Stack Overflow
Stack Overflow

Questions tagged [authenticode]

Code signing is the process of digitally signing executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed by use of a cryptographic hash. Microsoft Authenticode (TM) is Microsoft's implementation of digitally code signing executables.

Code signing is the process of digitally signing executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed by use of a cryptographic hash. Microsoft Authenticode (TM) is Microsoft's implementation of digitally code signing executables.

185 questions
7
votes
1 answer

Set-Authenticode appears to incorrectly sign the specified assembly

I'm having trouble signing a .NET Standard 2.0 assembly using the Set-Authenticode powershell function as part of an Azure DevOps pipeline. I have written a little bit of powershell to go through assembles in a directory and apply signatures to each…
Adam Drewery
  • 1,508
  • 1
  • 17
  • 25
7
votes
2 answers

Amended code to retrieve dual signature information from PE executable in Windows?

I've been struggling for awhile to amend this code sample from Microsoft that shows (somewhat outdated) way how to retrieve a code signature information from an executable file. It works but it doesn't retrieve information if a binary file is…
MikeF
  • 1,021
  • 9
  • 29
7
votes
5 answers

How to Authenticode sign ClickOnce deployment with an EV SHA2 cert and avoid "Unknown Publisher"

When signing my ClickOnce deployment via Visual Studio's project "Signing" settings page I specified our SHA2 (SHA256) EV Authenticode certificate and publish. After publishing and attempting to run the bootstrapper (setup.exe) I'm presented with…
Adam Caviness
  • 3,424
  • 33
  • 37
7
votes
2 answers

What is the structure of AppxSignature.p7x?

Universal Windows apps are in .appx file, which is simply a zip of a bunch of files and metadata. Most of the metadata files are extensively documented on the Microsoft website and are trivial to parse and/or regenerate. However AppxSignature.p7x…
Dima
  • 2,012
  • 2
  • 17
  • 23
7
votes
1 answer

How to list all signatures with signtool.exe while verifying against the kernel signing policy

So I am signing a binary using signtool from the Windows SDK 8.1: "C:\Program Files (x86)\Windows Kits\8.1\bin\x64\signtool.exe" sign /a /i Symantec /ac C:\utils\MSCV-VSClass3.cer /ph /t "http://timestamp.verisign.com/scripts/timstamp.dll"…
0xC0000022L
  • 20,597
  • 9
  • 86
  • 152
7
votes
2 answers

Sign PowerShell script on non-Windows platform?

I'm working on a project where we are remotely deploying software using a configuration management, part of which delivers PowerShell scripts to Windows servers, which are then executed in order to perform parts of our setup and/or configuration.…
AresonDeladious
  • 131
  • 5
6
votes
1 answer

What is Authenticode equivalent for .NET Core on Linux?

On Windows, there is Authenticode to sign .NET Core / .NET 5 assemblies (please note that I am not referring to Strong Name Signing which is different). This prevents tampering and guarantees authenticity. I am new to .NET Core on Linux. What is…
A X
  • 905
  • 2
  • 13
  • 31
6
votes
5 answers

SignTool unexepected internal error

I am running SignTool with the following command: signtool sign /f keyfile.pfx /p mypassword pathToMsiFile.msi and i get the following error: SignTool Error: An unexpected internal error has occurred. Error information: "Error:…
ravyoli
  • 698
  • 6
  • 13
6
votes
2 answers

Should Open-Source Libraries be Digitally Signed

It is a good practice to always sign executable files (exe, dll, ocx, etc.). On the other hand, with an open source project it may considered disregarding the contributions to the project from all other developers. This is quite an ethical dilemma…
Teoman Soygul
  • 25,584
  • 6
  • 69
  • 80
6
votes
2 answers

Check digital signature of OSX (.dmg) file in Windows

I am currently checking that the digital signature of windows installer files (.msi) is valid in C# using the WinVerifyTrust api. I am also verifying that the thumbprint from the signature is from a known list. I need to do the same for Mac OSX…
SturmUndDrang
  • 1,876
  • 5
  • 27
  • 47
6
votes
1 answer

Code Signing Certificate Reputation with SmartScreen Filter

I am using a standard (i.e. not EV) Authenticode code signing certificate to sign a Windows desktop application in the hope that Smartscreen Filter will eventually stop blocking it. I was hoping to certify the application but since my code signing…
Lee Grainger
  • 206
  • 4
  • 11
6
votes
1 answer

Verifying authenticode signature upon execution of .NET app

I feel like I'm missing something obvious here, but I don't see it written anywhere. I sign my executables using an Authenticode certificate, but as I've started to learn a bit more about it, I am questioning the value as-is. A signed exe has a…
gregmac
  • 24,276
  • 10
  • 87
  • 118
6
votes
1 answer

Verify Authenticode of an exectuable with C# .NET 4.0

We deliver an executable to a client-service which starts this executable in a new process after downloading it from our servers. The executable is signed (authenticode) with the CodeSigning-Certificate of our company and now i'd like to verify,…
Sven Eppler
  • 1,646
  • 1
  • 15
  • 26
6
votes
2 answers

Disabling authenticode signature verification in .NET exe without app.config

Does anyone know how to disable authenticode signature verification in a .NET executable (to avoid slow startup) without using an application config file? In other words, do this:
Joe Albahari
6
votes
2 answers

What happened to signwizard in signtool of Windows SDK 7.0?

I'm looking for the convenient signwizard in signtool.exe but cannot find it anymore in the Windows SDK 7.0. Is it in a separate tool now or is there only the CLI left?
Marc
  • 9,012
  • 13
  • 57
  • 72
1 2
3
12 13