Stack Overflow
Stack Overflow

Questions tagged [authenticode]

Code signing is the process of digitally signing executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed by use of a cryptographic hash. Microsoft Authenticode (TM) is Microsoft's implementation of digitally code signing executables.

Code signing is the process of digitally signing executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed by use of a cryptographic hash. Microsoft Authenticode (TM) is Microsoft's implementation of digitally code signing executables.

185 questions
2
votes
0 answers

PowerShell modules update fails after replacing code signing certificate

We recently renewed our code signing certificate which I also use for signing PowerShell modules. The original certificate was from VeriSign which was acquired by DigiCert and they are now the CA. This causes our PowerShell modules update to fail…
Mickey Cohen
  • 997
  • 7
  • 23
2
votes
0 answers

Assembly.Evidence in .net core

I have some .net framework code to port to core. One task is to verify the authenticode signature of a certain assembly is from a specific certificate. In .net framework its done like this Publisher p =…
James Hobson
  • 193
  • 2
  • 8
2
votes
1 answer

Set-AuthenticodeSignature won't perform SHA256 Timestamp?

Signing Windows binaries on Server Core Windows Server 2019 Datacenter Edition with Visual Studio 2019 Community. signtool.exe was not behaving correctly (issues opening PFX file), and so we were advised to switch to PowerShell +…
yano
  • 4,095
  • 3
  • 35
  • 68
2
votes
3 answers

C - Verify code signatures - Windows API

I need to verify code signatures of binaries. Microsoft Authenticode I think is the term. Is there a sane way to do this using the Windows API?
unixman83
  • 9,421
  • 10
  • 68
  • 102
2
votes
2 answers

Problem with ENGINE_load_private_key and PKCS#11

Being stuck with signing (Authenticode) using PKCS#11 tokens, and given the amazingly poor driver support from the vendor (SafeNet), we're signing Windows code on Linux. All of this is working fine using all of our tokens on several build servers. …
MushyMiddle
  • 419
  • 6
  • 14
2
votes
1 answer

OpenSSL C API: Certificate chain validation with CRL

I'm trying to perform certificate chain validation for Windows executable files, which also includes check for revoked certificates, using OpenSSL 1.0.2 C API. I have the CRL files stored locally and I want to load them during verification (as…
Sam Tatasurya
  • 223
  • 2
  • 15
2
votes
0 answers

What files should be code-signed with an EV certificate

I'm currently looking at how my company signs our files. Currently we use an EV certificate to sign almost every file in our installer, including the installer. I'm new to this code signing stuff so I may get somethings wrong. Unfortunately…
Apeiron
  • 694
  • 7
  • 13
2
votes
1 answer

Programmatically check authenticoded files in NuGet Package

Is there a way to check a dll file inside a NuGet package when installing it using NuGet API. Scenario: I want a c#/.net application to be able to update itself at runtime using NuGet packages. Since this is obviously pretty risky I would like to…
Ritzelprimpf
  • 176
  • 1
  • 11
2
votes
0 answers

Digital signature information in a cab file?

I've been trying to check for digital signatures on .cab (Windows cabinet) files programmatically. This will likely be deployed on a linux box so I can't use WinVerifyTrust. I've been using Sigcheck to get the actual value (it will show you whether…
Vishwa
  • 21
  • 4
2
votes
2 answers

How to validate authenticode for Javascript in C#

I was able to sign a js file with PowerShell Set-AuthenticodeSignature. After that i can see signature appeared in file in form of: // SIG // Begin signature block // SIG // MIIKgAYJKoZIhvcNAQcCoIIKcTCCCm0CAQExCzAJBgUr // SIG // .... // SIG // End…
Aleksei Anufriev
  • 3,206
  • 1
  • 27
  • 31
2
votes
1 answer

Avoid "Windows protected your PC" message for a authenticode cert signed install4j installer

Any clue how to avoid my installer triggering the Windows protected your PC message upon launch? I thought signing with Authenticode was supposed to fix this but alas not. Whereas the unsigned installer described publisher as unknown, the signed…
Peter Kahn
  • 12,364
  • 20
  • 77
  • 135
2
votes
1 answer

Automate Extended Validation (EV) code signing After Windows 10

On this brilliant thread: Automate Extended Validation (EV) code signing There are instructions about how to setup SafeNet Authentication client to avoid typing the password each time singtool is used. The proposed solution is: 1) Use "Enable single…
IgnacioHR
  • 568
  • 4
  • 20
2
votes
1 answer

Secure Authenticode key on a build server

I'm trying to figure out how best to set up Authenticode signing at my workplace. The security implications are stressing me out. My initial thought is that the person who controls the key should install it to the build server and secure it so that…
user1228
2
votes
1 answer

How can I make SignerSignEx2 use the machine key store instead of the user one?

I'm currently trying to use the SignerSignEx2 function to sign a DLL with Authenticode. For that purpose I created a private key and put it into the machine key store (so the file would be stored in…
chrischu
  • 3,047
  • 3
  • 27
  • 44
2
votes
1 answer

How do I sign a VSTO deployment?

Client purchased a code-signing certificate, and it came with a .pvk file and a .spc file. I am familiar with the .pvk file, but Visual Studio doesn't recognize the .spc file. When I try to load the .spc file as the ClickOnce Certificate, a message…
Jeremy Boyd
  • 5,245
  • 7
  • 33
  • 57
1 2 3
12 13