Open beeradmoore opened 3 years ago
cftad
commented
3 years ago Based on the alternative of using P/Invoke, it'd likely be best to take on a dependency and use something like AutheticodeExaminer as it wraps the native libraries and comes from a reputable author.
beeradmoore
commented
3 years ago I already have it functioning with WinTrust win32 API.
Panicked when I found 2 of the older dlls failed the check, but it turns out it's because they were signed with nVidias own cert which isn't fully trusted.
(Either that or bad dlls ware distributed with Battlefield V 👀)
TechPowerUp says "All files are digitally signed with NVIDIA's signature, so you can be sure they are unaltered." We should find a way to validate these dll signatures on use as well (not because we don't trust TPU, but because dlls sitting around on a computer can easily be replaced by a bad actor)