I want to check that some dll's and exe's are authentic prior to loading. It seems as though both of these functions can validate the certificate chain. Do they essentially do the same thing or can someone explain how they differ?
X509Chain.Build() X509Certificate2.Verify()
From what I've tried, they both return a pass or fail depending on whether the cert chain can be authenticated back to the root CA.
X509Certificate2.Verify() just calls X509Chain.Build() with default options (and then disposes the detailed results to reduce finalization queuing), as can be seen in the source for Verify().
If you don't need to customize anything on the policy, X509Certificate2.Verify() is fine. If you need/want to customize something then using X509Chain directly is required, and you should skip calling Verify.