The X509Certificate2Collection.Import
method allows to retrieve all certificates from an executable file or from an MSI package. That's fine.
Now I want to validate the certificates. The X509Certificate.Verify
method validates a certificate against the current time (the Reflector confirms: it uses DateTime.Now
).
So my first question is how to validate the certificates against the signed time? An option would be to retrieve an Authenticode data, but there are no built-in support in .NET.
The second question is how to validate the signatures?