates from the pfx file. Other tools can be found online. Or download it from me (including my modified singfile. C code ):

Http://files.cnblogs.com/singlerace/KEYTOOL.zip