EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Can I check integrity of the caller process?

As described in this question, you can perform checks in OnOpenFile/OnCreateFile callbacks / event handlers.

Authenticode signature of the process' main EXE file and all its DLLs can be verified using PKIBlackbox package of our SecureBlackbox product.

Such check should be performed from OnOpenFileC/OnCreateFileC, but to improve performance you need to cache validation results. For example, you need to calculate CRC32 of the EXE file and remember it together with validation result. On next checks you don't perform full validation but only compare the CRC32. If the CRC differs, then you don't need full certificate re-validation.

Return to the list


Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!