Stack Overflow
Stack Overflow

Questions tagged [authenticode]

Code signing is the process of digitally signing executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed by use of a cryptographic hash. Microsoft Authenticode (TM) is Microsoft's implementation of digitally code signing executables.

Code signing is the process of digitally signing executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed by use of a cryptographic hash. Microsoft Authenticode (TM) is Microsoft's implementation of digitally code signing executables.

185 questions
13
votes
1 answer

Should I sign my DLLs?

I have a C++ Windows app. I sign our installer and my executable, but I don't currently sign my DLLs (such as zlib1.dll). It is not a big deal to sign those as well, but can someone explain what the benefit is? For instance, will my program…
twk
  • 16,760
  • 23
  • 73
  • 97
12
votes
2 answers

Check whether a given executable is digitally signed and valid?

In my C#/.NET application I have to check if a given executable is digitally signed (preferably without Exception testing.) Then I need to check if its certificate is valid (based on installed root certificates) and if the files content is valid…
ordag
  • 2,497
  • 5
  • 26
  • 35
12
votes
1 answer

How does one correctly dual-sign code with a timestamp?

I have two code signing certificates (one SHA-1, one SHA-256) which I'd like to apply to the same file. I tried to append the SHA-256 certificate, but this fails: :: Signs with the SHA-1 certificate signtool sign /sha1…
Billy ONeal
  • 104,103
  • 58
  • 317
  • 552
12
votes
3 answers

Is there any way to check for digital signature on a file programmatically in Powershell?

I've a build script which signs a file with a digital certificate (Microsoft Authenticode). I want to create a test script which checks that the file is successfully signed. It's sufficient with a boolean indicating the existence of any signature on…
Nilzor
  • 18,082
  • 22
  • 100
  • 167
11
votes
4 answers

Sign every executable with an Authenticode certificate through MSBuild

I have an Authenticode certificate (.pfx) which I use to sign executables. How can I configure Team Build so that it signs every single executable (.exe, .dll, ...) automatically while building the project?
Mephisztoe
  • 3,276
  • 7
  • 34
  • 48
11
votes
2 answers

How to find WiX RemotePayload's CertificatePublicKey hash

I'm trying to resolve WiX RemotePayload hashes, but I'm not sure how the CertificatePublicKey attribute is found. Take, for example, the .NET 4.0 Package definition from WiX 3.6 sources:
Joseph Yaduvanshi
  • 20,241
  • 5
  • 61
  • 69
11
votes
2 answers

How do I read the digital signature information from a signed .Net assembly?

I am writing an assembly information application to be used in our software build process and am trying to read the digital signature information from a signed .Net assembly. I want to do in my C# code what Windows Explorer can do by right-clicking…
VinceJS
  • 1,254
  • 3
  • 18
  • 38
10
votes
1 answer

Verify Authenticode signature as being from our company for automatic updater

I am implementing an automatic update feature and need some advice on how to do this securely using best practices. I would like to use the downloaded file's Authenticode signature to verify that it is safe to run (i.e. originates from our company…
James Johnston
  • 9,264
  • 9
  • 48
  • 76
10
votes
0 answers

Verifying Authenticode with a self-signed certificate

If I have a self-signed certificate that is not in the machine's trusted root certificate store, how can I verify that a PE file is Authenticode-signed using that certificate without adding that certificate to the trusted root store? C# would be…
Myria
  • 3,372
  • 1
  • 24
  • 42
9
votes
1 answer

Why would a digitally signed executable be treated as unsigned until viewing certificate details

I'm getting a very odd result when running an executable that has been digitally signed. The executable was signed using signtool.exe using a proper level 2 code signing certificate (not self-generated). Testing on a Windows 7 machine, if i launch…
user534043
  • 91
  • 2
9
votes
4 answers

Managed Windows Service starts up slowly after digital signing

We recently tried out digitally signing our .NET binaries. We have a Windows Service which typically starts up within 10 seconds. However after we started digitally signing it, the time increased to around 20-30 seconds. Googling led to me…
Ganesh R.
  • 4,337
  • 3
  • 30
  • 46
9
votes
2 answers

Code signing for an individual for open source projects

I am getting a code signing certificate for my open source projects. I have a couple of questions about them: Being a unregistered company that develops open source projects, is there a way to get passed the verification process? If I register the…
SameOldNick
  • 2,397
  • 24
  • 33
8
votes
3 answers

CAPICOM - Verify SignedCode is from a Trusted Publisher without UI

I'm using CAPICOM in a .NET 3.0 C# app to check an Authenticode signature on an exe file. I need to make sure that the certificate is listed as a Trusted Publisher. Using signedCode.Verify(true) will show a dialog if the certificate is not already…
Chris John
  • 174
  • 6
8
votes
5 answers

.NET ClickOnce Signing results in "Unknown Publisher"

I am working on deploying a ClickOnce Application build on .NET 4.5 Here are the facts: I have a valid Comodo Authenticode Certificate The certificate is installed in my local cert store The project properties for "Signing" tab show that the…
Will Gillen
  • 93
  • 1
  • 4
8
votes
1 answer

Using Authenticode with a ClickOnce WPF application

All right, I'm not doing something right, and I need some help. Here's what's happening: I have a "real" Authenticode certificate from Comodo that I have paid for. I'm trying to sign and deploy a WPF application written in Visual Studio 2012 and…
Jason Williams
  • 1,283
  • 2
  • 11
  • 31
1
2
3
12 13